The developers of Firefox and Chrome, two of the world's most popular web browsers, are testing a feature which encrypts domain name lookups and transmits them over the secure HTTPS protocol. This special type of domain name lookup is called DNS over HTTPS (DoH). The intention is to hide the names of servers a user is contacting by encrypting the DNS traffic, which is usually sent across the network in a way which makes it visible to anyone watching for it. While the added security sounds appealing to many users there are two issues many people are raising against DoH being included in web browsers. The first is this allows the web browsers to ignore system-wide DNS settings, which side-steps the administrator's configuration and may prevent host-based ad blocking tools from working. The second is all DoH lookups are sent to a single, third-party such as Cloudflare. This may allow Cloudflare to collect a large amount of information about most web users.
The OpenBSD team has decided to remove the DoH feature from their Firefox package to avoid having the operating system's DNS settings side-stepped. "While encrypting DNS might be a good thing, sending all DNS traffic to Cloudflare by default is not a good idea. Applications should respect OS configured settings. The DoH settings still can be overriden if needed."
Star Labs - Laptops built for Linux.
View our range including the Star Lite, Star LabTop and more. Available with a choice of Ubuntu, Linux Mint or Zorin OS pre-installed with many more distributions supported. Visit Star Labs for information, to buy and get support.