Language Selection

English French German Italian Portuguese Spanish

Mozilla: DNS/DoH, USA FREEDOM Act, Critiquing Design and Sandboxing

Filed under
Moz/FF
  • Firefox continues push to bring DNS over HTTPS by default for US users

    Today, Firefox began the rollout of encrypted DNS over HTTPS (DoH) by default for US-based users. The rollout will continue over the next few weeks to confirm no major issues are discovered as this new protocol is enabled for Firefox’s US-based users.

    A little over two years ago, we began work to help update and secure one of the oldest parts of the internet, the Domain Name System (DNS). To put this change into context, we need to briefly describe how the system worked before DoH. DNS is a database that links a human-friendly name, such as www.mozilla.org, to a computer-friendly series of numbers, called an IP address (e.g. 192.0.2.1).

  • The Facts: Mozilla’s DNS over HTTPs (DoH)

    The current insecure DNS system leaves billions of people around the world vulnerable because the data about where they go on the internet is unencrypted. We’ve set out to change that. In 2017, Mozilla began working on the DNS-over-HTTPS (DoH) protocol to close this privacy gap within the web’s infrastructure. Today, Firefox is enabling encrypted DNS over HTTPS by default in the US giving our users more privacy protection wherever and whenever they’re online.

  • Goals for USA FREEDOM reauthorization: reforms, access, and transparency

    At Mozilla, we believe that privacy is a fundamental digital right. We’ve built these values into the Firefox browser itself, and we’ve pushed Congress to pass strong legal protections for consumer privacy in the US. This week, Congress will have another opportunity to consider meaningful reforms to protect user privacy when it debates the reauthorization of the USA FREEDOM Act. We believe that Congress should amend this surveillance law to remove ineffective programs, bolster resources for civil liberties advocates, and provide more transparency for the public. More specifically, Mozilla supports the following reforms...

    [...]

    Second, the program may not provide sufficiently valuable insights in the current threat environment. In a recent Senate Judiciary Committee hearing, the government acknowledged that the intelligence value of the program was outweighed by the costs and technical challenges associated with its continued operation. This conclusion was supported by an independent analysis from the Privacy and Civil Liberties Oversight Board (PCLOB), which hopes to publicly release an unclassified version of its report in the near future. Additionally, the shift to other forms of communications may make it even less likely that law enforcement will obtain useful information through this specific authority in the future.

    And finally, some technological shifts may have made the CDR program too complex to implement today. Citing to “technical irregularities” in some of the data obtained from telecom providers under the program, the NSA deleted three years’ worth of CDRs that it was not authorized to receive last June. While the agency has not released a specific explanation, Susan Landau and Asaf Lubin of Tufts University have posited that the problem stems from challenges associated with measures in place to facilitate interoperability between landlines and mobile phone networks.

  • Critiquing Design

    This is me about 25 years ago, dancing with a yoga ball. I was part of a theater company where I first learned Liz Lerman’s Critical Response Process. We used this extensively—it was an integral part of our company dynamic. We used it to develop company work, we used it in our education programs and we even used it to redesign our company structure. It was a formative part of my development as an artist, a teacher, and later, as a user-centered designer.

    What I love about this process is that works by embedding all the things we strive for in a critique into a deceptively simple, step-by-step process. You don’t have to try to remember everything the next time you’re knee-deep in a critique session. It’s knowledge in the world for critique sessions.

  • Firefox for Mac and Linux to get a new security sandbox system

Firefox turns controversial new encryption...

  • Firefox turns controversial new encryption on by default in the US

    Starting today, Mozilla will turn on by default DNS over HTTPS (DoH) for Firefox users in the US, the company has announced. DoH is a new standard that encrypts a part of your internet traffic that’s typically sent over an unencrypted plain text connection, and which could allow others to see what websites you’re visiting, even when your communication with the website itself is encrypted using HTTPS. Mozilla says it is the first browser to support the new standard by default, and will be rolling it out gradually over the coming weeks in order to address any unforeseen issues.

  • Firefox flips on default DNS over HTTPS to encrypt Internet traffic at the source

    For its part, Mozilla downplays any potential risk and vows to work with companies, schools, and other organizations, as well as ISPs to mitigate concerns over DoH. In a statement to ZDNet, the company said it was “We’re surprised and disappointed that an industry association for ISPs decided to misrepresent an improvement to decades-old internet infrastructure.”

