MozillaZine


New FF feature: DNS over HTTPS...is it really essential?

Discussion of general topics about Mozilla Firefox
efox99
 
Posts: 137
Joined: March 24th, 2011, 7:55 pm

Post Posted February 26th, 2020, 5:30 pm

I have it disabled but I don't trust Cloudfare with my browsing credentials. Neither do I trust my ISP which recently suffered a hack and several accounts were compromised.

What is your take on this feature that Firefox activated yesterday to all users in US?

mightyglydd

User avatar
 
Posts: 9908
Joined: November 4th, 2006, 7:07 pm
Location: Hollywood Ca.

Post Posted February 26th, 2020, 5:45 pm

They didn't here.. nor with 74b8.....
@Dunno, go figure.. https://support.mozilla.org/en-US/kb/fi ... over-https
Cloudflare? What could possibly go wrong..
#KeepFightingMichael and Alex.

Grumpus

User avatar
 
Posts: 12678
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Post Posted February 27th, 2020, 5:00 am

Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you

therube

User avatar
 
Posts: 20593
Joined: March 10th, 2004, 9:59 pm
Location: Maryland USA

Post Posted February 28th, 2020, 5:38 am

Essential?

Arguable.
You'll find reports taking both sides of that argument.

As something meaningful - to me, as something enhancing the Mozilla brand, it's like, who cares.
I'd much rather have a browser that works for me, in the way that I want, rather a browser that is nothing but fluff.
Fire 750, bring back 250.
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript

Diorser

User avatar
 
Posts: 1009
Joined: June 22nd, 2005, 6:57 am

Post Posted February 29th, 2020, 6:11 am

For the vast majority of users, the default DNS provider is their ISP.
Even if they browse with https, there ISP necessarily already knows all the domains they visit and when, because it carries the traffic.
Therefore it does not decrease privacy to use their default ISP DNS provider.
Additionally, those DNS requests presumably stay inside the ISP network, so their being cleartext doesn’t reduce privacy either.
Now if you use instead google or cloudflare DNS over HTTPS, you give them all the domains you visit and when.
(some of the most evil corporate data predators of the internet.)
DNS Privacy – The Problem
DNS Privacy – The Solution

2018: Firefox, DNS over HTTPS and a controversial Shield Study

An open DNS privacy solution is probably a better choice than "google" or "cloudfare".
https://dnsprivacy.org/wiki/

makaiguy

User avatar
 
Posts: 16893
Joined: November 18th, 2002, 6:44 pm
Location: Somewhere in SE USA

Post Posted February 29th, 2020, 7:38 am

FWIW - I'm currently running 73.0.1.
Path: Tools | Options | (Scroll down to Network Settings) Settings
[ ] Enable DNS over HTTPS is NOT checked and I have no recollection of turning it off.

Per the article cited above (Firefox, DNS over HTTPS and a controversial Shield Study) this is controlled via about:config item network.trr.mode with the following possible value settings:
  • 0 means that it is disabled and not used.
  • 1 Firefox uses either native DNS or TRR depending on which is faster.
  • 2 uses TRR by default but will fall back to the native resolver if the name resolve fails for whatever reason.
  • 3 enables TRR only mode. Only TRR is used and there is no fallback.
  • 4 runs it in shadow mode which means that TRR is run in parallel for gathering data but that the native resolver is used.
In my installation, network.trr.mode is set to 0, and is not bolded, indicating this is the default value.
Doug Wilson, "The Makai Guy"
Win10 (64bit): FF 85.0.2 (64bit), TB 78.7.1 (32-bit) ║ Android 10: FF Mobile 85.1.2, No TB for Android available, dammit!
What a fool believes he sees, no wise man has the power to reason away - Doobie Brothers

mightyglydd

User avatar
 
Posts: 9908
Joined: November 4th, 2006, 7:07 pm
Location: Hollywood Ca.

Post Posted February 29th, 2020, 7:52 am

makaiguy wrote:FWIW - I'm currently running 73.0.1.
Path: Tools | Options | (Scroll down to Network Settings) Settings
[ ] Enable DNS over HTTPS is NOT checked and I have no recollection of turning it off.

+1 Nor with 74b9.
#KeepFightingMichael and Alex.

Grumpus

User avatar
 
Posts: 12678
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Post Posted March 3rd, 2020, 7:42 am

Also using 73.0.1. and it was off.
Noted this to the article writer at the Register.
Possibles and a complete guess: locale setting, distro default, changes in previous version affecting the implementation.
Might be any number of reasons including it's not been deployed as of yet? 8-[
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you

mightyglydd

User avatar
 
Posts: 9908
Joined: November 4th, 2006, 7:07 pm
Location: Hollywood Ca.

Post Posted July 17th, 2020, 3:36 pm

mightyglydd wrote:Cloudflare? What could possibly go wrong..

https://techcrunch.com/2020/07/17/cloud ... t-with-it/
#KeepFightingMichael and Alex.

WaltS48

User avatar
 
Posts: 4652
Joined: May 7th, 2010, 9:38 am
Location: Pennsylvania, USA

Post Posted July 17th, 2020, 3:42 pm

mightyglydd wrote:
mightyglydd wrote:Cloudflare? What could possibly go wrong..

https://techcrunch.com/2020/07/17/cloud ... t-with-it/


In at least one case, even the status page for the status page was down.
:oops: :lol:
Linux Desktop - AMD Athlon(tm) II X3 455 3.3GHz | 8.0GB RAM | GeForce GT 630
Windows Notebook - AMD A8 7410 2.2GHz | 6.0GB RAM | AMD Radeon R5

Grumpus

User avatar
 
Posts: 12678
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Post Posted July 18th, 2020, 5:37 am

as an aside . . . Comcast/Xfinity will be providing a similar service shortly to Firefox users.
Being an experienced folder of tin foil, what happens when more then a few ISPs start to provide this form of connection.
Limitations? Fox guarding the hen house, naaah! ya think?
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you

Frank Lion

User avatar
 
Posts: 20928
Joined: April 23rd, 2004, 6:59 pm
Location: ... The Exorcist....United Kingdom

Post Posted July 18th, 2020, 8:39 am

https://blog.mozilla.org/blog/2020/07/1 ... amp-on-vpn

See for yourself how the Mozilla VPN works : you pay us $4.99 a month and, er, that's it.


My advice? VPN from protonVPN. More secure, less likely to turn your stuff over to the feds and, er, it's free.
Metal Lion latest SeaMonkey & Thunderbird Themes - Sea Monkey and Silver Sea Monkey
"The only thing necessary for the triumph of evil, is for good men to do nothing." - Edmund Burke (attrib.)

Return to Firefox General


Who is online

Users browsing this forum: Google [Bot] and 1 guest