January 30, 2020
How to Protect Yourself Against DNS Leaks
Posted by Rhiannon
Every time you browse the web, your search results are returned to you through the use of the Domain Name System, or DNS (more on that later). If you also use a VPN while you browse, your natural expectation is that your DNS requests are encrypted. However, not all virtual private networks are up to snuff when it comes to protecting your privacy. In some cases, you may encounter a Domain Name System leak. When this happens, some or all of your browsing activity becomes unencrypted. That means third-parties like advertisers, governments, and your internet service provider can suddenly gather data about you. But what exactly is the Domain Name System, how do DNS leaks happen, and can you prevent them? Let’s take a look:
- What is the Domain Name System?
- What are Domain Name System leaks?
- How do they happen?
- How do you prevent them?
What is the Domain Name System?
Computers communicate with one another via the exchange of numbers. When the internet was first created, a person could only access a website by knowing its exact, numerical IP address. However, as the internet grew, it became impossible to remember every IP address out there. That’s where the Domain Name System comes in. The DNS was actually created in the early 80s, nearly a decade before the rise of modern internet. It functions as a sort of “contact list” to map and connect IP addresses with domain names. In order to work, every domain name in the world is stored in digital “nameservers.” Nameservers contain files which tell a computer “this domain name” connects to “this IP address.” The nameservers themselves are distributed around the world and are typically accessed through internet service providers.
When the internet began to expand, the Domain Name System was added to make navigation easier. Instead of needing to remember specific IP addresses, a person only needed to know the domain name to access a site. We continue to use this system today.
What are DNS Leaks?
Every time you make a DNS request, your internet service provider can see that request. However, many people would prefer to keep that information private. One of the most effective ways to do this is to use a virtual private network, or VPN. A VPN is a tool that encrypts all browsing activity. It also reroutes it through their own servers so no outside parties can see it. When using a VPN, most people expect that all of their data is hidden from prying eyes. However, not all virtual private networks are created equal. That means some of them are prone to DNS leaks. This type of leak happens when some or all of your DNS requests are revealed to third-parties. In general, there are two types of leaks:
- The DNS requests you make are sent to a server that does not belong to/is not hosted by your VPN.
- Your DNS requests are not made through your VPN’s encryption. They can be seen by all interested parties.
The biggest issue with DNS leaks is that, usually, the person using the VPN has no idea that they aren’t protected.
How Do Leaks Happen?
There’s a wide range of reasons for Domain Name System leaks. However, three particular reasons are the most common culprits. They are:
- Your VPN doesn’t offer DNS protection: In some cases, a virtual private network provider simply doesn’t encrypt your DNS requests. In this case, those requests are almost definitely visible to third-parties, or may even be sent to third-parties by your VPN.
- Your VPN’s DNS protection isn’t strong: Building DNS protection into a virtual private network is a difficult, time-consuming, and expensive process to do right and do well. Some VPNs take a stab at the process but then only get the job half-done. If this is the case, your DNS requests might be encrypted some of the time, but not all the time.
- Your VPN disconnects: Finally, in some cases, your VPN may actually offer DNS protection. However, if your connection to the VPN disconnects, your DNS requests may become visible to your normal ISP. Many VPNs don’t notify you that your connection has dropping, meaning you’ll remain unaware that you’ve lost encryption.
How Do You Prevent DNS Leaks?
Oftentimes, VPN users are unaware that they’ve been exposed to a leak. That makes it difficult to know if the service you are using is trustworthy or exposing your data. Rather than taking a chance, there are a few ways to help prevent leaks:
- Choose a reputable VPN: There are a lot of VPNs on the market, but not all of them offer strong privacy protection. Before settling for one option, take a look at sources not from the VPN’s website to get a sense of its trustworthiness. A good VPN should be recommended often, while a bad one likely has warnings against it.
- Go with a VPN that protects DNS requests: Most VPNs explain the main features of their product on their website. Choose one that specifically mentions DNS request protection. It might not be possible to gauge how successful their protection is, but it’s a step up from choosing a VPN with no protection.
- Opt for a VPN with a Kill Switch: In some cases, your DNS requests become visible when your VPN connection drops. Although a virtual private network might not be able to control connection stability, some have created a solution to avoid the DNS leak issue. That solution is a kill switch. In the event of a dropped connection, your VPN will automatically terminate any requests occurring over its servers, so there is no data to leak.
- Use a Leak Checker: Some VPNs offer “leak tests.” These tests will ask your browser to make a DNS request of one of their websites. If the request is shown to have come from your internet service provider, there’s a leak. If it comes from one of your VPN’s servers, you know your browsing is protected.
To protect yourself further, browse the web privately and safely with HotBot.com.
Posted by Rhiannon
More Blog Posts
February 14, 2023
How the Investigatory Powers Act Impacts Citizen Privacy
In 2016, the United Kingdom passed the Investigatory Powers Act or IP Act, into law. This act empowered the government and related agencies to access and collect citizen data, without consent. Critics immediately slammed the new law. The media dubbed it the “Snoopers’ Charter.” Meanwhile, Edward Snowden described the act as “the most extreme surveillance […] Read moreFebruary 14, 2023
How to Easily Unblock Wikipedia with HotBot VPN
Wikipedia puts a wealth of information at your fingertips. Everything from the biography of Alexander Graham Bell to the basics of quantum computing can be instantly opened by curious browsers. But what happens when you can’t access that information? Whether a business network blocks it or a particular country censors it, don’t let that slow […] Read moreFebruary 14, 2023