DNS over HTTPS in Firefox

Posted Jun 3, 2018 18:42 UTC (Sun) by niner (subscriber, #26151)
In reply to: DNS over HTTPS in Firefox by roc
Parent article: DNS over HTTPS in Firefox

How on earth can telling a US corporation about every single site I visit be considered a privacy win?? Because of a privacy agreement with another US corporation (Mozilla or how they call it in the text "Firefox") that the user is not part of? Or the "promise" where every clause is somehow qualified? Like they promise to not sell _personal_ information or user identifiers, but what about the other data? "Anonymous user X visits the following sites". That's certainly enough of a fingerprint already. Or the promise to not sell, license, sublicense, etc. the data without Mozilla's permission. Oh how nice. They ask Mozilla. Good that they won't ask me...

DNS over HTTPS in Firefox

Posted Jun 3, 2018 19:08 UTC (Sun) by paulj (subscriber, #341) [Link] (1 responses)

And how does this re-direction of personally sensitive DNS traffic to a specific US corporation interact with the EU GDPR?

DNS over HTTPS in Firefox

Posted Jun 3, 2018 23:35 UTC (Sun) by knan (subscriber, #3940) [Link]

I think it interacts as follows: turn this on by default, in order to get Mozilla fined to oblivion.

It's complete madness. :)

DNS over HTTPS in Firefox

Posted Jun 3, 2018 21:54 UTC (Sun) by roc (subscriber, #30627) [Link] (4 responses)

Do you have similar or better privacy agreements with everyone who can see your DNS traffic today? If not, this is a privacy win for you.

99% of users don't, so this is a privacy win for them.

If you take the position that Mozilla should never make DoH the default in Firefox for "reasons", then you're saying that those reasons are more important than giving those users that privacy win.

DNS over HTTPS in Firefox

Posted Jun 3, 2018 23:43 UTC (Sun) by knan (subscriber, #3940) [Link] (1 responses)

In repressive regimes, this will be blocked.

In Europe, this will be illegal to do by default.

In the US, this might almost be a reasonable thing if you could trust a company, but the US is broken and most big companies are not to be trusted. And the US is not 99% of users.

DNS over HTTPS in Firefox

Posted Jun 4, 2018 10:15 UTC (Mon) by roc (subscriber, #30627) [Link]

> In repressive regimes, this will be blocked.
> In Europe, this will be illegal to do by default.

I do not think either of these will be true, but we'll have to see.

> In the US, this might almost be a reasonable thing if you could trust a company, but the US is broken and most big companies are not to be trusted.

In the US, Cloudflare and Mozilla are a lot better then the telcos.

DNS over HTTPS in Firefox

Posted Jun 4, 2018 9:42 UTC (Mon) by niner (subscriber, #26151) [Link] (1 responses)

I say again: I do not have any privacy agreement with Cloudflare. None. Mozilla (foundation? corporation?) might have some agreement, but I am not a party of this. So no, that's not really any hurdle to climb. Who can see my DNS traffic? If I don't go to any lengths like using a VPN, it's my employer, whom I do kinda trust and it's my ISP. Which is an Austrian corporation under Austrian law which has had real privacy provisions for a long time and which recently got real teeth as well. And yes, this law requires the corporation to tell me any time what they do with my data and which prohibits it from selling or sharing it with anyone and which requires them to keep it safe.

That's pretty much the opposite of Cloudflare which is based in a country that right about now is even less trustworthy than China. Because China at least so far keeps its agreements and they are kind of predictable.

So in short: no, I have agreements with neither Cloudflare, nor the local companies that get my DNS data. But I don't need one because here we have laws for protecting our data. And that's true for a rather large part of your user base. So I very much doubt the 99 % claim.

DNS over HTTPS in Firefox

Posted Aug 13, 2018 13:51 UTC (Mon) by JanC_ (guest, #34940) [Link]

Cloudflare has a large presence in the EU though, so they would be required to follow European privacy laws just like your employer & ISP.