Android supports DNS-over-TLS (DoT) since Android 9.0 Pie. It’s available in your phone’s Network & Internet settings as Private DNS. In September last year, a code change spotted in the Android Open Source Project (AOSP) suggested that Google was planning to add DNS over HTTPS support in Android 13. And it’s finally official.
As Esper’s Mishaal Rahman noticed, Android 13 finally adds native support for DNS over HTTPS (DoH). At the most basic level, DoT and DoH do the same thing: encrypt DNS traffic. DNS over TLS uses TLS (also known as SSL) to encrypt traffic, while DNS over HTTPS uses HTTP or HTTP/2 protocols to send DNS queries and responses.
However, using DoH instead of DoT has some advantages. The DoT uses a dedicated port where anyone at the network level can see incoming and outgoing traffic – however, the content itself remains encrypted. DoH, on the other hand, uses port 443, the standard port for HTTPS traffic. As such, requests and traffic sent via DoH can hide with other HTTPS traffic, making it nearly impossible for attackers or network administrators to monitor or block DoH requests. Popular browsers such as Mozilla Firefox and Google Chrome already offer DNS over HTTPS support.
Currently, there doesn’t appear to be a user-oriented setting to access DNS over HTTPS on devices running Android 13 DP2. However, Esper reports that it can be enabled via the device_config “doh” boolean flag under the “netd_native” namespace.
Recent code changes on AOSP suggest that Google is considering enabling DoH support by default in Android 13 although it is not yet final.
Android 13 brings tons of new features, including auto-theming icons, per-app language support, full Bluetooth LE Audio support, runtime permissions for notifications, and more . Additionally, the latest release also enables HDR video support in the Camera2 API and introduces new gaming APIs that could significantly reduce game load times.