This post is also available in: עברית (Hebrew)
Cloudflare, the internet infrastructure and networking giant, has been expanding its focus to include mobile privacy and the security of connected devices.
On November 11, Cloudflare launched the official mobile apps for its 220.127.116.11 privacy-first DNS resolver service. The 18.104.22.168 service launched in April is a basic DNS server, but one for which Cloudflare has guaranteed user privacy and improved look-up speed.
Activists and journalists have used it to bypass blocklists in oppressive countries, and regular users have also used it to improve their day-to-day Internet connections, according to zdnet.com.
Furthermore, funneling DNS traffic through Cloudflare’s DNS server also prevents internet service providers from watching over a user’s traffic by looking at DNS logs.
In any event, users would also need to take other steps to hide traffic from nosy internet service providers, such as using an encrypted VPN or making sure the websites they access support HTTPS.
Connected devices (IoT, from toasters to connected cars) are used by billions of people around the world, but many of them are vulnerable to hacking attacks. As opposed to PC vulnerabilities patches and updates supplied by vendors, IoT manufacturers often haven’t built over-the-air (OTA) update mechanisms. Consumers never think about having to upgrade their internet-connected “toaster.”
So in another move earlier this year, Cloudflare launched an Internet of Things security service in what is perceived as another step in its overall approach to security.
If Cloudflare is going to manage and optimize customer data flow around the world anyway, the thinking goes, it might as well also take the opportunity to act as a middleman between customer systems and the Wild West of the open internet, evaluates wired.com.
Orbit service creates a secure and authenticated connection between an IoT device and its origin server. Orbit allows device manufacturers to instantly deploy “virtual patches” and block vulnerabilities across all devices on the network simultaneously. This keeps malicious requests from reaching devices, buys time for IoT manufacturers to carefully QA their updates, and keeps devices from leaking data or launching DDoS attacks, according to the company’s website.
The Spectrum enterprise service launched in April is aimed at taking the protections the company has added for internet services like websites and web applications and extending those defenses to all connected IoT devices.
Spectrum lets systems that connect to the internet, but aren’t part of the web, still virtually sit on Cloudflare’s network to benefit from DDoS defense, and Cloudflare’s initiatives to add data encryption to legacy protocols that can’t independently support it.
During the milliseconds when customer data is passing through Cloudflare’s network, the company can offer security services like temporarily interrupting connections to confirm that they’re secure, creating encrypted digital tunnels to safely escort data across the web, screening incoming traffic to catch anything malicious before it can cause damage, etc.