Firefox Enables DNS over HTTPS by Default in the United States

Mozilla is turning on DNS over HTTPS by default for users in the United States and is making it available for users throughout the rest of the world if they choose it. The goal is to make it more difficult for Internet service providers (ISP) and other interested third parties to know what websites people access.

Even if a website is secure (HTTPS), it doesn’t mean your ISP or other third-parties can’t intercept the user’s queries. Data collected in this manner could be sold or used for numerous purposes, including targeted ads.

You can keep your activity hidden online in various ways, and that includes simple browser searches and visits. VPNs are a good alternative as the traffic generated by users is encrypted and routed through other servers. But that means a cost increase as most VPN solutions are not free or cheap.

“We know that unencrypted DNS is not only vulnerable to spying but is being exploited, and so we are helping the internet to make the shift to more secure alternatives,” said Mozilla. “We do this by performing DNS lookups in an encrypted HTTPS connection. This helps hide your browsing history from attackers on the network, helps prevent data collection by third parties on the network that ties your computer to websites you visit.”

For now, Firefox uses Cloudflare and NextDNS to encrypt searches as they are both considered trusted resolvers. Also, the new option is slowly being enabled by default only for users in the United States, but that doesn’t mean the rest of the world won’t have access to it, they just need to enable it manually.

“Go to Settings, then General, then scroll down to Network Settings and click the Settings button on the right. From there, go to Enable DNS over HTTPS, then use the pull down menu to select the provider as your resolver.”

DNS over HTTPS won’t be enabled by default in the US where specific policies are enabled, such as parental control or companies that have other settings in place.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Silviu STAHIE. Read the original post at: