DNS over HTTPS with Firefox

  1.    #1

    DNS over HTTPS with Firefox


    If you are tired of your DNS requests being looked at, or if you just want to encrypt all your Firefox DNS traffic:

    This works in all up to date and beta/nightly versions as of 67.0.4

    With Firefox open, click on the Click image for larger version. 

Name:	menu thingy.png 
Views:	71 
Size:	195 Bytes 
ID:	239865
    and then click Options.

    Scroll all the way down to the bottom where it says Network Settings
    Click image for larger version. 

Name:	OPTIONS.png 
Views:	0 
Size:	42.3 KB 
ID:	239866


    Click on Settings and look at the bottom for these two:
    Click image for larger version. 

Name:	SETTINGS.png 
Views:	0 
Size:	33.0 KB 
ID:	239867


    Check the box to Enable DNS over HTTPS and then select Cloudflare as your Provider.

    Click OK and then close Firefox, and once you reopen it, your DNS will go over HTTPS unless Cloudflare is down, then it will default back to regular.
      My ComputerSystem Spec

  2.    #2

    Unfortunately, the DNS over HTTPS protocol can also be used by malware to encrypt DNS requests.

    First-ever malware strain spotted abusing new DoH (DNS over HTTPS) protocol | ZDNet
      My ComputerSystem Spec

  3. bro67's Avatar
    Posts : 7,017
    Mac OS High Sierra 10.14.3 Beta (18D21c)
       #3

    Your ISP will still see that traffic.
      My ComputerSystem Spec

  4. TairikuOkami's Avatar
    Posts : 3,806
    Home 1903 x64 10.0.18362.267
       #4

    bro67 said: View Post
    Your ISP will still see that traffic.
    ISP will see, to what domain/webpage is user connecting, but not the exact address or the search.

    1 linux malware using an encrypted DNS and thousands malware abusing a normal DNS.
      My ComputerSystem Spec

  5.    #5

    TairikuOkami said: View Post
    1 linux malware using an encrypted DNS and thousands malware abusing a normal DNS.

    True. But now malware can hide what it's doing, thus making it harder to detect.
      My ComputerSystem Spec

  6. TairikuOkami's Avatar
    Posts : 3,806
    Home 1903 x64 10.0.18362.267
       #6

    Ground Sloth said: View Post
    True. But now malware can hide what it's doing, thus making it harder to detect.
    True, this the reason, I really do not like DoH, since it uses regular traffic via port 443, allowed by default. I am not very fond of DoT either, it also uses TCP, so they are both deceptible to MITM. UDP is just that, UDP, hardly exploitable. The problem is the implementation, people can use something like simplednscrypt, but in order to use it, they have to set 127.0.0.1 as DNS server and by that they allow DNS traffic for every software within Windows, potential malware included. My browser has dnscrypt integrated, so I use it just for it alone and I use normal unecrypted DNS for the rest. I am not looking forward to the new protocol QUIC replacing UDP (Google's idea, duh, like evil HTML5) with basically a less secure TCP, a dream come true for every hacker out there. They talk about some nonsense, like UDP being unreliable, I do not recall a single UDP packet ever being lost, we are not in 90s anymore, but they need some excuse to bring this new hell upon us.
      My ComputerSystem Spec



 

Related Threads
Hi all; I have an odd issue with Firefox & Windows 10, with accessing HTTPS websites. The sites are very very slow to load and others do not complete the load cycle. I've had this issue for months now. Just tried the newly released Firefox...
Source: Google Online Security Blog: Heres to more HTTPS on the web!
Solved firefox and https in Browsers and Email
have the latest firefox installed but https web pages do not work on even the latest insider update. doesn't work desktop comp which is win 10 ver 1511 build 10586.63 this has been going on a few weeks now. uninstalled it and reinstalled same...
Read more: Firefox ban on SHA-1 dropped after many locked out of HTTPS sites | ZDNet
Windows 10 access https in Browsers and Email
Hello, We installed the windows 10 in 2 PC. We cannot access remotely the NAS via https address. Before the OS modifications it was OK. Now I have II7 error when I put my address in navigator. Can you help me? Best regards.
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 18:02.
Find Us