Cloudflare today announced its first consumer service product — an offering aimed at making web browsing more private. The company launched a new public Domain Name System (DNS) resolver service to protect users from spying while speeding up their experience on the web. And no, it’s not an April Fools’ joke.
DNS resolver services provide computers with the IP addresses they need to access servers based on their URLs. In other words, it’s what transforms venturebeat.com into the information necessary to show you this web page.
These resolvers also hold a great deal of power when it comes to user safety and privacy. Because DNS is essentially the roadmap for connecting computers with servers, it’s possible to know a great deal about someone’s online behavior based on the queries they send through DNS. That’s one of the reasons Cloudflare opted to work on this service, according to cofounder and CEO Matthew Prince.
The company has seen governments use the DNS infrastructure as a means of censoring internet traffic, and this new service should help guard against that. Also, Cloudflare supports DNS over HTTPS, an approach to serving these queries that should make them more secure but requires more buy-in before it can take off.
So what’s in it for Cloudflare? After all, they aren’t operating a charity. This new service will allow Cloudfare to further speed up customers’ websites. The idea came to the company when it was looking into how to get customers’ sites to respond faster.
“And we came to the conclusion that the only way is if we ran not just the authoritative DNS service, which is the part that serves the content producers, but if we ran a consumer DNS service,” Prince said. “And while [that consumer service is] fast if you’re going to someone who is not a Cloudflare customer — it’s the fastest in the world — if you’re going to a Cloudflare customer, it is blindingly fast.”
On the privacy side, Prince said that the company will be erasing all of the logs for the service and won’t be keeping any of the IP addresses from people accessing the service.
“We’re committing to, and actually having a third party come in and audit the fact that we’re destroying all of the logs within 24 hours, we’re never writing any of the source IP addresses to disk, and that’s the only personal identifiable information that would be there,” Prince said.
People interested in giving the service a try can punch 220.127.116.11 into their web browsers, which will provide them with device-specific instructions about how to set up the DNS service.