This month Firefox will make DNS over encrypted HTTPS the default for the U.S., with a gradual roll-out starting in late September, reports Engadget:
Your online habits should be that much more private and secure, with fewer chances for DNS hijacking and activity monitoring.
Not every request will use HTTPS. Mozilla is relying on a “fallback” method that will revert to your operating system’s default DNS if there’s either a specific need for them (such as some parental controls and enterprise configurations) or an outright lookup failure. This should respect the choices of users and IT managers who need the feature turned off, Mozilla said. The team is watching out for potential abuses, though, and will “revisit” its approach if attackers use a canary domain to disable the technology.
Users will be given the option to opt-out, explains Mozilla’s official announcement. “After many experiments, we’ve demonstrated that we have a reliable service whose performance is good, that we can detect and mitigate key deployment problems, and that most of our users will benefit from the greater protections of encrypted DNS traffic.”
“We feel confident that enabling DNS-over-HTTPS by default is the right next step.”
of this story at Slashdot.
Source:: Slashdot