The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

Browsing Experience Security Check: How secure is your browser?

Download PC Repair Tool to quickly find & fix Windows errors automatically

Privacy is not just breached by websites which you often visit, but they are also violated by ISPs, public WiFi connection and so on. It is recommended to use a VPN which makes sure to block websites to build your profile. However, if you cannot, we would highly recommend doing a browsing experience security check.

Cloudflare has developed an ESNI checker or Encrypted Server Name Indication tool. This service can check if your browsing experience is safe and the DNS queries are encrypted. That said, let’s understand one thing clearly. Don’t expect good results if you connect to Public WiFi or open networks. This tool can help you know the legitimacy of a tool you are using or any service which claims to be secure.

Browsing Experience Security Check

Browsing Experience Security Check

Cloudflare ESNI checker automatically test:

  1. Whether your DNS queries and answers are encrypted
  2. If DNS resolver uses DNSSEC,
  3. The version of TLS is used to connect to the page
  4. and whether your browser supports encrypted Server Name Indication (SNI).

Any failure indicates that browsing data could be vulnerable, i.e., anybody spoofing the network might tap into your data including servers you are visiting, or the certificate you are using. If the DNS response is fraudulent, you could also end up visiting and providing data to an unintended party.

How secure is your browser?

Once you run this test, you will get information about each, if they failed, and what do they mean. It also suggests solutions to help you resolve. That said, let’s get to understand what each of these terms means:

Secure DNS: Cloudflare DNS or Google DNS are examples of secure DNS. They make sure the data is encrypted when they leave DNS. Most of the ISPs don’t manage secure DNS. So if possible, make sure to change this on your computer or router.

DNSSEC: If you pass this, it means websites sending data is actually sent by them, and not anybody else.

TLS 1.3: It is the latest version of the TLS protocol and contains many improvements for performance & privacy.

Encrypted SNI: This feature makes sure to keep the hostname private when you are visiting an Encrypted SNI enabled site.

So if your browser supports it, does it make you secure?

Sadly, No. It is a two-way path. Support for ESNI should be available on the domain you are visiting. If the domain you visit doesn’t support DNSSEC, TLS 1.3, and Encrypted SNI, you are still potentially vulnerable.

I ran this tool on all browsers, but nobody seems to be perfect. Firefox was expected to bring this feature, but running this test with the latest version resulted otherwise. So if you fail the Browsing Experience Security Check, don’t get into a panic mode, this may take some time.

424 Shares

[email protected]

Ashish holds a Bachelor's in Computer Engineering and is a veteran Windows and Xbox user. He has work experience as a Database and Microsoft.NET Developer. He has been a Microsoft MVP (2008-2010) and excels in writing tutorials to improve the day-to-day experience with your devices.

Share via
Facebook
Twitter
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap