There are some serious concerns with Firefox's plans to turn in DoH. I, for one, am not happy with all Firefox DNS traffic being sent to a US companies servers. See this article for more info:


> Another way one could do is switching the browser from Firefox, but honestly, we don't know to which. In terms of privacy we haven't found something we can recommend to you out there. In fact that's why this step of Mozilla concerns us so much - they have been the last resort for many of us.

We need to make another browser. I like Mozilla and all, but they aren't infallible, and we're completely reliant on them for web access.

@wizzwizz4 Firefox does a lot of good things, though. As long as there an option to easily turn it off I don't see a need to split off to a different browser. It's also a lot of work to build a browser from scratch, so it would probably make sense to fork Firefox and just pull in the changes without the DoH stuff? Just my thoughts. 🙂

@JayT @wizzwizz4 Yandex browser gives you a menu of DNS options, including DoH, DNScrypt, filtering (OpenDNS), etc. I am not suggesting switching to Yandex, only that Firefox could do something similar.

@Limax @wizzwizz4 Firefox does provide a setting to turn it off:
Preferences -> Network Settings -> Enable DNS over HTTPS

@JayT @wizzwizz4 True, but a menu of alternative choices (as well as disabling it) would be ideal.

@wizzwizz4 @JayT Waterfox is a Firefox fork which foregoes a lot of the quite hated features of Firefox (notably Pocket and telemetry, and likely DNS over HTTPS as well). More support for the project could see more developments toward it being its own true project.

If can be found here:

@skunksarebetter @JayT No apt? Your fossmendations always have APT, but I can't find a Debian repo.

Will this Ubuntu one work?

@wizzwizz4 @skunksarebetter @JayT

Not on my Ubuntu desktop right now, but I had a look at the repo through the browser and the waterfox packages seem current. I might give it a try.

@wizzwizz4 My fossmendations do not always have an APT package listed, since not all software has (official) APT repositories, including Waterfox.

I have tested the repository you linked (from and it's at the most recent build, and overall matches well with the precompiled version from the Waterfox website. So yes, it will work quite well.

@skunksarebetter @wizzwizz4 I haven't tried Waterfox, but will have to have a look at it.

IMHO Mozilla and Firefox should be supported by the opensource community as much as possible, by working with them rather than ditching them each time they make a choice that might not be exactly perfect, because I believe they are trying to do the right thing, and we would be much poorer without them.

@simon @JayT Oh, yes, of course. But currently, Mozilla has an effective monopoly. We need more engines.

Surely chrome has the monopoly and we need to encourage the tiny share Firefox has?

@simon @JayT Chrome has the monopoly globally, and we need to encourage Firefox there. Firefox has the monopoly over "people who are aware of privacy issues and like privacy", and we need to create a competitor for Firefox there.

(A competitor for Firefox won't hurt Firefox; competition is good.)

@JayT thanks for sharing. Finally understand what that feature does. Will make sure to disable it.

Any projects going on with securing dns in a better way?

@exstral My understanding is:
DoH in principal is good technology, but it should be set:
* At the OS level (so all apps share DNS behaviour)
* Connecting to your DHCP-provided DoH servers by default

This could be implemented in Linux by systemd-resolved, for example, and in one shot get benefits for everything running on the OS. Also, this would allow users to change their DNS server at the OS level and get privacy for everything on their computer.

@JayT The cartoon is right in a technical sense about data protection rights. However, the EU has not enforced GDPR and some of the worst privacy offenders are European, including some governments.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.