On every single operating system it is possible for this kind of improvement to be installed as a system-wide replacement for the local resolver, whether by a direct plugin or by running a resolver on localhost. This is how these upgrades can be deployed if you don't want to wait for the OS.
The problem is that browsers and other applications are just unwilling to let the user see how their products work or decide anything for themselves--or even just architect their installers to involve dependencies on a shared resolver upgrade--and so we end up in this hell of applications actively hiding their traffic from you.
And like, "great": now we have a new version of DoH and have to wait for everyone to upgrade their apps that upgraded to DoH before? This is ridiculous bullshit... this should be a single app on your device you now upgrade. Hell: Cloudflare even develops that app for a number of platforms! They aren't even the problem... it is everyone who jumps on "embedding" this behavior :/ :/ :/.
(For a more technically-comprehensive rant about this, read my comment from a year ago:)
iOS and MacOS technically have this (requires a profile[0]) but Microsoft will probably drag their feed on this for the next 2 years with the amount of enterprise customers they have to keep happy; and, given that the network adapter config is still based on Aero controls, they're probably in no rush to add more configuration options before upgrading it to Metro controls.
I still think Chrome and FF having it is a net positive though - The steam hardware survey shows 7% of users' OS is a Windows version before 10, so all of these users can use it today before it gets to them in the next major Windows 10 update.
? On Windows this is trivial to implement as you can just set the resolver to DNS on localhost; the only reason iOS needs something special is because you can't run servers/daemons.
I imagine Apple is weary about having a UI for this since it might cause more bad PR/complaints about people being able to get around (for example) school website filters. Chrome eased its UI rollout by introducing a managed policy that admins could configure before the UI was enabled. https://cloud.google.com/docs/chrome-enterprise/policies/?po...
Because if you need to configure a fleet of Macs or iOS devices for a school or business, it’s easy to push a configuration profile to all of them using tools commonly in use by IT departments and admins.
The problem is that browsers and other applications are just unwilling to let the user see how their products work or decide anything for themselves--or even just architect their installers to involve dependencies on a shared resolver upgrade--and so we end up in this hell of applications actively hiding their traffic from you.
And like, "great": now we have a new version of DoH and have to wait for everyone to upgrade their apps that upgraded to DoH before? This is ridiculous bullshit... this should be a single app on your device you now upgrade. Hell: Cloudflare even develops that app for a number of platforms! They aren't even the problem... it is everyone who jumps on "embedding" this behavior :/ :/ :/.
(For a more technically-comprehensive rant about this, read my comment from a year ago:)
https://news.ycombinator.com/item?id=21701808