MozillaZine

New FF feature: DNS over HTTPS...is it really essential?

Discussion of general topics about Mozilla Firefox
efox99
 
Posts: 137
Joined: March 24th, 2011, 7:55 pm

Post Posted February 26th, 2020, 5:30 pm

I have it disabled but I don't trust Cloudfare with my browsing credentials. Neither do I trust my ISP which recently suffered a hack and several accounts were compromised.

What is your take on this feature that Firefox activated yesterday to all users in US?

mightyglydd

User avatar
 
Posts: 9736
Joined: November 4th, 2006, 7:07 pm
Location: Hollywood Ca.

Post Posted February 26th, 2020, 5:45 pm

They didn't here.. nor with 74b8.....
@Dunno, go figure.. https://support.mozilla.org/en-US/kb/fi ... over-https
Cloudflare? What could possibly go wrong..
#KeepFightingMichael

Grumpus

User avatar
 
Posts: 12348
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Post Posted February 27th, 2020, 5:00 am

Cashless society sacrifices independence, privacy and lastly liberty, encouraged by ignorance and villainy.

therube

User avatar
 
Posts: 20266
Joined: March 10th, 2004, 9:59 pm
Location: Maryland USA

Post Posted February 28th, 2020, 5:38 am

Essential?

Arguable.
You'll find reports taking both sides of that argument.

As something meaningful - to me, as something enhancing the Mozilla brand, it's like, who cares.
I'd much rather have a browser that works for me, in the way that I want, rather a browser that is nothing but fluff.
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript

Diorser

User avatar
 
Posts: 970
Joined: June 22nd, 2005, 6:57 am

Post Posted February 29th, 2020, 6:11 am

For the vast majority of users, the default DNS provider is their ISP.
Even if they browse with https, there ISP necessarily already knows all the domains they visit and when, because it carries the traffic.
Therefore it does not decrease privacy to use their default ISP DNS provider.
Additionally, those DNS requests presumably stay inside the ISP network, so their being cleartext doesn’t reduce privacy either.
Now if you use instead google or cloudflare DNS over HTTPS, you give them all the domains you visit and when.
(some of the most evil corporate data predators of the internet.)
DNS Privacy – The Problem
DNS Privacy – The Solution

2018: Firefox, DNS over HTTPS and a controversial Shield Study

An open DNS privacy solution is probably a better choice than "google" or "cloudfare".
https://dnsprivacy.org/wiki/

makaiguy

User avatar
 
Posts: 16832
Joined: November 18th, 2002, 6:44 pm
Location: Somewhere in SE USA

Post Posted February 29th, 2020, 7:38 am

FWIW - I'm currently running 73.0.1.
Path: Tools | Options | (Scroll down to Network Settings) Settings
[ ] Enable DNS over HTTPS is NOT checked and I have no recollection of turning it off.

Per the article cited above (Firefox, DNS over HTTPS and a controversial Shield Study) this is controlled via about:config item network.trr.mode with the following possible value settings:
  • 0 means that it is disabled and not used.
  • 1 Firefox uses either native DNS or TRR depending on which is faster.
  • 2 uses TRR by default but will fall back to the native resolver if the name resolve fails for whatever reason.
  • 3 enables TRR only mode. Only TRR is used and there is no fallback.
  • 4 runs it in shadow mode which means that TRR is run in parallel for gathering data but that the native resolver is used.
In my installation, network.trr.mode is set to 0, and is not bolded, indicating this is the default value.
Doug Wilson, "The Makai Guy"
Win10 (64bit): FF 73.0.1 (64bit), TB 68.6.0 (32-bit) ║ Android 8.0/7.1.1: FF Mobile 68.6.0, No TB for Android available, dammit!
What a fool believes he sees, no wise man has the power to reason away - Doobie Brothers

mightyglydd

User avatar
 
Posts: 9736
Joined: November 4th, 2006, 7:07 pm
Location: Hollywood Ca.

Post Posted February 29th, 2020, 7:52 am

makaiguy wrote:FWIW - I'm currently running 73.0.1.
Path: Tools | Options | (Scroll down to Network Settings) Settings
[ ] Enable DNS over HTTPS is NOT checked and I have no recollection of turning it off.

+1 Nor with 74b9.
#KeepFightingMichael

Grumpus

User avatar
 
Posts: 12348
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Post Posted March 3rd, 2020, 7:42 am

Also using 73.0.1. and it was off.
Noted this to the article writer at the Register.
Possibles and a complete guess: locale setting, distro default, changes in previous version affecting the implementation.
Might be any number of reasons including it's not been deployed as of yet? 8-[
Cashless society sacrifices independence, privacy and lastly liberty, encouraged by ignorance and villainy.

Return to Firefox General


Who is online

Users browsing this forum: No registered users and 1 guest