Wednesday, 26 February 2020 09:43

Firefox moves to encrypted DNS for US users by default Featured

Selena Deckelmann: "Today, we know that unencrypted DNS is not only vulnerable to spying but is being exploited, and so we are helping the internet to make the shift to more secure alternatives." Selena Deckelmann: "Today, we know that unencrypted DNS is not only vulnerable to spying but is being exploited, and so we are helping the internet to make the shift to more secure alternatives." Courtesy Mozilla Foundation

The Mozilla Foundation has begun rolling out encrypted DNS over HTTPS for its Firefox browser by default for users in the US, but has no plans in place for other global regions.

A Foundation spokesperson told iTWire in response to a query: "We are currently focused on releasing this feature by default only to users in the United States.

"We do not have plans to roll out the feature in Europe or other regions at this time. However, we strongly believe that DNS over HTTPS is good for the privacy of people everywhere."

A statement from the Foundation said the rollout for American users would continue over the next few weeks to ensure there are no major issues with this new protocol.

Selena Deckelmann, vice-president Firefox Desktop, said work to put the feature in place had begun more than two years ago.

"To put this change into context, we need to briefly describe how the system worked before DoH," she wrote.

"DNS is a database that links a human-friendly name, such as, to a computer-friendly series of numbers, called an IP address (e.g.

"By performing a 'lookup' in this database, your Web browser is able to find websites on your behalf. Because of how DNS was originally designed decades ago, browsers doing DNS lookups for websites — even encrypted sites — had to perform these lookups without encryption."

This means that other devices along the route can pick up the data transmitted and anyone with sufficient technical expertise can spy on people's Web browsing patterns.

But this does not mean that those in other countries cannot use encrypted DNS.

"We’re enabling DoH by default only in the US," Deckelmann said. "If you’re outside the US and would like to enable DoH, you’re welcome to do so by going to Settings, then General, then scroll down to Networking Settings and click the Settings button on the right. Here you can enable DNS over HTTPS by clicking, and a checkbox will appear. By default, this change will send your encrypted DNS requests to Cloudflare."

Users can choose between two providers — Cloudflare and NextDNS — both of which are trusted resolvers.


As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments