Slashdot Mirror
Security Researchers Express Concerns Over Mozilla's New DNS Resolution For Firefox (ungleich.ch)
With their next patch Mozilla will introduce two new features to their Firefox browser they call "DNS over HTTPs" (DoH) and Trusted Recursive Resolver (TRR). Mozilla says this is an additional feature which enables security. Researchers think otherwise. From a report: So let's get to the new Firefox feature called "Trusted Recursive Resolver" (TRR). When Mozilla turns this on by default, the DNS changes you configured in your network won't have any effect anymore. At least for browsing with Firefox, because Mozilla has partnered up with Cloudflare, and will resolve the domain names from the application itself via a DNS server from Cloudflare based in the United States. Cloudflare will then be able to read everyone's DNS requests.
From our point of view, us being security geeks, advertising this feature with slogans like "increases security" is rather misleading because in many cases the opposite is the case. While it is true that with TRR you may not expose the websites you call to a random DNS server in an untrustworthy network you don't know, it is not true that this increases security in general. It is true when you are somewhere in a network you don't know, i. e. a public WiFi network, you could automatically use the DNS server configured by the network. This could cause a security issue, because that unknown DNS server might have been compromised. In the worst case it could lead you to a phishing site pretending to be the website of your bank: as soon as you enter your personal banking information, it will be sent straight to the attackers.
But on the other hand Mozilla withholds that using their Trusted Recursive Resolver would cause a security issue in the first place for users who are indeed in a trustworthy network where they know their resolvers, or use the ISP's default one. Because sharing data or information with any third party, which is Cloudflare in this case, is a security issue itself.
From our point of view, us being security geeks, advertising this feature with slogans like "increases security" is rather misleading because in many cases the opposite is the case. While it is true that with TRR you may not expose the websites you call to a random DNS server in an untrustworthy network you don't know, it is not true that this increases security in general. It is true when you are somewhere in a network you don't know, i. e. a public WiFi network, you could automatically use the DNS server configured by the network. This could cause a security issue, because that unknown DNS server might have been compromised. In the worst case it could lead you to a phishing site pretending to be the website of your bank: as soon as you enter your personal banking information, it will be sent straight to the attackers.
But on the other hand Mozilla withholds that using their Trusted Recursive Resolver would cause a security issue in the first place for users who are indeed in a trustworthy network where they know their resolvers, or use the ISP's default one. Because sharing data or information with any third party, which is Cloudflare in this case, is a security issue itself.
I run my own local recursorsive nameservers even on my portable devices. totally not interested in using anyone's resolvers but my own. I hope they publish instructions on how to bypass the behavior.
Sorry I'll have to pass how Firefox these days. They are making to many decisions that really should be mine not there's. This should be a opt in if it happens at all. A lot of us use chosen DNS servers thank you very much Mozilla but no thanks.
I dropped them years ago for their willingness to fuck with standard network behavior. If I put an address in, I want my browser to ask my OS to resolve it. Period. I don't want to search for the thing if it's not found. I don't want someone's re-implemented name service protocol. I certainly don't want some half-assed application written by some half-assed application developer to try to re-invent how networking works, along with all the ways we already figured out that networking could be attacked for the last four decades.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
They should be allowed to do so, at the OS level.
The summary didn't mention if this "feature" was possible to disable.
I DO NOT want every freaking app to use a different DNS to resolve my queries.
> They are making to many decisions that really should be mine not there's. A lot of us use chosen DNS servers
Like you, I would turn it off. I also recognize that 99.9% of users don't know what DNS is. So that goes to the question of "they [Firefox] are making too many decisions that should be mine, not theirs". I would say the *defaults* should be selected based on what is best for the 99% of users who can't and won't make a choice. Settings should be available for the 0.1% who will use them.
That said, I'm not convinced that this particular choice is best for the 99% who don't know what we're talking about. That's an entirely separate question.
It's a shame you're reaching such a radical decision with no clear indication of how you'll achieve this desired end. The other popular browsers (Edge, Safari, Chrome, or Opera) are proprietary (nonfree software, user-subjugating software). So without more information it seems like you're likely going to choose a browser that will, ironically, give you considerably less control over your browser and you'll end up making a choice to have fewer "decisions that really should be mine not [theirs]". You're overreacting in response to something that is literally a preference change away (as far as we know now). Encrypted DNS lookups could be a very good thing, but pushing users into using a particular DNS server is bad and choosing an organization with a track record for going back on their promises (as Cloudflare is famous for doing) makes this decision worse.
But regardless of the change or how easy it is to switch the behavior back to using only your preferred DNS server and never informing an unwanted third-party about your browsing, the saving grace of Firefox remains the same: Firefox is licensed such that one can make a free derivative browser (as others have done). We're all allowed to inspect the code, make changes, run the now-trusted version, and help others by distributing a derivative browser. You can't legally do any of that with other popular browsers.
We make free software better by improving it and using the improved versions, not abandoning free software when it becomes inconvenient or undesirable. The privacy you obviously, and rightly, want to keep depends on software freedom.
Digital Citizen
Mozilla employee here, though not involved with this project.
The hipsters will be fine, as the most likely setting falls back to the system DNS when TRR fails. For a little more detail see: https://wiki.mozilla.org/Trust...
Mozilla employee here, though not involved with this project.
Will Mozilla be disclosing its financial relationship with cloudflare and provide a full accounting of funds it receives as a result of this insanity?
Why trust them? A lot of dead links on their website, GitHub, Facebook, their "network", even their other website ideal-hosting.com isn't resolving.
All I can find is that they are some IT/Media company from Munich, Germany.