:: Re: [DNG] Mozilla and cloudflare to…
Top Page
Delete this message
Reply to this message
Author: Alessandro Selli
Date:  
To: dng
Subject: Re: [DNG] Mozilla and cloudflare to hijack all your DNS requests -for your own good of course
On 09/09/2018 at 16:19, Steve Litt wrote:
> Hi Taiidan,
>
> I wouldn't use Firefox if it were the last browser on earth. If you
> take Firefox out of the equation, are the Cloudflare public DNS servers
> any less secure or more problematic than the Google ones or the
> Hurricane electric ones, etc?


  Speaking of Mozilla and Google:

https://www.ghacks.net/2018/09/09/mozilla-working-on-google-translate-integration-in-firefox/

«Mozilla working on Google Translate integration in Firefox»

😦


> https://www.lifewire.com/free-and-public-dns-servers-2626062
>
> Thanks,
>
> SteveT
>
>
> On Tue, 7 Aug 2018 07:51:40 -0400
> "Taiidan@???" <Taiidan@???> wrote:
>
>> Yet another great choice by mozilla
>>
>> Cloudflare is such an incredibly obvious intelligence agency ploy to
>> gather data but no one talks about this.
>>
>> https://yro.slashdot.org/story/18/08/05/2353249/security-researchers-express-concerns-over-mozillas-new-dns-resolution-for-firefox
>>
>> Article included for your security pleasure
>>
>> "With their next patch Mozilla will introduce two new features to
>> their Firefox browser they call "DNS over HTTPs" (DoH) and Trusted
>> Recursive Resolver (TRR). Mozilla says this is an additional feature
>> which enables security. Researchers think otherwise. From a report:
>> So let's get to the new Firefox feature called "Trusted Recursive
>> Resolver" (TRR). When Mozilla turns this on by default, the DNS
>> changes you configured in your network won't have any effect anymore.
>> At least for browsing with Firefox, because Mozilla has partnered up
>> with Cloudflare, and will resolve the domain names from the
>> application itself via a DNS server from Cloudflare based in the
>> United States. Cloudflare will then be able to read everyone's DNS
>> requests.
>>
>> From our point of view, us being security geeks, advertising this
>> feature with slogans like "increases security" is rather misleading
>> because in many cases the opposite is the case. While it is true that
>> with TRR you may not expose the websites you call to a random DNS
>> server in an untrustworthy network you don't know, it is not true
>> that this increases security in general. It is true when you are
>> somewhere in a network you don't know, i. e. a public WiFi network,
>> you could automatically use the DNS server configured by the network.
>> This could cause a security issue, because that unknown DNS server
>> might have been compromised. In the worst case it could lead you to a
>> phishing site pretending to be the website of your bank: as soon as
>> you enter your personal banking information, it will be sent straight
>> to the attackers.
>>
>> But on the other hand Mozilla withholds that using their Trusted
>> Recursive Resolver would cause a security issue in the first place for
>> users who are indeed in a trustworthy network where they know their
>> resolvers, or use the ISP's default one. Because sharing data or
>> information with any third party, which is Cloudflare in this case,
>> is a security issue itself."
>> _______________________________________________
>> Dng mailing list
>> Dng@???
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng


--
Alessandro Selli <alessandroselli@???>
Tel. 3701355486
VOIP SIP: dhatarattha@???
Chiave firma e cifratura PGP/GPG signing and encoding key:
BA651E4050DDFC31E17384BABCE7BD1A1B0DF2AE