09 Sep 2019
Soon, Firefox will encrypt domain name requests by default
The protocol, according to a blog post from Mozilla Corporation, will be enabled by default to encrypt domain name requests and make your browsing habits (the sites you open) more private and secure.
Here's all you need to know about DoH.
But, what exactly is the problem?
The Domain Name System (DNS) of the internet comes with plenty of advantages but is also susceptible to hijacking.
Attackers can use the DNS traffic to profile and monitor your IP address and browsing activities or to intercept and manipulate your specific requests.
Now, this is the exact problem Mozilla is looking to eliminate with the DoH protocol.
What DoH would do?
As the name indicates, Domain-over-HTTPS would encrypt the DNS traffic, thereby encrypting the very act of accessing a site from the user's end.
It will mask the website address and bypass local DNS nameservers and Internet Service Providers to send the user request directly to a central server.
This, Mozilla says, will ultimately eliminate the risk of DNS hijacking, spying, and activity monitoring altogether.
However, using DoH would mean compromising as well
As the DoH protocol would bypass local ISPs, the filters and protections placed by them would also go away.
This means that dangerous, prohibited, or blacklisted sites related to sexual exploitation, terrorism, illegal activity may become easily accessible to the users.
However, Mozilla says it is working with ISPs and parental control operators to detect necessary protections and disable DoH automatically.
Wider roll-out might take time
Mozilla is planning DoH protocol only for Firefox users in the US.
The company has not said when it would bring the service to other parts of the world, but considering that it is still working on it and taking feedback, we expect the wider roll-out might take some time.
If all goes smoothly, most users would eventually switch to Firefox for safe browsing.