The current version of Firefox now has a built-in preference to use encrypted DNS over HTTPS:
You beat me to posting a note about this. Here are other references:The current version of Firefox now has a built-in preference to use encrypted DNS over HTTPS...
Note, however, that it (by default) sends all your DNS requests to a CloudFlare DNS server.The current version of Firefox now has a built-in preference to use encrypted DNS over HTTPS:
I read the Ars Technica article yesterday. What I found most interesting was the "Promoted Comment" by Ars Technica staff writer Lee Hutchison. The comment can be found at the bottom of the article.You beat me to posting a note about this. Here are other references:
A long time ago I tried changing from the ISP's DNS server to a public server, such as provided by Google, CloudFlare, Level 3, OpenDNS, etc. I gave up and went back to the ISP DNS due to issues with CDN caching.You beat me to posting a note about this. Here are other references:
Well, at least [Cloudflare] fix their mistakes that bork the Internet in a matter of hours.Note, however, that it (by default) sends all your DNS requests to a CloudFlare DNS server. If you don't want to trust them, or if you are running your own DNS server (as I am, in order to resolve names on my home LAN), you will want to change that configuration.
The Register said:Firefox, you know you tapped Cloudflare for DNS-over-HTTPS? In January, it briefly knackered two root servers at the heart of the internet
Probe raises serious questions about private v public web management
For additional perspective, here's a serious Cloudflare security problem ("Cloudbleed") from 2017 that leaked private data...Well, at least [Cloudflare] fix their mistakes that bork the Internet in a matter of hours.
Wired said:Massive Bug May Have Leaked User Data From Millions of Sites. So … Change Your Passwords
The internet infrastructure company Cloudflare, which provides a variety of performance and security services to millions of websites, revealed late Thursday that a bug had caused it to randomly leak potentially sensitive customer data across the internet.
The flaw was first uncovered by Google vulnerability researcher Tavis Ormandy on February 17, but could have been leaking data since as long ago as September 22. In certain conditions, Cloudflare's platform inserted random data from any of its six million customers—including big names like Fitbit, Uber, and OKCupid—onto the website of a smaller subset of customers. In practice, it meant that a snippet of information about an Uber ride you took, or even your Uber password, could have ended up hidden away in the code of another site.
For the most part, the exposed data wasn't posted on well-known or high-traffic sites, and even if it had been it wasn't easily visible. But some of the leaked data included sensitive cookies, login credentials, API keys, and other important authentication tokens, including some of Cloudflare's own internal cryptography keys. And as Cloudflare's service spewed random information, that data was being recorded in caches by search engines like Google and Bing and other systems.
FixMyWP said:Cloudbleed: How Cloudflare's Memory Leak Exposed their Customer Sensitive Data
Cloudflare, the popular Content Delivery Network (CDN) trusted by over 5.5 million websites, has warned customers of a recent bug that releases private information to standard search engines. Due to some unusual circumstances, Cloudflare edge servers would run past the end of a buffer and disclose unauthorized data back to users if that data transversed Cloudflare.
While cyber security is always in flux, the most recent bug with Cloudflare, being called Cloudbleed, is one of the worst cases of data breached over the past few years. In fact, many security experts are saying that this bug is as bad as it ever gets because companies using Cloudflare can’t prove to their customer that their private data is secure.
Brave is not the only "don't phone home" and "never log into Google" browser based on Chromium. I use Iridium.An interesting article about how often browsers phone home:
I did not see anything about "containers" in the release notes for Firefox version 74.0 and I've been using Firefox Containers for over a year. Development started a few years ago and works as Ralph described. For more information, see moz://a's article on Multi-Account Containers.The latest edition of Firefox (74.0) includes a new feature I like: "containers." Assuming they do what Mozilla claims, it's now possible to open new "containers" in tabs which keep their content isolated from trackers in other browser tabs.
As an Amazon Associate I earn from qualifying purchases.