Since 9.0 Pie, Android supports the DNS-over-TLS (DoT), and now it seems that Android 13 will also implement DNS over HTTPS.
Last September, a code change detected in the Android Open Source Project (AOSP) indicated that Google was planning to add support for DNS over HTTPS to Android 13. And now it's finally official.
As noted by Esper's Mishaal Rahman, Android 13 finally adds native support for DNS over HTTPS (DoH). At the most basic level, DoT and DoH do the same thing. It encrypts DNS traffic, so they can't monitor, manipulate, direct traffic to fake sites.
DoT or DoH?
DNS over TLS uses TLS (also known as SSL) to encrypt traffic, while DNS over HTTPS uses HTTP or HTTP/2 protocols to send DNS queries and responses.
However, there are some advantages to using DoH instead of DoT. DoT uses a dedicated port where anyone at the network level can see incoming and outgoing traffic - but the content itself remains encrypted.
DoH, on the other hand, uses port 443, the standard port for HTTPS traffic. As such, requests and traffic sent over DoH can be hidden from the rest of the HTTPS traffic. This makes it almost impossible for attackers or network administrators to monitor or block DoH requests. Popular browsers such as Mozilla Firefox and Google Chrome already offer DNS over HTTPS.
Currently, it seems that devices running Android 13 DP2 do not have a user-friendly setting to access DNS via HTTPS. However, Esper reports that it can be enabled with the device_config flag "doh" under the "netd_native" namespace.
Recent AOSP code changes suggest that Google is considering enabling DoH support by default in Android 13, although this is not yet final.
Android 13 offers lots of new features. Including auto-themed icons, per-app language support, full support for Bluetooth LE Audio, runtime permissions for notifications and much more. In addition, the latest version enables support for HDR video in the Camera2 API. It introduces new game APIs that can significantly reduce game load times.