DNS (or Domain Name Service) is an old part of internet architecture. DNS lookups are performed after you enter a readable site query, e.g. www.techadvisor.co.uk. Mozilla asserts that “DNS lookups are sent to servers that can spy on your website browsing history without either informing you or publishing a policy about what they do with that information.”
The DoH protocol encrypts both the DNS lookup before you reach the secure HTTPS site, meaning your lookup data is protected from potential interception.
“At the creation of the internet, these kinds of threats to people’s privacy and security were known, but not being exploited yet,” Selena Deckelmann, VP, Firefox Desktop Product Development said in the announcement.
“Today, we know that unencrypted DNS is not only vulnerable to spying but is being exploited, and so we are helping the internet to make the shift to more secure alternatives […] This helps hide your browsing history from attackers on the network, helps prevent data collection by third parties on the network that ties your computer to websites you visit.”
The news is controversial as some lawmakers and industry groups have argued it makes it harder for them to block dangerous websites and have voiced their protest.
DoH is on the latest build of Firefox and is turned on by default in the US only. Users in the rest of the world can turn it on manually by going to Settings, General, Network Settings, and can select which of the two trusted DNS servers to use that Mozilla recommends, either CloudFlare or NextDNS. Both should function identically.
Google Chrome and Microsoft Edge allow you to turn on DoH but they make it really tricky. ZDNet has a great guide to help you do it. Apple’s Safari does not yet support the option.
Henry is Tech Advisor’s Phones Editor, ensuring he and the team covers and reviews every smartphone worth knowing about for readers and viewers all over the world. He spends a lot of time moving between different handsets and shouting at WhatsApp to support multiple devices at once.
