Does DNS-over-HTTPS work with F-Secure FREEDOME?

In short: Yes, DNS-over-HTTPS works with F-Secure FREEDOME.

However, there are some further aspects to consider. These aspects require some understanding of how DNS (Domain Name System) works in the first place.

DNS has been the standard way to convert computer and domain names into numerical IP addresses used by the networking devices on the internet. Regular DNS requests have been sent from the devices of a user to the DNS servers operated typically by internet service providers. In this way, it has been possible for the DNS server owner to learn what sites and services the user is accessing. Also, it has been easy for the DNS server owner to block access to certain addresses.

To overcome these, a protocol called DNS-over-HTTPS (DoH) was introduced. As the name implies, the DNS requests are sent over an encrypted HTTPS connection. Several large network companies, such as Cloudflare and Google, have started to offer their DoH service for free to anyone. This allows the DoH service provider, instead of the internet service provider, to obtain information of all the sites for all the users who use their DoH service.

When FREEDOME is turned on, it will take over the traditional DNS requests and use its own DNS servers to resolve domain names into the IP addresses. The DNS requests are treated in accordance with FREEDOME's privacy policy (https://www.f-secure.com/en/legal/privacy/consumer/freedome), and users can be sure that their data is not sold, for example for marketing purposes.

Normally, DNS-over-HTTPS passes through FREEDOME just like any other HTTPS traffic, and it can be used instead of the DNS provided by FREEDOME. FREEDOME makes no difference between the regular HTTPS and DNS-over-HTTPS traffic. Note that DNS-over-HTTPS works within an application, typically a web browser. This limits the DNS-over-HTTPS protocol only to that particular application, and all DNS requests from other applications will go through the traditional DNS.

There is, however, at least one exception to this on Android: A popular app called Intra uses the DNS-over-HTTPS protocol, but it works technically as a VPN. There can't be multiple VPN products in use at the same time, so the Intra app cannot be used together with FREEDOME.

The question about whether to use DNS-over-HTTPS or not is about who to trust. Both the DNS server owner and the DNS-over-HTTPS server owner will see all the destination addresses the user goes to. Depending on the agreement with the user, the DNS server owner may or may not be able to use that data for other purposes than just for translating domain names into IP addresses. Large-scale service offering DNS-over-HTTPS (or plain DNS) is expensive to run, so the companies operating seemingly free DNS-over-HTTPS services may have financial interests in the data they obtain from the users.

Pricing & Product Info

For product info and pricing please go to the F-Secure Freedome product page

Version history
Revision #:
2 of 2
Last update:
4 weeks ago
Updated by:
 
Labels (6)