Google has added support in Android for an experimental feature that will encrypt DNS requests and prevent network-level attackers from snooping on user traffic.
This new feature is named "DNS over TLS," an experimental protocol currently receiving comments at the Internet Engineering Task Force (IETF), an Internet standards body.
As the protocol's name alludes, DNS over TLS will encrypt DNS traffic, similarly to how HTTPS encrypts HTTP traffic.
The purpose of DNS over TLS is to hide what DNS requests the user is making. Privacy-wise, this is an important, as DNS requests have been the Achille's heel of HTTPS.
Even if traffic goes over HTTPS, an attacker can observe DNS requests and guess what sites the user is accessing. By encrypting these requests too, the user's privacy is protected in full.
Android developer news site XDA was the first to spot two code commits to the Android source code that read "Add a global setting to disable DNS over TLS" and "Add a developer option for controlling DNS over TLS."
It is unclear if support for DNS over TLS has already been added to the OS, or support will be added in a future update, but the presence of the on/off options means Google is serious about testing the feature.
The new feature won't prevent ISPs from knowing what sites a user is accessing, as the ISP will always see the IP address the user is communicating with.