Mozilla is starting to roll out encrypted web domain name requests by default, starting with a trial run in the US. The move aims to prevent malicious actors from snooping on browser activity, in a major boost for user privacy.
And while on the topic of DoH, here's another reason why I don't like what Mozilla has become over the past recent years: https://t.co/FoZCis8Oz4
— Eric Sauvageau (@RMerlinDev) September 7, 2019
Looks like Mozilla want to make DNS over HTTPS the default, despite this being a terrible idea for privacy and a nightmare for anyone trying to debug DNS on a network.https://t.co/jpP4iiLCSr
— Paul (@pwaring) September 7, 2019
This is a welcome move from Mozilla. Encrypting DNS on one of the world’s most popular browsers makes us safer online than we are now. By starting to roll out encrypted DNS by default, Mozilla is protecting the information we share from being exploited by those that would do us harm and we should welcome anything that increases security for consumers when browsing online. In fact, the privacy-conscious among us already make use of widely available DNS encryption services, something that critics of DNS over HTTPS seem to have overlooked.
Mozilla isn’t the first to propose DNS over HTTPS by default. When Google proposed a similar upgrade for Chrome, ISPs and online safety campaigners suggested that DNS over HTTPS would weaken authorities’ ability to filter out certain material. Yet this criticism misses a bigger picture. Proposals to encrypt DNS as standard would mean all traffic on browsers that use it will bypass locally held DNS nameservers, and go straight to a central server under the control of Mozilla, Google or one of its peers. In effect, this gives these companies control over our search information and internet activity, which in turn gives them a greater level of control over the internet itself. So while these changes are a boost for online privacy advocates, the prospect of a small number of for-profit firms having such influence is worrying.