Re: Mozilla Firefox DoH to CloudFlare by default (for US users)?
On Thu, Sep 12, 2019 at 11:43:33PM +0200, Marco d'Itri wrote:
> On Sep 12, Wouter Verhelst <wouter@debian.org> wrote:
>
> > Except all they need to do is return NXDOMAIN on the
> > "use-application-dns.net" domain, and Presto! they can spy on their
> > users again.
> They need to have a government to compel then to do it, which is not
> obvious.
That's not in the announcement. In fact, it also allows for "opt-in
parental controls", which has nothing to do with governments.
> And then Mozilla will disable that (you can read this clearly
> in their announcement) and figure out a different strategy.
The announcement does indeed mention that, yes. I sincerely doubt
they'll actually do that, though, unless more than, say, 50% of the
networks they measure end up disabling things.
Of course that's just a matter of personal opinion.
> > Meanwhile, Firefox' default sends everything to the other side of the
> > Internet without the user's consent. How does that improve privacy?
> Not really "to the other side": Cloudflare's resolvers are highly
> anycasted.
I admit to using some hyperbole here, but the point was that your data
is being sent to a partner of the software you happen to be using,
without you having a contractual relationship with them.
If your bank did that, you'd yell that it's improper. So why is a
browser allowed to do so?
Don't get me wrong; I applaud Mozilla for trying to make encrypted DNS
the default. I just don't think they're going about it the right way.
--
To the thief who stole my anti-depressants: I hope you're happy
-- seen somewhere on the Internet on a photo of a billboard
Reply to: