Some of our services appear not to be working at the moment.

Our team has been notified, and is working on sorting out the issue.

Safe Surfer invests in modern technologies to make surfing the web a safer experience for you. We have been keeping our eye on a new set of technologies that is being freshly released to devices by major technology companies and organisations via device updates: DNS over HTTPS (DoH) and DNS over TLS (DoT).

Apple, Microsoft, Google, and Mozilla have been releasing support for DoH and DoT into their products since 2019 and 2020. In this article we will explain what these two terms are and how Safe Surfer will be using them in the future. To begin, it will be helpful to break down in layman's terms how the basics of Internet networking works. If you just want the brief on DoH and DoT, you can skip to the "How is DoH and DoT useful to me?" section.

Internet networking 101

When you visit a website URL (e.g. the Safe Surfer dashboard at in a web browser, your browser has to convert this URL to a special set of numbers it understands. When you use the Internet on a device, you are likely using a networking protocol called Internet Protocol version 4 (IPv4). When you download and upload any kind of data over the Internet, this protocol performs the data transport work for you in the background—you do not see any of this occur. IPv4 operates over the public Internet using a special set of numbers, and these numbers are unfriendly to memorise. For example, "translates" to—these are not easy to remember when you have a lot of favourite websites! This is where the Domain Name System (DNS) technology comes in.

DNS operates on computer servers, and it is like a telephone book for devices. Most people by default automatically use DNS servers that their Internet Service Provider (ISP) provisions by default. When you use broadband or mobile data and you do not manually configure your device or router to use a specific DNS server, chances are you will be using a DNS server that is run by your ISP.

Are there any downsides to classic DNS today?

Classic DNS has a major privacy flaw—any kind of URL request you make over the public Internet can theoretically be intercepted and read by anyone, even your ISP. This is called sending "plain text"—data that is not encrypted before it is sent.

What is DoH and DoT?

DoH and DoT are an encrypted form of classic DNS. Instead of sending data unencrypted, they encrypt the data being sent before it is sent using advanced cryptographic protocols.

DoH encrypts DNS data using the HTTPS protocol.
DoT encrypts DNS data using the TLS protocol.

Both of these methods are very similar, but they have differences from a technical viewpoint. From a consumer perspective, they both provide an extremely high level of privacy when it comes to encrypting search data. DoT takes advantage of newer technologies, so if you are given a choice and it is supported by your device, it is the better option of the two available.

Many operating systems and web browsers now either fully support or are in testing phases for DoH and/or DoT support. This includes, but is not limited to:

Operating systems:
Android 9 and higher
iOS 14 and higher; iPadOS 14 and higher
Windows 10 version 21H1 and higher (to be released early 2021)
macOS 11 Big Sur and higher (to be released late 2020)

As of publishing this article, Chrome OS currently does not support DNS encryption.

Web Browsers:
Any Chromium-based browser (e.g. Google Chrome, Microsoft Edge, Opera)
Mozilla Firefox

How is DoH and DoT useful to me?

The DoH and DoT protocols encrypt your Internet URL/IPv4 request data. This increases privacy for consumers.

How is Safe Surfer going to use these new technologies?

A major part of the Safe Surfer service relies upon the DNS technology (in DNS being a "phonebook", we can therefore allow or block specific websites). As classic DNS is progressively phased out for most consumers, we will be providing DoH and DoT options for our customers. Our iOS app now supports both DoH and DoT, and we also provide DoH and DoT URI links for operating systems and web browsers to use.
Was this article helpful?
Thank you!