The Hidden Truth Of DNS Logs: Phone Networks Aren’t As Safe As You May Have Imagined

What comes to your mind when you hear the term domain? It’s usually reserved for website addresses on the web where users get access to different online services. This could be social media or a search engine.

Now DNS or domain name service (DNS) is what translates such addresses from human form to IP addresses. But did you know that innocent DNS could give rise to a major security flaw that users have no clue about?

Experts are speaking about how one app can link to dozens of web pages online when idle. Moreover, an idle device would give rise to thousands of queries linked to DNS each day and the matter is far worse.

Logging into an app and forgetting about it can link you to 30 domains as per new research from Independent (via Cybernews).

Researchers conducted an experiment on the leading social media platform Reddit where they found this app and China’s instant texting app QQ to be linked to 19 domains. Amongst those leading include Instagram and the X platform which are linked to 10 domains alone without having interactions with users.

The figures seem to be quite modest when you compare them to those who are active on the app. The exact figures for domain counts prove how they vary depending on various devices, settings, and the users involved.

As per a new privacy report, the situation is serious and experiments regarding idle platforms across iPhones and Android prove how there are close to 100 platforms downloaded. When these are not used, the average is 3300 DNS queries generated every single day when compared to the likes of 2323 rolled out by Android alone.

Some of the requests landed from nations deemed high risk like China and Russia, which is itself alarming.

You can imagine the DNS server to be very much similar to that of the web’s phonebook where they resolve respective domain names and link those to IP addresses. Now, the problem comes with tracking where it keeps getting worse with time as devices roll out DNS requests after the previous request has expired. And surprisingly, one request is the equivalent of many real API calls.

Just imagine how a device making 100 DNS questions every hour could attain access to the right servers nearly thousands of times in that 60-minute time frame. But what’s the issue is a question that is on many people’s minds.

See, the figure for domains that a device gets access to, and the connection frequency is not giving hints about what’s being sent.

It’s really related to how the frequency of tracking user data increases with every service in use. So apps could contact domains and deliver the right content like music and videos, images, and whatnot.

The solution is to review and make adjustments to the settings every 3 to 6 months or when the user sees a change to the app’s privacy features. But whatever options are being rolled out by companies are just not enough, privacy experts add.

The goal is to filter unwanted traffic and if you wish to be more cautious about your online privacy, you want to give some tools like ad blockers and DNS filtering tools a shot which not only restrict figures for apps but also add limits to background activity taking place. Similarly, they disguise user location and their IP addresses with the help of VPN connections.

Privacy and security experts expressed how those who feel they’re more of a target or vulnerable than others by threat actors should take necessary precautions. They might want to make use of features like Apple’s Lockdown Mode that offer protection against the most sophisticated attacks online.

Image: DIW-Aigen

Read next: Study Reveals Most Trusted and Distrusted Big Tech Companies in the US
Previous Post Next Post