If you’re a Firefox user, probably one of the main reasons you’re using it is for the privacy factor. Unlike the world’s most popular browser, Google’s Chrome, Firefox works hard to protect as much data about the user and their internet habits from everyone out there, no matter if they’re hackers or ISPs.
Today Firefox doubled down on its privacy stance with the announcement that it is switching on its encrypted DNS over HTTPS for every user in America. A short background: DNS, or the Domain Name System, has been a core technology of the internet since its founding. It’s what allows a user to type in a URL, such as www.amazon.com, and be taken to Amazon’s servers, instead of having to type in those servers’ IP addresses (for example, 126.96.36.199). In short, DNS allows computers to lookup an IP address based on the URL entered and send the user to the correct website.
But the DNS system’s very nature has traditionally meant browsers needed to perform DNS lookups unencrypted, even if the website itself was encrypted. This unencrypted DNS meant anyone with a little technical skill and access could in effect see every website a browser, and thus a person, was visiting. As Firefox’s maker, Mozilla, explains, encrypted DNS over HTTPS puts an end to that:
At the creation of the internet, these kinds of threats to people’s privacy and security were known, but not being exploited yet. Today, we know that unencrypted DNS is not only vulnerable to spying but is being exploited, and so we are helping the internet to make the shift to more secure alternatives. We do this by performing DNS lookups in an encrypted HTTPS connection. This helps hide your browsing history from attackers on the network, helps prevent data collection by third parties on the network that ties your computer to websites you visit.
Needless to say, governments and ISPs aren’t happy about encrypted DNS over HTTPS, but Mozilla is moving ahead with turning the feature on by default for all U.S. Firefox users anyway, so they’ll have more privacy protections without having to do a thing.
Mozilla says the encrypted DNS over HTTPS rollout will begin today and “continue over the next few weeks” in a staggered rollout for U.S. users to make sure there are no unexpected hiccups. In the meantime, anyone in the U.S. or the rest of the world can manually enable encrypted DNS over HTTPS in the latest version of the Firefox browser by going to Firefox’s settings and clicking General > Networking Settings > Settings and checking the “Enable DNS over HTTPS” box.