[OPLIN 4cast] OPLIN 4Cast #664: Is this new option from Mozilla actually better for privacy?

OPLIN OPLIN support at oplin.ohio.gov
Wed Sep 18 10:30:08 EDT 2019 

Email not displaying correctly? View it in your browser.
<http://www.oplin.org/4cast/>
[image: OPLIN 4Cast]

OPLIN 4Cast #664: Is this new option from Mozilla actually better for
privacy?
September 18th, 2019

[image: DNS. Domain Name System. Network Web Communication. Internet and
digital technology concept] A few years ago, a library was having trouble
implementing Umbrella OpenDNS
<https://www.oplin.ohio.gov/internet-filtering-service> at a branch. The
trouble, we discovered, was that the branch's ISP was, unannounced,
redirecting all DNS queries to its own servers. They may have been doing
this for speed, convenience, or security, but it also gave them the ability
to reassign names and redirect traffic, or to collect and sell customers'
internet activity.

Recently, Mozilla announced that the Firefox internet browser will soon
begin using DNS-over-HTTPS, commonly abbreviated *DoH*; Google has similar
plans for Chrome. DoH hides domain name lookups from your ISP or anyone
else on your network, including public WiFi. But the increased privacy
comes at a cost (disabling the use of DNS to block malware or manage other
filtering policies and preferences), and commentators are ambivalent.

   -
   - Google Unveils DNS-over-HTTPS (DoH) Plan, Mozilla's Faces Criticism
   <https://www.bleepingcomputer.com/news/technology/google-unveils-dns-over-https-doh-plan-mozillas-faces-criticism/>
   [*BleepingComputer*] "Mozilla is about to 'break DNS' because Cloudflare
   will be used for DNS resolution over what was assigned by system
   administrator. This will leak the names of all the websites you visit...to
   Cloudflare."
   - Firefox Plans Controversial New Encryption Setting For Millions, And
   Update Starts This Month
   <https://www.forbes.com/sites/zakdoffman/2019/09/08/firefox-announces-major-new-encryption-default-to-protect-millions-of-users/#731731918c05>
   [*Forbes*] "Firefox will 'fallback' to 'operating system defaults for
   DNS' when there is a user-driven requirement—this would include child
   protection technology being in place or enterprise controls. So,
   essentially, if the browser is trying to limit which sites can be visited,
   Firefox will look to respect that and not override the system."
   - Encrypted DNS Could Help Close the Biggest Privacy Gap on the
   Internet. Why Are Some Groups Fighting Against It?
   <https://www.eff.org/deeplinks/2019/09/encrypted-dns-could-help-close-biggest-privacy-gap-internet-why-are-some-groups>
   [*Electronic Frontier Foundation*] "EFF is very excited about the
   privacy protections that DoH will bring, especially since many Internet
   standards and infrastructure developers have pointed to unencrypted DNS
   queries as an excuse to delay turning on encryption elsewhere in the
   Internet. But as with any fundamental shift in the infrastructure of the
   Internet, DoH must be deployed in a way that respects the rights of the
   users."
   - Web Browsers and DNS over HTTPS default
   <https://support.umbrella.com/hc/en-us/articles/360001371526-Web-Browsers-and-DNS-over-HTTPS-default>
   [*Umbrella.com*] "To protect your Umbrella deployment, Umbrella has now
   included DoH providers into the Proxy/Anonymizer content category. When
   this category is blocked, the browser will fail to resolve the hostname of
   the DoH server, and revert to standard system DNS where Umbrella is
   covering your DNS."

*From the Ohio Web Library <http://ohioweblibrary.org>:*

   - "Internet Corporation for Assigned Names and Numbers (ICANN)
   <https://proxy.oplin.org:2232/advanced/article?id=ar750230&st=dns>." *World
   Book Advanced*, World Book, 2019.
   - “Cloudflare Launches 1.1.1.1 DNS Service to Improve Internet Privacy
   <https://proxy.oplin.org:2111/login.aspx?direct=true&db=f5h&AN=128867357&site=ehost-live>
   .” *EWeek*, Apr. 2018, p. 1.
   - Foner, Lenny. “Fixing a Flawed Domain Name System
   <https://proxy.oplin.org:2111/login.aspx?direct=true&db=buh&AN=11950426&site=ehost-live>
   .” *Communications of the ACM*, vol. 44, no. 1, Jan. 2001, pp. 19–21.

------------------------------
The *OPLIN 4cast* is a weekly compilation of recent headlines, topics, and
trends that could impact public libraries. You can subscribe to it in a
variety of ways, such as:

   - *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
   subscribing to the following URL:
   http://www.oplin.org/4cast/index.php/?feed=rss2.
   - *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
   OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
   http://lists.oplin.org/mailman/listinfo/OPLIN4cast.

© 2019 Ohio Public Library Information Network
[image: Find us on Slideshare] <http://www.slideshare.net/oplin>  [image:
Find us on Facebook] <http://www.facebook.com/oplin.org>  [image: Find us
on Google+] <https://plus.google.com/107751358238995507967>  [image: Find
us on Twitter] <http://www.twitter.com/oplin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20190918/edfa432f/attachment.html>

More information about the OPLIN4cast mailing list