- Aug 17, 2014
Google Chrome Canary users may enable experimental support for Encrypted Client Hello (ECH) now. Encrypted Client Hello, also referred to as Secure SNI, improves the privacy of Internet connections. It is rather technical, but broken down to its core, ECH protects hostnames from being exposed to the Internet Service Provider, network provider and other entities with the capability of listening in on the network traffic.
Google describes the feature in the following way:
"When enabled, Chrome will enable Encrypted ClientHello support. This will encrypt TLS ClientHello if the server enables the extension via the HTTPS DNS record"
Web servers need to support the feature, which means that it does not work on the majority of sites visited in Chrome Canary at the time of writing. The feature is available for all supported operating systems, including Windows, Mac, Linux, Android and Chrome OS.
Chrome Canary users who want to give this a try need to make the following adjustments in Chrome Canary:
- Load chrome://settings/help to make sure that the latest version of Chrome Canary is installed. Chrome checks for updates and will install any that it finds. A restart is then required to complete the updating.
- Load chrome://flags/#encrypted-client-hello in the browser's address bar.
- Set the status of the Encrypted ClientHello flag to Enabled.
- Restart Google Chrome.
Google Chrome Canary gets experimental Encrypted Client Hello (ECH) support - gHacks Tech News
Google Chrome Canary users may enable experimental support for Encrypted Client Hello (ECH) now to improve privacy.