Android 13 finally adds native support for DNS over HTTPS
Android has supported DNS-over-TLS (DoT) since Android 9.0 Pie. It’s available in your phone’s Network & internet settings under the name Private DNS. In September last year, a code change spotted in the Android Open Source Project (AOSP) suggested that Google was planning to add DNS over HTTPS support in Android 13. And, it’s now finally official.
As spotted by Esper’s Mishaal Rahman, Android 13 finally adds native support for DNS over HTTPS (DoH). On the most basic level, both DoT and DoH do the same thing: encrypt DNS traffic. DNS over TLS uses TLS (also known as SSL) to encrypt traffic, while DNS over HTTPS uses HTTP or HTTP/2 protocols to send DNS queries and responses.
However, using DoH instead of DoT has some advantages. DoT uses a dedicated port where anyone at the network level can see incoming and outgoing traffic — however, the content itself remains encrypted. DoH, on the other hand, uses port 443, the standard port for HTTPS traffic. As such, requests and traffic sent over DoH can hide in with the rest of the HTTPS traffic, making it near impossible for attackers or network admins to monitor or block DoH queries. Popular browsers such as Mozilla Firefox and Google Chrome already offer DNS over HTTPS support.
Currently, there doesn’t appear to be a user-facing setting to access DNS over HTTPS on devices running Android 13 DP2. However, Esper reports that it can be enabled through the device_config boolean flag “doh” under the “netd_native” namespace.
Recent code changes on AOSP suggest Google is considering enabling DoH support by default in Android 13 though it’s not final yet.
Android 13 brings tons of new features, including auto-theming icons, per-app language support, full support for Bluetooth LE Audio, run-time permissions for notifications, and much more. In addition, the latest version also enables HDR video support in Camera2 API and introduces new gaming APIs that could significantly reduce game loading times.