Mozilla had come under fire by various industries last year when it pressed for enabling DoH by default for its users in the US and around the world. They said that it would make it harder to track terrorist material and child abuse related content online. But, this week, Mozilla rolled out the DNS privacy feature for US users and is now by default on the browser.
DNS-over-HTTPS, DoH security feature is a year-long effort by Mozilla towards making the web browsing more secure and private for the users.
What is DNS-over-HTTPS (DoH)?
Before DoH, the system worked on a DNS database, where the database links and converts your web address into IP address by performing a lookup. The DNS performs a lookup in this database on the browser and finds websites on your behalf. Now, DNS was created a long time ago and browsers performing lookups with encrypted https:// sites performed lookups without encryption.
This simply means that the DNS query that converts the web address into IP address is ‘usually’ not encrypted, which allows anyone from the outside to peek into the website you are visiting and also hijack the request to redirect you to a malicious site.
Mozilla plans to perform DNS lookups in an encrypted HTTPS connection, which assists in hiding one’s browsing history from attackers on the network and also helps prevent data collection by third-parties on the network that ties the computer to websites you visit.
Why Are Other Internet Providers Not Pleased?
The ISPA (Internet Service Providers’ Association) last year believed that the DoH isn’t in compliance with the rules and regimes of some countries and particularly with the UK’s current website blocking rule. Under that law, websites can be blocked for copyright infringement, trademark, suspicious terrorist material or child abusive materials. The DoH makes it difficult to monitor user content and filter the user’s internet access.
The ISPA received a lot of heat after it criticised this move from Mozilla on social media saying, “Bringing in DNS-over-HTTPS by default would be harmful to online safety, cybersecurity and consumer choice.” Still, it also encouraged further discussion on it.
Maybe its the part of the reason why Mozilla has not planned to roll out the feature by default in the UK.
But amidst the criticism, Mozilla has received support from giants like Facebook. Mozilla Firefox has become the first browser to implement DOH and others like Chrome, Opera and Edge have also followed it.
Firefox, for now, has only enabled the DoH in the US by default and is discussing with European regulators and other countries.
How Do People Outside US Enable DoH?
Here’s a tutorial to enable the DoH from the Firefox Settings.
- Go to Firefox ‘Settings’ and choose ‘Tools’ and then choose ‘Preferences’.
- Then type ‘about:preferences’ in the URL bar and press enter. This will open the Firefox preferences section.
- Got to the ‘General’ section and scroll down to find ‘Network Settings’ and choose Settings by clicking on it.
- Then the pop appears, scroll down and select ‘Enable DNS over HTTPS’ and configure desired DoH resolver.
As for some doubts concerning parental control, which keeps harmful content away from a certain type of audience, Mozilla Firefox said that it would allow parental control and disable DoH, whenever it detects parental control.
The DoH feature has divided ISPs into different groups, and some users also have different opinions about DoH.
Some feel safer, but others have concerns over sharing their DNS queries to somebody like Cloudflare or Google (one the funders for Mozilla) who might use it for monetisation, others have pointed out how one’s internet website visits will still be monitored by their ISPs. Nonetheless, Mozilla aims to make browsing secure; only time will tell whether they will succeed upon it or not.