New FF feature: DNS over HTTPS...is it really essential?
-
- Posts: 137
- Joined: March 24th, 2011, 7:55 pm
New FF feature: DNS over HTTPS...is it really essential?
I have it disabled but I don't trust Cloudfare with my browsing credentials. Neither do I trust my ISP which recently suffered a hack and several accounts were compromised.
What is your take on this feature that Firefox activated yesterday to all users in US?
What is your take on this feature that Firefox activated yesterday to all users in US?
- mightyglydd
- Posts: 9813
- Joined: November 4th, 2006, 7:07 pm
- Location: Hollywood Ca.
Re: New FF feature: DNS over HTTPS...is it really essential?
They didn't here.. nor with 74b8.....
@Dunno, go figure.. https://support.mozilla.org/en-US/kb/fi ... over-https
Cloudflare? What could possibly go wrong..
@Dunno, go figure.. https://support.mozilla.org/en-US/kb/fi ... over-https
Cloudflare? What could possibly go wrong..
#KeepFightingMichael and Alex.
- Grumpus
- Posts: 13246
- Joined: October 19th, 2007, 4:23 am
- Location: ... Da' Swamp
Re: New FF feature: DNS over HTTPS...is it really essential?
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
- therube
- Posts: 21714
- Joined: March 10th, 2004, 9:59 pm
- Location: Maryland USA
Re: New FF feature: DNS over HTTPS...is it really essential?
Essential?
Arguable.
You'll find reports taking both sides of that argument.
As something meaningful - to me, as something enhancing the Mozilla brand, it's like, who cares.
I'd much rather have a browser that works for me, in the way that I want, rather a browser that is nothing but fluff.
Arguable.
You'll find reports taking both sides of that argument.
As something meaningful - to me, as something enhancing the Mozilla brand, it's like, who cares.
I'd much rather have a browser that works for me, in the way that I want, rather a browser that is nothing but fluff.
Fire 750, bring back 250.
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript
- Diorser
- Posts: 1009
- Joined: June 22nd, 2005, 6:57 am
Re: New FF feature: DNS over HTTPS...is it really essential?
DNS Privacy – The ProblemFor the vast majority of users, the default DNS provider is their ISP.
Even if they browse with https, there ISP necessarily already knows all the domains they visit and when, because it carries the traffic.
Therefore it does not decrease privacy to use their default ISP DNS provider.
Additionally, those DNS requests presumably stay inside the ISP network, so their being cleartext doesn’t reduce privacy either.
Now if you use instead google or cloudflare DNS over HTTPS, you give them all the domains you visit and when.
(some of the most evil corporate data predators of the internet.)
DNS Privacy – The Solution
2018: Firefox, DNS over HTTPS and a controversial Shield Study
An open DNS privacy solution is probably a better choice than "google" or "cloudfare".
https://dnsprivacy.org/wiki/
- makaiguy
- Posts: 16878
- Joined: November 18th, 2002, 6:44 pm
- Location: Somewhere in SE USA
- Contact:
Re: New FF feature: DNS over HTTPS...is it really essential?
FWIW - I'm currently running 73.0.1.
Path: Tools | Options | (Scroll down to Network Settings) Settings
[ ] Enable DNS over HTTPS is NOT checked and I have no recollection of turning it off.
Per the article cited above (Firefox, DNS over HTTPS and a controversial Shield Study) this is controlled via about:config item network.trr.mode with the following possible value settings:
Path: Tools | Options | (Scroll down to Network Settings) Settings
[ ] Enable DNS over HTTPS is NOT checked and I have no recollection of turning it off.
Per the article cited above (Firefox, DNS over HTTPS and a controversial Shield Study) this is controlled via about:config item network.trr.mode with the following possible value settings:
- 0 means that it is disabled and not used.
- 1 Firefox uses either native DNS or TRR depending on which is faster.
- 2 uses TRR by default but will fall back to the native resolver if the name resolve fails for whatever reason.
- 3 enables TRR only mode. Only TRR is used and there is no fallback.
- 4 runs it in shadow mode which means that TRR is run in parallel for gathering data but that the native resolver is used.
