DoH! Mozilla assures UK minister that DNS-over-HTTPS won't be default in Firefox for Britons

As Reg readers will know, you'll have to click a few buttons first


Firebox builder Mozilla has confirmed to UK Culture Secretary Nicky Morgan that Britons won't be getting DNS-over-HTTPS (DoH) by default once the feature is included in the next run of browser updates.

In a letter to the Secretary of State for Digital, Culture, Media and Sport, Mozilla's global policy veep Alan Davidson said his Silicon Valley org "has no plans to turn on our DoH feature by default in the United Kingdom and will not do so without further engagement with public and private stakeholders."

The letter, which was conveniently shown to The Guardian today, also confirmed that DoH would be the default for folks in the US.

This repeats and cements Mozilla's position expressed earlier this year, when a spokesman said "we are currently exploring potential DoH partners in Europe to bring this important security feature to other Europeans more broadly."

As we previously reported, DoH is all about shifting domain-name queries – which try to match domain names with server IP addresses – over a secure, encrypted HTTPS connection to a DNS server, rather than via an unprotected, unencrypted bog-standard DNS connection. That should protect DNS lookups from tampering or snooping by your ISP, though whoever is providing the DNS server can obviously see your queries.

Mozilla's DoH-by-default plans stirred up the ire of the British establishment because it was thought that widespread adoption would largely break ISPs' government-mandated content blocking systems.

Nonetheless, DoH is billed as helping stop third parties (ISPs, government agencies, police forces, any of the random handful of British state organs allowed by law to help themselves to your browsing history, etc) from viewing what you’re viewing – or, in the case of criminals looking to defraud you, hijacking your DNS requests.

DNS

Mozilla Firefox to begin slow rollout of DNS-over-HTTPS by default at the end of the month

READ MORE

An unholy alliance between a UK ISPs' lobbying association, social conservatives across Parliament and the civil service, the Internet Watch Foundation and selected small-c conservative national newspapers combined to screech blue murder earlier this year at Mozilla.

The browser-maker played the game and merely pronounced itself "surprised and disappointed" at ISPA's antics. Nonetheless, the company has since backed down from what it says is a privacy and security-enhancing tech rollout.

Google, of course, is also about to roll an imminent deployment of DoH into its Chrome browser, although for its part, Google has promised it won't override your choice of DNS provider.

We have asked Mozilla if it wishes to comment and will update this article if it responds.

A Parliamentary question about what discussions the current government had had with Mozilla went unanswered thanks to the (now unlawful) prorogation of Parliament by Prime Minister Boris Johnson.

Not enabling DoH by default seems like a compromise option intended to soothe state-backed data sniffers and social conservatives alike. Exploiting the well-known tendency of end users not to do or enable anything to help themselves, Mozilla presumably hopes that'll be enough to put Britain's creeps back in their boxes.

Instructions on enabling or disabling DoH in Firefox can be found here.

While the public messaging on DoH is mostly focused on security, child abuse content or terrorists, it's wise to take a wider view. As we reported a few days ago, Paul Vixie of Farsight Security opined (at the end of this article) that the ultimate victor if the Google and Mozilla position prevails may be the tech companies resolving encrypted DNS queries, who will then have a much broader sight of what people are browsing than anyone else. Or so they hope. ®

Similar topics

Broader topics


Other stories you might like

  • Google sours on legacy G Suite freeloaders, demands fee or flee

    Free incarnation of online app package, which became Workplace, is going away

    Google has served eviction notices to its legacy G Suite squatters: the free service will no longer be available in four months and existing users can either pay for a Google Workspace subscription or export their data and take their not particularly valuable businesses elsewhere.

    "If you have the G Suite legacy free edition, you need to upgrade to a paid Google Workspace subscription to keep your services," the company said in a recently revised support document. "The G Suite legacy free edition will no longer be available starting May 1, 2022."

    Continue reading
  • SpaceX Starlink sat streaks now present in nearly a fifth of all astronomical images snapped by Caltech telescope

    Annoying, maybe – but totally ruining this science, maybe not

    SpaceX’s Starlink satellites appear in about a fifth of all images snapped by the Zwicky Transient Facility (ZTF), a camera attached to the Samuel Oschin Telescope in California, which is used by astronomers to study supernovae, gamma ray bursts, asteroids, and suchlike.

    A study led by Przemek Mróz, a former postdoctoral scholar at the California Institute of Technology (Caltech) and now a researcher at the University of Warsaw in Poland, analysed the current and future effects of Starlink satellites on the ZTF. The telescope and camera are housed at the Palomar Observatory, which is operated by Caltech.

    The team of astronomers found 5,301 streaks leftover from the moving satellites in images taken by the instrument between November 2019 and September 2021, according to their paper on the subject, published in the Astrophysical Journal Letters this week.

    Continue reading
  • AI tool finds hundreds of genes related to human motor neuron disease

    Breakthrough could lead to development of drugs to target illness

    A machine-learning algorithm has helped scientists find 690 human genes associated with a higher risk of developing motor neuron disease, according to research published in Cell this week.

    Neuronal cells in the central nervous system and brain break down and die in people with motor neuron disease, like amyotrophic lateral sclerosis (ALS) more commonly known as Lou Gehrig's disease, named after the baseball player who developed it. They lose control over their bodies, and as the disease progresses patients become completely paralyzed. There is currently no verified cure for ALS.

    Motor neuron disease typically affects people in old age and its causes are unknown. Johnathan Cooper-Knock, a clinical lecturer at the University of Sheffield in England and leader of Project MinE, an ambitious effort to perform whole genome sequencing of ALS, believes that understanding how genes affect cellular function could help scientists develop new drugs to treat the disease.

    Continue reading

Biting the hand that feeds IT © 1998–2022