13 votes

DNS-over-HTTPS should not be the default in Firefox

11 comments

  1. [4]
    zaarn
    Link
    The post is a bit overdramatic; DoH doesn't hurt you, it's not enabled by default at this moment and Mozilla already setup a dropdown to select one of multiple DoH providersif you do choose to...

    The post is a bit overdramatic; DoH doesn't hurt you, it's not enabled by default at this moment and Mozilla already setup a dropdown to select one of multiple DoH providersif you do choose to enable it.

    18 votes
    1. [2]
      unknown user
      Link Parent
      The post has one thing right: DNS should be OS-wide, not app-specific. What Mozilla does is understandable, tho: it is really hard to set up DoH, even I as a techie haven't bothered yet, let alone...

      The post has one thing right: DNS should be OS-wide, not app-specific. What Mozilla does is understandable, tho: it is really hard to set up DoH, even I as a techie haven't bothered yet, let alone your everyday regular normal guy.

      But the tone and manner of the post is shouting provocation, sweet internet outrage, clickbait... reminiscent of stuff like chemtrails.

      15 votes
      1. zaarn
        Link Parent
        DoH can be OS-wide too, though tbf, most browsers already ignore the system resolver outright (Chrome/Firefox on Linux/Windows do this) and have their own DNS cache too.

        DoH can be OS-wide too, though tbf, most browsers already ignore the system resolver outright (Chrome/Firefox on Linux/Windows do this) and have their own DNS cache too.

        5 votes
    2. babypuncher
      Link Parent
      The author is insane. DoH is only turned on by default in Firefox for US users to begin with. His only valid criticism of the move is that by default Firefox uses a US-based DNS. Anyone using...

      The author is insane. DoH is only turned on by default in Firefox for US users to begin with. His only valid criticism of the move is that by default Firefox uses a US-based DNS. Anyone using Firefox in the US presumably already has that problem, so DoH is purely a net benefit for the users getting it by default. The insane alarmist tone in the article almost makes me question the author's motives.

      6 votes
  2. Wes
    Link
    Very sensationalist. DoH is a useful technology that will improve privacy for users.

    Very sensationalist. DoH is a useful technology that will improve privacy for users.

    7 votes
  3. [2]
    hamstergeddon
    Link
    It's disabled for me, in the US, on 70.0b5 Developer. And there's an option to specify my own provider rather than CloudFlare, so this article seems alarmist and silly. Plus doesn't DoH mean...

    It's disabled for me, in the US, on 70.0b5 Developer. And there's an option to specify my own provider rather than CloudFlare, so this article seems alarmist and silly.

    Plus doesn't DoH mean nobody, even CloudFlare, can see my requests directly since they're encrypted?

    4 votes
    1. HanakoIsBestGirl
      Link Parent
      Afaik, no. The dns requests are only encrypted in transit. If cloudflare is the intended recipient then they will decrypt them when they get them. Plus, how would they be able to understand the...

      Plus doesn't DoH mean nobody, even CloudFlare, can see my requests directly since they're encrypted?

      Afaik, no. The dns requests are only encrypted in transit. If cloudflare is the intended recipient then they will decrypt them when they get them. Plus, how would they be able to understand the DNS requests of they could not be decrypted. Nobody else can see them, but cloudflare can.

      11 votes
  4. [3]
    teaearlgraycold
    Link
    DoH was already disabled for me on Firefox 69.0.0 (Windows 10). Does anyone know under what conditions it's on by default? A fresh install, perhaps?

    DoH was already disabled for me on Firefox 69.0.0 (Windows 10). Does anyone know under what conditions it's on by default? A fresh install, perhaps?

    2 votes
    1. [2]
      lugubris
      Link Parent
      afaik only enabled for US users for now

      afaik only enabled for US users for now

      2 votes
      1. teaearlgraycold
        (edited )
        Link Parent
        I'm in the US. Edit: It looks like this isn't actually rolled out yet. Mozilla says it'll be the default this fall.

        I'm in the US.

        Edit: It looks like this isn't actually rolled out yet. Mozilla says it'll be the default this fall.

        2 votes