Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Google Boosts Android Privacy with Support for DNS-over-HTTP/3

Google Boosts Android Privacy with Support for DNS-over-HTTP/3

Google has added support for the DNS-over-HTTP/3 (DoH3) protocol on Android 11 and later to increase the privacy of DNS queries while providing better performance.

HTTP/3 is the third major version of the Hypertext Transfer Protocol, which relies on QUIC, a multiplexed transport protocol built on UDP, rather than TCP like previous versions.

The new protocol fixes the problem of “head-of-line blocking,” which slows down internet data transactions when a packet is lost or reordered, something quite common when moving around on mobile and switching connections frequently.

Also Read: Why data anonymisation makes sense for businesses

Protocol stack comparison
Protocol stack comparison (Wikipedia)

Android previously supported DNS-over-TLS (DoT) for version 9 and later to bolster DNS query privacy, but this system inevitably slowed down DNS requests due to the encryption overhead.

Moreover, DoT requires a complete renegotiation of the new connection when changing networks. In contrast, QUIC can resume a suspended connection in a single RTT (time needed for a signal to reach the destination).

With DoH3, many of DoT’s performance burdens are lifted, and according to Google’s measurements, achieves a 24% increase in performance for median query times. In some cases, Google has seen performance increases up to 44%.

Query latency measurements
Query latency measurements (Google)

Additionally, DoH3 may help with unreliable networks, even outperforming traditional DNS thanks to the proactive flow control mechanisms that immediately generate package delivery fail alerts instead of waiting for timeouts to elapse.

Also Read: The Singapore financial services and markets bill: Everything you need to know

DNS-over-HTTPS is already widely supported by many DNS providers to provide increased privacy when performing DNS requests.

With Google supporting DNS-over-HTTP/3 Android and DNS-over-QUIC now a proposed standard, we will likely see increased adoption by DNS providers shortly.

However, as part of this feature’s launch, Android devices will use Cloudflare DNS and Google Public DNS, which already support DNS-over-QUIC.

In the future, Google plans on adding support for other DoH3 providers through the use of Discovery of Designated Resolvers (DDR), which automatically selects the best provider for your specific configuration.

Secure and lean implementation

Another point of superiority of DoH3 is the use of Rust in its implementation, which resulted in a lean system comprising 1,640 lines of code that use a single runtime thread instead of DoT’s four.

“We built the query engine using the Tokio async framework to simultaneously handle new requests, incoming packet events, control signals, and timers. In C++, this would likely have required multiple threads or a carefully crafted event loop.” – Google.

The result is a performant low-level system with a few dependencies, is light, and uses a memory-safe language that reduces the number of bugs attackers can leverage to abuse it.


At the time of reading this, all Android devices running Android 11 and later should use DoH3 for Google DNS and Cloudflare DNS (more to be added soon).

In addition, a subset of Android 10 devices whose vendors adopted Google Play system updates early will also receive this new feature.

The end-users don’t have to take any action to enable the new feature, as Android will handle this part automatically.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us