DNS over HTTPS (DOH) is coming to Firefox and Android P

Do you know or care that your Internet Service Provider(ISP) tracks every single website you visit on the internet. If you know, then you should care what your ISP does with this data. Because most countries in the world still have weak data protection laws, ISPs can potentially sell this information to the highest bidder without your knowledge.

But as data protection laws catch-up, privacy-focused Tech giants like Mozilla, maker of Firefox browser  are already ahead of the curve. Mozilla plans to make it harder for ISPs and bad guys to track whatever website you visit by directly incorporating what’s called DNS over HTTPS (DOH) into the Firefox browser by  September this year.

Advertisement - Continue reading below

ISPs can tell which website you visit through DNS queries your phone or computer makes to their DNS servers. Now we have already explained in great length what DNS is. But to recap, everytime you type www.facebook.com into your browser, a query is sent to your ISP to determine the IP address of the computer hosting the Facebook website before a connection is made to Facebook. You  can ofcourse change where this query is made by telling your computer to use Google, Cloudflare, IBM or any of these public DNS servers we  listed earlier.

The problem is few people are going to do that geekery. That’s why Mozilla is embedding this functionality right into future versions Firefox. Google is bringing the feature on Android P, the latest version of its mobile Operating system but with a different implementation. According to Google’s Security blog, devices by default automatically upgrade to DNS over TLS if a network’s DNS server supports it. But users who don’t want to use DNS over TLS can turn it off.

Mozilla says they have collaborated with Cloudflare, a renowned Content Distribution Network (CDN) to mask your online activity from your ISP and prying eyes. Cloudflare recently announced a faster DNS server 1.1.1 that supports DNS over HTTPS(DoH). Instead of DNS queries sent in plain-text visible to ISPs and Man-in-the-middle attacks, they are sent over HTTPS encrypting the data the same way your browser does when you visit a secure https website. This way, even hackers can not spoof  you hijacking the DNS request and sending your browser the wrong IP of the requested site.

If you can’t wait till September for this feature, you can try it out on Firefox Nightly and follow instructions on this blog.