Tuesday, 25 February 2020

Firefox turns on DNS encryption

Firefox announced today that DNS over HTTPS will be on by default in new versions of its browser, adding an extra layer of security for people browsing the information superhighway.

Since our work on DoH began, many browsers have joined in announcing their plans to support DoH, and we’ve even seen major websites like Facebook move to support a more secure DNS. If you’re interested in exactly how DoH protects your browsing history, here’s an in-depth explainer by Lin Clark. We’re enabling DoH by default only in the US. If you’re outside of the US and would like to enable DoH, you’re welcome to do so by going to Settings, then General, then scroll down to Networking Settings and click the Settings button on the right. Here you can enable DNS over HTTPS by clicking, and a checkbox will appear. By default, this change will send your encrypted DNS requests to Cloudflare.

DNS is how web browsers look up the true address of domain names such as google.com or boingboing.net. HTTPS encrypts this lookup, preventing it from being snooped on by service providers. This limits one method of collecting data about what people do online: for users, it's an obvious benefit, but advertisers and cops are hopping mad.