https://www.engadget.com/2017/10/23/google-android-dns-tls/Google's efforts to push websites to use encrypted connections is paying off. Just days ago, the search giant revealed that HTTPS use on its own products is at 89 percent overall, up from just 50 percent at the beginning of 2014. (Not sure what we're blabbering on about? Just peep the green lock icon and the word "secure" in the address bar). Now, Google is adding an extra layer of security to Android. XDA Developers has spotted that DNS over TLS (Transport Layer Security) support is heading to the mobile OS, according to the Android Open Source Project -- meaning DNS queries will be encrypted to the same level as HTTPS.
The Domain Name System (DNS) -- often referred to as the internet's phone book -- translates domain names (like
engadget.com) into machine-readable IP addresses. The process is hidden from users, but essentially applies to every website you visit. While TLS hides your DNS requests, it won't afford you full privacy (as your Internet Service Provider can still see the IP address you're communicating with). For that, you'll still need a VPN app. But, this is also about DNS robustness. TLS would make it harder for hackers to hijack a DNS to spy on users or, worse still, to direct them to fake sites and phishing pages.
Updates to the Android repository suggest you will be able to disable DNS over TLS, and that it may arrive on a future update.