Language Selection

English French German Italian Portuguese Spanish

Mozilla: DNS/DoH, USA FREEDOM Act, Critiquing Design and Sandboxing

Filed under
Moz/FF
  • Firefox continues push to bring DNS over HTTPS by default for US users

    Today, Firefox began the rollout of encrypted DNS over HTTPS (DoH) by default for US-based users. The rollout will continue over the next few weeks to confirm no major issues are discovered as this new protocol is enabled for Firefox’s US-based users.

    A little over two years ago, we began work to help update and secure one of the oldest parts of the internet, the Domain Name System (DNS). To put this change into context, we need to briefly describe how the system worked before DoH. DNS is a database that links a human-friendly name, such as www.mozilla.org, to a computer-friendly series of numbers, called an IP address (e.g. 192.0.2.1).

  • The Facts: Mozilla’s DNS over HTTPs (DoH)

    The current insecure DNS system leaves billions of people around the world vulnerable because the data about where they go on the internet is unencrypted. We’ve set out to change that. In 2017, Mozilla began working on the DNS-over-HTTPS (DoH) protocol to close this privacy gap within the web’s infrastructure. Today, Firefox is enabling encrypted DNS over HTTPS by default in the US giving our users more privacy protection wherever and whenever they’re online.

  • Goals for USA FREEDOM reauthorization: reforms, access, and transparency

    At Mozilla, we believe that privacy is a fundamental digital right. We’ve built these values into the Firefox browser itself, and we’ve pushed Congress to pass strong legal protections for consumer privacy in the US. This week, Congress will have another opportunity to consider meaningful reforms to protect user privacy when it debates the reauthorization of the USA FREEDOM Act. We believe that Congress should amend this surveillance law to remove ineffective programs, bolster resources for civil liberties advocates, and provide more transparency for the public. More specifically, Mozilla supports the following reforms...

    [...]

    Second, the program may not provide sufficiently valuable insights in the current threat environment. In a recent Senate Judiciary Committee hearing, the government acknowledged that the intelligence value of the program was outweighed by the costs and technical challenges associated with its continued operation. This conclusion was supported by an independent analysis from the Privacy and Civil Liberties Oversight Board (PCLOB), which hopes to publicly release an unclassified version of its report in the near future. Additionally, the shift to other forms of communications may make it even less likely that law enforcement will obtain useful information through this specific authority in the future.

    And finally, some technological shifts may have made the CDR program too complex to implement today. Citing to “technical irregularities” in some of the data obtained from telecom providers under the program, the NSA deleted three years’ worth of CDRs that it was not authorized to receive last June. While the agency has not released a specific explanation, Susan Landau and Asaf Lubin of Tufts University have posited that the problem stems from challenges associated with measures in place to facilitate interoperability between landlines and mobile phone networks.

  • Critiquing Design

    This is me about 25 years ago, dancing with a yoga ball. I was part of a theater company where I first learned Liz Lerman’s Critical Response Process. We used this extensively—it was an integral part of our company dynamic. We used it to develop company work, we used it in our education programs and we even used it to redesign our company structure. It was a formative part of my development as an artist, a teacher, and later, as a user-centered designer.

    What I love about this process is that works by embedding all the things we strive for in a critique into a deceptively simple, step-by-step process. You don’t have to try to remember everything the next time you’re knee-deep in a critique session. It’s knowledge in the world for critique sessions.

  • Firefox for Mac and Linux to get a new security sandbox system

Firefox turns controversial new encryption...

  • Firefox turns controversial new encryption on by default in the US

    Starting today, Mozilla will turn on by default DNS over HTTPS (DoH) for Firefox users in the US, the company has announced. DoH is a new standard that encrypts a part of your internet traffic that’s typically sent over an unencrypted plain text connection, and which could allow others to see what websites you’re visiting, even when your communication with the website itself is encrypted using HTTPS. Mozilla says it is the first browser to support the new standard by default, and will be rolling it out gradually over the coming weeks in order to address any unforeseen issues.

  • Firefox flips on default DNS over HTTPS to encrypt Internet traffic at the source

    For its part, Mozilla downplays any potential risk and vows to work with companies, schools, and other organizations, as well as ISPs to mitigate concerns over DoH. In a statement to ZDNet, the company said it was “We’re surprised and disappointed that an industry association for ISPs decided to misrepresent an improvement to decades-old internet infrastructure.”

    To use default DoH, you need to update or download the latest version of the Firefox browser (73.0.1). Users can disable default DoH on the Firefox browser—or enable it if you’re outside the U.S.—by visiting the Network tab under General settings and unchecking the Enable DNS over HTTPS box.