Doug Wilson
Win10 64bit: FF 124.0.2 64bit, TB 102.12.0 32-bit ║ Android 13/10: FF 124.2.0/115.9.0 ║ No TB for Android available, dammit!
What a fool believes he sees, no wise man has the power to reason away - Doobie Brothers
Win10 64bit: FF 124.0.2 64bit, TB 102.12.0 32-bit ║ Android 13/10: FF 124.2.0/115.9.0 ║ No TB for Android available, dammit!
What a fool believes he sees, no wise man has the power to reason away - Doobie Brothers
- mightyglydd
- Posts: 9813
- Joined: November 4th, 2006, 7:07 pm
- Location: Hollywood Ca.
Re: New FF feature: DNS over HTTPS...is it really essential?
+1 Nor with 74b9.makaiguy wrote:FWIW - I'm currently running 73.0.1.
Path: Tools | Options | (Scroll down to Network Settings) Settings
[ ] Enable DNS over HTTPS is NOT checked and I have no recollection of turning it off.
#KeepFightingMichael and Alex.
- Grumpus
- Posts: 13246
- Joined: October 19th, 2007, 4:23 am
- Location: ... Da' Swamp
Re: New FF feature: DNS over HTTPS...is it really essential?
Also using 73.0.1. and it was off.
Noted this to the article writer at the Register.
Possibles and a complete guess: locale setting, distro default, changes in previous version affecting the implementation.
Might be any number of reasons including it's not been deployed as of yet?
Noted this to the article writer at the Register.
Possibles and a complete guess: locale setting, distro default, changes in previous version affecting the implementation.
Might be any number of reasons including it's not been deployed as of yet?
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
- mightyglydd
- Posts: 9813
- Joined: November 4th, 2006, 7:07 pm
- Location: Hollywood Ca.
Re: New FF feature: DNS over HTTPS...is it really essential?
https://techcrunch.com/2020/07/17/cloud ... t-with-it/mightyglydd wrote:Cloudflare? What could possibly go wrong..
#KeepFightingMichael and Alex.
- WaltS48
- Posts: 5141
- Joined: May 7th, 2010, 9:38 am
- Location: Pennsylvania, USA
Re: New FF feature: DNS over HTTPS...is it really essential?
mightyglydd wrote:https://techcrunch.com/2020/07/17/cloud ... t-with-it/mightyglydd wrote:Cloudflare? What could possibly go wrong..
In at least one case, even the status page for the status page was down.
Linux Desktop - AMD Athlon(tm) II X3 455 3.3GHz | 8.0GB RAM | GeForce GT 630
Windows Notebook - AMD A8 7410 2.2GHz | 6.0GB RAM | AMD Radeon R5
Windows Notebook - AMD A8 7410 2.2GHz | 6.0GB RAM | AMD Radeon R5
- Grumpus
- Posts: 13246
- Joined: October 19th, 2007, 4:23 am
- Location: ... Da' Swamp
Re: New FF feature: DNS over HTTPS...is it really essential?
as an aside . . . Comcast/Xfinity will be providing a similar service shortly to Firefox users.
Being an experienced folder of tin foil, what happens when more then a few ISPs start to provide this form of connection.
Limitations? Fox guarding the hen house, naaah! ya think?
Being an experienced folder of tin foil, what happens when more then a few ISPs start to provide this form of connection.
Limitations? Fox guarding the hen house, naaah! ya think?
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
- Frank Lion
- Posts: 21177
- Joined: April 23rd, 2004, 6:59 pm
- Location: ... The Exorcist....United Kingdom
- Contact:
Re: New FF feature: DNS over HTTPS...is it really essential?
https://blog.mozilla.org/blog/2020/07/1 ... amp-on-vpn
My advice? VPN from protonVPN. More secure, less likely to turn your stuff over to the feds and, er, it's free.See for yourself how the Mozilla VPN works : you pay us $4.99 a month and, er, that's it.
"The only thing necessary for the triumph of evil, is for good men to do nothing." - Edmund Burke (attrib.)
.
.