Earlier this week, a Google employee named William Chan published a post on Google Plus about the way his team was planning to solve some problems that the Chrome browser was having delivering Web addresses.
The issues, and the solution, are highly technical. But they boil down to this: in order to deliver pages faster, Google is going to make it possible for the browser to resolve Web site addresses like www.google.com into IP addresses like 188.8.131.52 that machines on the Internet can read.
Currently, Chrome follows standard industry practices to resolve Web addresses: Chrome sends a request to the underlying operating system which reaches out to another computer on the Internet known as a DNS server. This process gives a computer user control over which DNS server to use.
At this point, even if you have a moderate interest in technology, you will probably be wondering why this is news.
The changes to Chrome matter a lot because they mean Google will be in a position to steer all the traffic from Chrome browsers to Google’s own DNS servers. This could provide Google with vast insight into what is happening on the Web, including on competitors’ sites like Facebook.
Depending on your perspective, this gives Google a great competitive advantage, or raises questions about the applicability of the Sherman Antitrust Act.
There’s also a user privacy issue. Now, I use Google Public DNS and I’m not worried about Google secretly spying on my Internet traffic. But there is very little to stop Google should it decide there is a compelling need to closely inspect unencrypted packets hitting its DNS servers.
The issue was pointed out to me by David Ulevitch, whom I interviewed last month for my post “A Closer Look at Google Public DNS.” Unlike most people on the planet, Ulevitch has skin in this game. He runs a service called OpenDNS, which competes with Google Public DNS. The implications for David are that Chrome will now be able to override his users’ choices. Instead of allowing the operating system to resolve an address via OpenDNS, Chrome would, at least in theory, ensure the address is resolved by Google Public DNS.
“It’s a dangerous combination when you control the browser, search and DNS,” Ulevitch said. “It’s like Microsoft back in the day when it controlled the browser and the desktop operating system and dominated the market for office apps.”
Few people realize how much information a DNS server sees.
There seems to be a belief that all the information we send over the Internet—in the form of emails, search requests, Facebook posts, etc.—is written in invisible ink, because we humans can’t see it. But machines can easily read unencrypted information. A machine attached to a DNS server doing deep packet inspection is the equivalent of a person sitting at the central post office and opening every piece of mail.
This is why it’s worth it for ordinary people to ask questions about what Google is going to do with the information it collects as a result of its giant DNS service, which is now the largest public DNS service in the world. How long does it keep it? Will it be used to target ads? How does it ensure private information will stay that way?
I contacted Google to talk about the implications of the proposed changes. I still haven’t heard back from the company. I will post their response as soon as I do.