Firefox is adding another layer of protection for its users – it will start switching users to Cloudflare’s encrypted-Domain Name System (DNS) instead of HTTPS. The change is expected to move across the United States, Ars Technica reports.
The reason for the switch is to help keep nosey internet service providers (ISPs) out of users’ business, such as monitoring which websites they visit and bombarding them with targeted advertising. Recognizing that users are already tracked by large tech companies like Google and Facebook, Firefox maker, Mozilla, said that implementing encrypted DNS offers more secure alternatives to users, Ars Technica says. For example, it will help “hide your browsing history from attackers on the network, [and] helps prevent data collection by third parties on the network that ties your computer to websites you visit,” Mozilla said in a statement.
The new encrypted DNS uses Cloudflare by default, but users have the option to change it to NextDNS in Firefox settings, or enter the address of another encrypted-DNS service. Mozilla also said that it is open to adding more encrypted-DNS providers as long as they pass a list of requirements for privacy.
However, Firefox’s encrypted-DNS won’t be turned on automatically outside of the U.S. (although users outside of the U.S. and U.S-based users can enable it in Firefox’s settings). It will also not be turned on by default in certain cases, too, including when enterprise policies have been set up on a device, or parental controls are detected.
A Competitor on Its Heals
As Mozilla is rolling out its encrypted-DNS solution, Google has its own encrypted DNS plans for Chrome. For the time being, Google’s solution is “in the experimental phase.”
It’s also different than Firefox’s, Ars Technica says. “Instead of automatically switching users to a DNS provider chosen by Google, Chrome sticks with whichever DNS provider the user has selected. If the user-selected DNS provider offers encrypted lookups and is in” a particular list of providers, “Chrome automatically upgrades the user to that DNS provider’s encrypted service. If the user-selected DNS provider isn’t in the list, Chrome makes no changes.”