Beginning today, February 25, 2020, Mozilla will now automatically send all of their US-based customers’ DNS queries to Cloudflare DNS servers, as opposed to the default DNS servers set by their users via their new feature, DNS-over-HTTPS (DoH).
DoH executes DNS look-ups over an encrypted server instead of just sending them over plaintext, making it more difficult for bad actors to intervene by hiding your browsing history from hackers and protecting your data from third party collectors.
So, is there a catch?
Unfortunately, yes. Mozilla’s handling of the DoH has been criticized, due to the fact that they are using Cloudflare and not even attempting to use instead an encrypted DoH server from their users’ preferred DNS provider. Google, in fact, was able to address that issue when they announced their DoH Chrome feature a few months ago by auto-updating DNS settings to the users’ DoH service of choice, if an encrypted option is available.
And Firefox users anywhere in the world can easily over-ride this automatic feature manually by changing the default DNS server in the settings by going to:
Firefox Settings >Preferences > General > Network Settings > click “Settings” > click “Enable DNS over HTTPS”
Even though it’s not without controversy, it is important to note that Mozilla is the first browser to default its customers to DoH. We are curious to see if any other browsers will decide to follow suit.