NDSS

User Expectations and Understanding of Encrypted DNS Settings

Alexandra Nisenoff, Nick Feamster, Madeleine A Hoofnagle†, Sydney Zink. (University of Chicago and †Northwestern)

Domain Name System (DNS) queries map domains that are readable by humans into their corresponding IP addresses. As a way of mitigating the privacy risks associated with DNS queries, protocols such as DNS over HTTPS (DoH) and DNS over TLS (DoT) have been adopted by many major browsers and operating systems. In this paper we present the results of a small-scale online survey with the goal of probing users’ sentiments on Private DNS in Android 9 Pie as well as DoH in Firefox. As many users decide to stick with the default setting, it becomes paramount developers choose defaults that benefit users. While many users choose to stick with the default setting, even given additional information, there are users who would change their DNS settings when given information on what the specific settings actually do. We also see that users believe DNS settings accomplish one thing, but actually the settings do something else. Finally, the survey uncovered interesting trends in users’ knowledge of and trust in DNS service providers.