| Thread Tools |
7th August 2018, 12:43 | #1 |
[M] Reviewer Join Date: May 2010 Location: Romania
Posts: 148,652
| Security experts worry about Firefox upgrade With its next patch Mozilla will introduce two new features to its Firefox browser it calls "DNS over HTTPs" (DoH) and Trusted Recursive Resolver (TRR). Mozilla says this is an additional feature which enables security, however some security experts think it will make you less secure. The new Firefox feature called "Trusted Recursive Resolver" (TRR) will be turned on by default. It means that the DNS changes you configured in your network won't have any effect anymore. At least for browsing with Firefox, because Mozilla has partnered up with Cloudflare, and will resolve the domain names from the application itself via a DNS server from Cloudflare based in the United States. Cloudflare will then be able to read everyone's DNS requests. But according ot security experts at ungleich while it is true that with TRR you may not expose the websites you call to a random DNS server in an untrustworthy network you don't know, it is not true that this increases security in general. "It is true when you are somewhere in a network you don't know, i. e. a public WiFi network, you could automatically use the DNS server configured by the network. This could cause a security issue, because that unknown DNS server might have been compromised. In the worst case it could lead you to a phishing site pretending to be the website of your bank: as soon as you enter your personal banking information, it will be sent straight to the attackers." The outfit said that Mozilla denies that using its Trusted Recursive Resolver would cause a security issue for users who are in a trustworthy network where they know their resolvers, or use the ISP's default. However it does not seem to understand that sharing data or information with any third party, which is Cloudflare in this case, is a security issue. https://fudzilla.com/news/46888-secu...irefox-upgrade |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Gamers make good security experts | Stefan Mileschin | WebNews | 0 | 7th April 2018 04:26 |
Security experts warn against Kaspersky | Stefan Mileschin | WebNews | 0 | 17th October 2017 05:30 |
Security experts wasting time fixing PCs | Stefan Mileschin | WebNews | 0 | 29th May 2017 08:38 |
How to Upgrade Firefox from 32-bit to 64-bit in Windows Without Reinstalling | Stefan Mileschin | WebNews | 0 | 17th March 2017 06:13 |
Firefox has a new security hole, but you can already patch it | Stefan Mileschin | WebNews | 0 | 8th August 2015 15:21 |
US computer security "experts" destroy mice | Stefan Mileschin | WebNews | 0 | 11th July 2013 06:24 |
Security experts hack payment terminals to steal credit card info | Stefan Mileschin | WebNews | 0 | 30th July 2012 07:52 |
UK hosting online treasure hunt to hire cyber security experts | Stefan Mileschin | WebNews | 0 | 19th July 2012 07:44 |
Top 10 reasons why you should upgrade to Firefox 3 | jmke | WebNews | 0 | 18th June 2008 17:41 |
Two serious security holes found in Firefox | Sidney | WebNews | 0 | 9th May 2005 02:56 |
Thread Tools | |
| |