    To use default DoH, you need to update or download the latest version of the Firefox browser (73.0.1). Users can disable default DoH on the Firefox browser—or enable it if you’re outside the U.S.—by visiting the Network tab under General settings and unchecking the Enable DNS over HTTPS box.

Hoping To Combat ISP Snooping, Mozilla Enables Encrypted DNS

  • Hoping To Combat ISP Snooping, Mozilla Enables Encrypted DNS

    Historically, like much of the internet, DNS hasn't been all that secure. That's why Mozilla last year announced it would begin testing something called "DNS over HTTPS," a significant security upgrade to DNS that encrypts and obscures your domain requests, making it more difficult (though not impossible) to see which websites a user is visiting. Obviously, this puts a bit of a wrinkle in government, telecom, or other organizational efforts to use DNS records to block and filter content, or track and sell user activity.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Games: Estranged: Act II, Helltaker and Soldat

  • First person exploration adventure Estranged: Act II is out

    Acting as a standalone sequel to the free Estranged: Act I, solo developer Alan Edwardes has now released Estranged: Act II. It's a first-person adventure that mixes in plenty of exploration in different environments, a few puzzles and a little action and horror too. A thoroughly mixed bag of genres blended together. You assume the role of a lone fisherman, stranded on a mysterious island during a violent storm.

  • Free to Play Puzzle-Dating Sim Helltaker Now Available on Linux and Steam OS

    Vanripper (Lukasz Piskorz) has announced that free to play puzzle-dating sim Helltaker is now available on Linux, and Steam OS. Launching on May 11th, the game is a fusion of visual novel dating sim and puzzle game. You have entered hell for one purpose- to create a harem from cute demon girls. Play through navigation based puzzles with limited moves, and attempt to reach multiple demon girls at the end. These puzzles can be skipped if you desire.

  • Classic multiplayer action game Soldat is now open source

    Soldat, a side-scrolling multiplayer shooter that was ridiculously popular in the early 2000s is now open source. They're now working on Soldat 2, which will be a much upgraded Unity remake with all sorts of advanced features. To give back to the community though, the classic Soldat has been put up on GitHub under the MIT license. Interestingly, this is not the current live version but an in-progess 1.8 build with some key differences

Android Leftovers

Games: SamRewritten, ShellShock, What Never Was

  • Steam Achievement Manager 'SamRewritten' has a new release

    Need to tweak your Steam Achievements? Perhaps a game doesn't correctly unlock them or you want to start fresh again on a game - SamRewritten can help you do that. It's an open source Steam Achievements Manager for Linux and there's a new release out recently.

  • Strategic multiplayer artillery game ShellShock Live is out now

    ShellShock Live is an awesome tribute to games like Scorched Earth, Pocket Tanks, and Worms and after many years in development it's finally released. If you've never played either of those classics (madness), it's a side-scrolling game of artillery. Each player controls a tank they're able to position anywhere they can reach, and you take it in turns to pick a weapon and fire in the hopes of annihilating the other side. It's simple but ShellShock Live advances the classics in many great ways that makes it genuinely super fun. There's fully destructible terrain, upgrades and it can be played in single-player and online.

  • What Never Was: Chapter II gets a boost from an Epic MegaGrant

    What Never Was, a short story-driven adventure game from Acke Hallgren has been given a funding boost for What Never Was: Chapter II. Not played What Never Was? It's a first-person game focused on exploration and puzzle-solving about Sarah, having to shoulder the arduous task of clearing out her grandfathers attic, and soon finds that not everything about the attic is what it seems. The first part has been well received, showing that on a small budget some great experiences can be made and the developer had been planning a sequel. The developer announced on Steam recently, that Epic Games have approved them to get an Epic MegaGrant to help fund development. Hallgren also confirmed it's not going to be an EGS exclusive.

SHIFT13mi Linux-friendly tablet with replaceable mainboard scheduled for 2021 release

German smartphone maker Shift makes phones that are designed to be modular and easy to repair. And now the company has introduced a tablet with the same design ethos. The SHIFT13mi will be a 2-in-1 tablet with a 13.3 inch touchscreen display, a detachable keyboard, support for Windows 10 or Linux, and upgradeable, replaceable, and repairable components. Read more