Mozilla’s Firefox privacy protections will soon include one of the most basic tasks for any web browser: fielding the domain name requests that help you visit websites. The developer will make DNS over encrypted HTTPS the default for the US starting in late September, locking down more of your web browsing without requiring an explicit toggle like before. Your online habits should be that much more private and secure, with fewer chances for DNS hijacking and activity monitoring.
Not every request will use HTTPS. Mozilla is relying on a “fallback” method that will revert to your operating system’s default DNS if there’s either a specific need for them (such as some parental controls and enterprise configurations) or an outright lookup failure. This should respect the choices of users and IT managers who need the feature turned off, Mozilla said. The team is watching out for potential abuses, though, and will “revisit” its approach if attackers use a canary domain to disable the technology.
It could take some time before DNS over HTTPS is widely available. Mozilla will be watching for hiccups before expanding availability. If all goes smoothly, Firefox may become a go-to option for anyone who insists on securing as much of their web traffic as possible.