American users of the Firefox web browser have today gained enhanced privacy after the Mozilla Foundation turned on (by default) DNS-over-HTTPS (DoH).

DoH will automatically encrypt website requests for Firefox’s desktop users in the United States, in an effort to bolster the privacy of its users.

Mozilla had announced in September 2019 that it would make DoH a default setting for all desktop users in the United States. But later that same month it disappointed British Firefox users when it confirmed to the British government that it would not enable by default DoH on this side on the pond.

Privacy protection

DoH is not liked by ISPs, security services and the government, as it makes it harder for them to detect the web surfing habits of suspects.

The issue for the British government is that DoH essentially bypasses UK web filters, which use the same technique, hijacking DNS lookups, to prevent easy access to websites blocked by internet service providers.

British users however will still be able to turn on DoH manually by going into the Options menu. Full instructions can be found here.

Just days after Mozilla announced the feature last September, Google said it will start testing DoH in its Chrome browser.

However Google will not turn on DoH for every user, but said it would default to DoH for technical users who have already chosen to switch their DNS provider to companies such as Google, Cloudflare and OpenDNS.

Not bulletproof

Mozilla in a blog post confirmed the DoH feature would begin to be rolled out to American users from Tuesday.

At the moment, when a user connect with a website (say www.mozilla.org), the internet traffic is typically sent over in an unencrypted plain text connection. This allow others to see what websites a person has been visiting, even when the communication with the website itself is encrypted using HTTPS.

And it should be remembered that DoH won’t stop ISP’s for example from carrying out data collection (typically for advertising purposes), but DoH will likely make it more difficult.

It essentially makes it harder for others to see a user’s DNS lookups if DoH has been enabled. Therefore Mozilla says Firefox will offer users a choice of two trusted DNS providers, Cloudflare and NextDNS, and that Cloudflare will be used as the default.

Mozilla has stipulated privacy requirements that any DoH provider must abide by in order to be considered a trusted DNS provider.

“Today, Firefox began the rollout of encrypted DNS over HTTPS (DoH) by default for US-based users,” said Mozilla. “The rollout will continue over the next few weeks to confirm no major issues are discovered as this new protocol is enabled for Firefox’s US-based users.”

“Today, we know that unencrypted DNS is not only vulnerable to spying but is being exploited, and so we are helping the internet to make the shift to more secure alternatives,” Mozilla said. “We do this by performing DNS lookups in an encrypted HTTPS connection. This helps hide your browsing history from attackers on the network, helps prevent data collection by third parties on the network that ties your computer to websites you visit.”

“We’re enabling DoH by default only in the US,” it added “If you’re outside of the US and would like to enable DoH, you’re welcome to do so by going to Settings, then General, then scroll down to Networking Settings and click the Settings button on the right. Here you can enable DNS over HTTPS by clicking, and a checkbox will appear. By default, this change will send your encrypted DNS requests to Cloudflare.”

“DoH is just one of the many privacy protections you can expect to see from us in 2020,” it added.

Are you a Firefox fan? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Microsoft Xbox Marketing Chief Leaves For Roblox

Microsoft loses Xbox marketing chief amidst executive changes in company's gaming division, broader layoffs and…

21 hours ago

YouTube Test Community ‘Notes’ Feature For Added Context

YouTube begins testing Notes feature that allows selected users to add contextual information to videos,…

21 hours ago

FTC Sues Adobe Over Hidden Fees, Termination ‘Resistance’

US regulator sues Photoshop maker Adobe over large, hidden termination fees, intentionally difficult cancellation process

22 hours ago

Tencent To Ban AI Avatars From Livestream Commerce

Chinese tech giant Tencent to ban AI hosts from livestream video platform as it looks…

22 hours ago

TikTok US Ban Appeal Gets 16 September Court Date

Action by TikTok, ByteDance and creators against US ban law gets 16 September hearing date,…

23 hours ago

US Surgeon General Calls For Warning Labels On Social Media

US surgeon general calls for cigarette-style warning labels to be shown on social media advising…

24 hours ago