The Alphabet incubator tasked with tackling “some of the toughest global security challenges”, from online extremism and cybersecurity to government censorship, has rolled out new tool aimed at defending against attacks on free speech around the globe.
Jigsaw on Wednesday announced the release of a new app, Intra, designed to protect Android users against the manipulation of DNS resolutions, a commonly used practice among repressive regimes to prohibit users from accessing information deemed off-limits by the state.
In Iran, for example, certain websites redirect to a government censorship page because, once queried, internet service providers, acting on the government’s behalf, automatically return a false IP address. The same is true of China’s Great Firewall (GFW), which returns false and, often instead, seemingly erratic IP addresses in response to DNS queries to government-blocked domains. Hundreds of websites are likewise blocked in Pakistan, and the list goes on.
DNS manipulation, often used in conjunction with IP blocking, provides authoritarian governments the means to suppress information viewed by those in power as objectionable, or religiously or politically unacceptable.
When a user attempts to reach an internet domain — gizmodo.com.au, for instance — the computer queries Domain Name System (DNS) servers for the IP address linked to that domain.
In the case of China, the GFW maintains a massive list of blacklisted domains. When a person using the Chinese internet attempts to reach a blacklisted site, the GFW will not pair the domain with its actual IP address, but instead injects a fake DNS reply containing a wrong IP, often belonging to a random, approved website instead.
Intra works, according to its creators, by simply encrypting the user’s connection to the DNS server. By default, it points to Google’s own DNS servers (Jigsaw’s parent company, Alphabet, also owns Google), but for users who prefer to use another (Cloudflare or IBM’s Quad9, for example) those settings can be changed within the app.
According to CNET, DNS queries will be encrypted by default in an updated version of Android Pie. Reportedly, however, around 80 per cent of Android users aren’t using the latest version of the Android operating system. For those, Intra is now available in Google Play.