Hoping To Combat ISP Snooping, Mozilla Enables Encrypted DNS

  • Hoping To Combat ISP Snooping, Mozilla Enables Encrypted DNS

    Historically, like much of the internet, DNS hasn't been all that secure. That's why Mozilla last year announced it would begin testing something called "DNS over HTTPS," a significant security upgrade to DNS that encrypts and obscures your domain requests, making it more difficult (though not impossible) to see which websites a user is visiting. Obviously, this puts a bit of a wrinkle in government, telecom, or other organizational efforts to use DNS records to block and filter content, or track and sell user activity.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

How to Upgrade to Ubuntu 20.04 From Ubuntu 18.04 and 19.10

Here are the steps for you to Upgrade to Ubuntu 20.04 From Ubuntu 18.04 and 19.10. Read more

Ubuntu 20.04 LTS Beta is Available. Download Now.

The beta release of Ubuntu 20.04 LTS is here and it is available for download immediately. The final release is planned on Apr 23, 2020, and this beta release gives early adopters, testers a quick preview on what to expect on the final product. Read more

The cataloging of free software

The Free Software Directory is a collaborative catalog of software aimed to be the primary source for representing all free software. Each free program has its own page in the Directory from which it is possible to study the evolution it has undergone in both technological and legal terms through a chronological system similar to that of Wikipedia. Each catalogued program is distinguished by one or more aliases, and accompanied by a huge amount of information, which goes beyond the pure needs of the end user. Snapshots of the graphic interface, detailed descriptions, change logs, links to social pages, and lists of licenses and dependencies are examples of all the useful information which can be carefully attached by users to each page. Everyone can freely subscribe to the Directory and create new pages, but only the pages reviewed and approved by administrators become visible and indexable. Administrative approvals are always made according to strict rules aimed at preventing the spread of proprietary content. As on Wikipedia, each user can have a self-approved personal page, where they can define their identity and discuss with other users. Users can also include sub-pages on which to publish their thematic articles, and any tools useful for the daily life of the Directory. User access rights are assigned to active users, and all those who demonstrate that they have the necessary technical skills and wish to devote themselves daily to the care of the pages have a chance to be welcomed onto the staff. This serene and flexible organization, based on bonds of trust built on facts and adherence to well-defined common ideals, guarantees that the technological and social development produced by the project is gradual but unstoppable. Thus, any investment of time by volunteers is amply repaid. The project has proved to be a clear success, so much that over the years it has received funding from UNESCO, and is still supported by the Free Software Foundation. The portal boasts the participation of more than 3,000 users from all over the world. Since its creation, it has accumulated more than 80,000 verified and recorded revisions for posterity in the chronology of the MediaWiki pages, all of which are dedicated to facilitating the essential freedoms in more than 16,000 free programs. The portal's ability to adapt and survive was possible not only because of the technical creativity of the staff, but also by the solid ideal at its base. By guaranteeing maximum visibility to free software, it has thus rewarded developers who freely employ their knowledge for the good of humanity. The transition to free licenses is indeed a moral duty of every developer, and the Free Software Directory is deployed at the forefront to facilitate it with great benefit to the world's cultural heritage. Read more

Software: Remote Working, Cockpit, YouTube Tools and Sparky Upgrade

  • FSFE Supporters write about Free Software for remote working

    Due to the ongoing Covid-19 virus outbreak many employees - voluntarily or mandatory - are working remotely now. Many organisations who have not been used to remote working so far now face a number of difficulties adapting to the situation. To avoid potential lock-ins, some FSFE supporters collectively wrote about the good reasons to use Free Software for remote working and collected a detailed list of practical solutions in our wiki. Because of the ongoing Covid-19 virus outbreak many organisations who never previously directed any strategic thought towards the available solutions for remote working in their business now opt for a quick solution and choose to follow the - in the beginning often free of charge - offerings from big tech companies and their proprietary solutions. However, such proprietary solutions lock-in these organisations in the future. Choosing a Free Software solution instead means to opt for a solution that has a future, where your organization no longer depends on a particular vendor or file format or whichever other means those vendors choose to lock you in. Free Software puts you in control.

  • Cockpit 216

    Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 216.

  • Excellent Console-Based YouTube Tools

    YouTube is a video-sharing website, created in February 2005, and purchased by Google in November 2006. The web service lets billions of people find, watch, and share originally-created videos. This service lets you watch a wide variety of user-generated and corporate media video. It also offers a forum for people to communicate with others around the world, and acts as a distribution platform. Mainstream media corporations such as CBS, Vevo, Hulu and the BBC publish some of their catalog via YouTube, as part of the YouTube partnership program. Although some parents might disagree, YouTube is one of the shining lights of the internet. According to a survey of 1,500 American teenagers commissioned by Variety, the top five most influential celebrities are YouTube stars, with mainstream celebs eclipsed. Moreover, there are many thousands of “YouTube celebs” who have spun a full-time career of creating videos. This new wave of young ‘YouTubers’ threaten mainstream entertainment with their direct video blogs and interaction with their millions of mostly teenage devotees.

  • Sparky Upgrade text tool

    There is a tool available for Sparkers, which lets you make full system upgrade in a text mode via just one command: Sparky Upgrade.