Mozilla Corporation (subsidiary of Mozilla Foundation) will soon enable support for the DNS-over-HTTPS (DoH) protocol by default inside their free and open-source web browser Firefox. This basically means that Mozilla’s Firefox privacy protections will soon include one of the most basic tasks for any web browser: fielding the domain name requests that help you visit websites.
The company will make DNS over encrypted HTTPS the default for the US at the end of the month, locking down more of your web browsing without requiring an explicit toggle like before. Your online habits should then be much more private and secure, which means that there will be fewer chances for DNS hijacking and activity monitoring. The update will be released for a small number of US users, starting in late September.
The browser maker has been testing DoH support in Firefox since 2017. A recent experiment that was based on DoH tests revealed no issues, and Mozilla plans to start rolling out DoH for a small percentage of users, and then gradually enable it for a broader audience if no issues arise.
Selena Deckelmann, Senior Director of Firefox Engineering at Mozilla commented on the upcoming update, saying “If this goes well, we will let you know when we’re ready for 100% deployment.”
Not every request will use HTTPS. In case there’s either a specific need for Mozzila (like parental controls and enterprise configurations) or an outright lookup failure, the company will be relying on a “fallback” method that will revert to your operating system’s default DNS. The company said that this should respect the choices of users and IT managers who need the feature turned off, stating “When DoH is enabled, users will be notified and given the opportunity to opt out.” The development team is also watching out for potential abuses, and will reassess its approach if attackers use a canary domain to disable the technology.
Regardless of the team’s efforts to release the new feature as soon as possible, it could still take some time before DNS over HTTPS is widely available. Mozilla will be checking for any hiccups before fully releasing the feature. But if all goes smoothly, Firefox can easily become a go-to option for anyone who’s looking to protect as much of their web traffic as possible.