This incredibly simple privacy app helps protect your phone from snoops with one click

A new app from Cloudflare hides the location of sites and services you access from web browsers and any other apps on your Android or Apple device.

This incredibly simple privacy app helps protect your phone from snoops with one click
[Photo: Flickr user Book Catalog]

In the United States and many other countries, there are no legal protections to stop internet service providers–landline or mobile–from tracking where you go online. (A 2017 act of Congress enshrined that right to snoop in the U.S.) They can use the info to market to you directly, or sell the data to other marketing companies. New laws, spearheaded by efforts in the EU and California, may someday prevent that–emphasis on may someday.


Meanwhile, you can throw a wrench in the schemes of ISPs, or snoopy governments or hackers, with a new, incredibly simple, and free app that encrypts the identity of the servers your mobile apps access. That partially obscures not only your web surfing, but also whether Spotify, Instagram, Fox News, MLB, or any other apps are pinging their respective servers.

How it works, and what’s in a name

Just click one switch to turn on the app in Android or iOS. [Image: Courtesy Cloudflare]
The new app, from Cloudflare, is called–the name of the internet server it uses. Cloudflare’s main business is as a content delivery network that optimizes the speed of websites using it, as well as shielding them from cyberattacks.

But Cloudflare also operates what’s called a DNS service. This is the lookup service that translates a text web address like “” to the four-part numerical IP address that internet routers use. In this case (actually one of a bunch that Google uses).

Forgoing the default DNS server that your ISP provides and using an alternate one like Cloudflare’s (or others) makes it a lot harder for your ISP to log all the sites you go to. (They have to dig a lot deeper into your web traffic to get the info.)

Related: Here’s How To Plug One Of The Biggest Privacy Holes In The Internet


A cool feature of Cloudflare’s service, at the IP address, is that it supports encryption. So an ISP, government, or hacker also can’t read the requests you send to Cloudflare’s server by trying to intercept the traffic.

Cloudflare introduced the service on April 1, based on the dad-joke humor that 4/1 sounds kinda like “four ones.” (I described how it works in more detail, including set up on PCs and Macs, back then.) Now it’s launching the mobile app on 11/11.

The app not only saves the process of manually configuring the Android or iOS operating systems to use as their default DNS server, it also forms an encrypted connection between the DNS server and every app on the phone. Previously, each individual app had to support this form of encryption, called DNS over HTTPS. (Firefox for Android is the only one that I know of, though there may be others.)

Should you use

If you don’t consider yourself super techy, you probably should use this app. It’s an incredibly simple way to add privacy to your smartphone: Just install, and click one switch. Cloudflare’s DNS service is also really fast, so it could speed up your browsing, especially to sites and web services that run on Cloudflare’s network.

During installation, the app asks you to install a VPN service on your iOS (left) or Android (right) phone. [Image: Courtesy Cloudflare]
If the following two paragraphs look like techy gobbledygook, you fall into that first group who should use the app. And you can skip to the how-to part.


If you’re more security-minded and use a VPN (virtual private network) encryption app on your mobile, Cloudflare’s app will actually downgrade your security. That’s because Cloudflare uses a VPN connection to send these encrypted DNS requests. And since your phone can run only one of these apps at once, it actually prevents you from using your original VPN app–which you may have gotten from your employer or set up on your own.

Cloudflare’s VPN connection is inferior, because it encrypts only the DNS requests, not the rest of your traffic. I happen to use a VPN app called Tunnel Bear (which Cloudflare likes so much, it almost bought the company, Cloudflare CEO Matthew Prince told me). So I will not be running on my phone. But you can still configure your mobile operating system to use the DNS service (or other alternate DNS services like Google’s at to see if it speeds up your surfing.

How to set up

This part’s super easy. Find the app in the iOS or Android app stores and follow the installation instructions. At one point, the dialog will ask your permission to install a VPN service. Go ahead and say “Yes” (assuming you don’t already have a VPN, in which case Cloudflare’s app is not for you).

After the install, you’ll see the app’s main screen, featuring a single toggle switch. Click to turn it on. That’s it.

About the author

Sean Captain is a Bay Area technology, science, and policy journalist. Follow him on Twitter @seancaptain.