On 09/09/2018 at 16:19, Steve Litt wrote: > Hi Taiidan, > > I wouldn't use Firefox if it were the last browser on earth. If you > take Firefox out of the equation, are the Cloudflare public DNS servers > any less secure or more problematic than the Google ones or the > Hurricane electric ones, etc?
Speaking of Mozilla and Google: https://www.ghacks.net/2018/09/09/mozilla-working-on-google-translate-integration-in-firefox/ «Mozilla working on Google Translate integration in Firefox» 😦 > https://www.lifewire.com/free-and-public-dns-servers-2626062 > > Thanks, > > SteveT > > > On Tue, 7 Aug 2018 07:51:40 -0400 > "[email protected]" <[email protected]> wrote: > >> Yet another great choice by mozilla >> >> Cloudflare is such an incredibly obvious intelligence agency ploy to >> gather data but no one talks about this. >> >> https://yro.slashdot.org/story/18/08/05/2353249/security-researchers-express-concerns-over-mozillas-new-dns-resolution-for-firefox >> >> Article included for your security pleasure >> >> "With their next patch Mozilla will introduce two new features to >> their Firefox browser they call "DNS over HTTPs" (DoH) and Trusted >> Recursive Resolver (TRR). Mozilla says this is an additional feature >> which enables security. Researchers think otherwise. From a report: >> So let's get to the new Firefox feature called "Trusted Recursive >> Resolver" (TRR). When Mozilla turns this on by default, the DNS >> changes you configured in your network won't have any effect anymore. >> At least for browsing with Firefox, because Mozilla has partnered up >> with Cloudflare, and will resolve the domain names from the >> application itself via a DNS server from Cloudflare based in the >> United States. Cloudflare will then be able to read everyone's DNS >> requests. >> >> From our point of view, us being security geeks, advertising this >> feature with slogans like "increases security" is rather misleading >> because in many cases the opposite is the case. While it is true that >> with TRR you may not expose the websites you call to a random DNS >> server in an untrustworthy network you don't know, it is not true >> that this increases security in general. It is true when you are >> somewhere in a network you don't know, i. e. a public WiFi network, >> you could automatically use the DNS server configured by the network. >> This could cause a security issue, because that unknown DNS server >> might have been compromised. In the worst case it could lead you to a >> phishing site pretending to be the website of your bank: as soon as >> you enter your personal banking information, it will be sent straight >> to the attackers. >> >> But on the other hand Mozilla withholds that using their Trusted >> Recursive Resolver would cause a security issue in the first place for >> users who are indeed in a trustworthy network where they know their >> resolvers, or use the ISP's default one. Because sharing data or >> information with any third party, which is Cloudflare in this case, >> is a security issue itself." >> _______________________________________________ >> Dng mailing list >> [email protected] >> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng > _______________________________________________ > Dng mailing list > [email protected] > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng -- Alessandro Selli <[email protected]> Tel. 3701355486 VOIP SIP: [email protected] Chiave firma e cifratura PGP/GPG signing and encoding key: BA651E4050DDFC31E17384BABCE7BD1A1B0DF2AE
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
