Firefox and Cliqz offer DNS over HTTPS

 Article for all Cliqz and Firefox users 

	Difficulty: Very easy 

	Importance: Improve security and privacy 

This is important, and a big plus, but what does it mean?

What is DNS?

DNS stands for Domain Name Server. When you enter steveshank.com in a browser, your browser does not have any idea who or where I am or how to get to my site. There are over 1.7 billion websites, and that is much too much for your browser to track. It sees the ending .com and goes to a Domain Name Server (DNS) for .com addresses and asks it for my address The DNS server then looks up steveshank.com, and directs the browser to my hosting service, InMotionHosting, which returns my numeric address. Your browser then takes you to that address.

The problem

The problem is that those DNS servers are constantly under attack, and sometimes miscreants intercept your requests. Then you end up with a phony DNS response returning a fake website masquerading as your bank, financial institution or E-mail account. The Internet's design did not consider this as an attack vector, so DNS has been unprotected.

The Solution(s)

There are a few attempts to solve this problem. Probably the most promising is DoH. DoH stands for DNS Over Https. It uses the same security methods used to protect your online credit card purchases and banking. I explained how this works here, but essentially, SSL (now TLS) does 3 things:

Verifies the identity of both parties ensuring that there isn’t someone intercepting your requests.
Encrypts the messages, ensuring your privacy.
Ensures the messages are not tampered with. You can't be redirected to a fake site.

What Firefox and Cliqz are doing is using the same security protocols used by your bank or other secure website

Enabling DoH in Firefox and Cliqz

Click the Menu icon on the top right corner
Choose Options
Choose General
Scroll to bottom
Under Network Settings choose Settings
At the bottom select Enable DNS over HTTPS

That's it. If you are using parental controls and your software controls DNS, then this might cause a problem and you'll need to de-select the option.

Firefox and Cliqz default to using Cloudflare for their DNS server, but let you choose your own provider. Both Google and Quad 9 support DoH. I prefer Quad 9 because it also protects you from some malware sites. Cloudflare would be my second choice. The time for trusting your ISP to provide your DNS is past.

Keeping clients' computers safe and profitable for over 30 years

Home Forms About Current Newsletter subscribe Search All Articles Browse by Category Security Internet Mobile Business Hardware Fun		Firefox and Cliqz offer DNS over HTTPS Article for all Cliqz and Firefox users Difficulty: Very easy Importance: Improve security and privacy This is important, and a big plus, but what does it mean? What is DNS? DNS stands for Domain Name Server. When you enter steveshank.com in a browser, your browser does not have any idea who or where I am or how to get to my site. There are over 1.7 billion websites, and that is much too much for your browser to track. It sees the ending .com and goes to a Domain Name Server (DNS) for .com addresses and asks it for my address The DNS server then looks up steveshank.com, and directs the browser to my hosting service, InMotionHosting, which returns my numeric address. Your browser then takes you to that address. The problem The problem is that those DNS servers are constantly under attack, and sometimes miscreants intercept your requests. Then you end up with a phony DNS response returning a fake website masquerading as your bank, financial institution or E-mail account. The Internet's design did not consider this as an attack vector, so DNS has been unprotected. The Solution(s) There are a few attempts to solve this problem. Probably the most promising is DoH. DoH stands for DNS Over Https. It uses the same security methods used to protect your online credit card purchases and banking. I explained how this works here, but essentially, SSL (now TLS) does 3 things: Verifies the identity of both parties ensuring that there isn’t someone intercepting your requests. Encrypts the messages, ensuring your privacy. Ensures the messages are not tampered with. You can't be redirected to a fake site. What Firefox and Cliqz are doing is using the same security protocols used by your bank or other secure website Enabling DoH in Firefox and Cliqz Click the Menu icon on the top right corner Choose Options Choose General Scroll to bottom Under Network Settings choose Settings At the bottom select Enable DNS over HTTPS That's it. If you are using parental controls and your software controls DNS, then this might cause a problem and you'll need to de-select the option. Firefox and Cliqz default to using Cloudflare for their DNS server, but let you choose your own provider. Both Google and Quad 9 support DoH. I prefer Quad 9 because it also protects you from some malware sites. Cloudflare would be my second choice. The time for trusting your ISP to provide your DNS is past. Further reading ZDnet article Date: November 2019 This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.
		I attempt to provide reliable information, but make no warranty as to the accuracy or safety of these articles. I disclaim all legal responsibility for what following these instructions may do. Follow my advice at your own risk

Keeping clients' computers safe and profitable for over 30 years

Firefox and Cliqz offer DNS over HTTPS

What is DNS?

The problem

The Solution(s)

Enabling DoH in Firefox and Cliqz

Further reading