Firefox, the popular browser and a competitor to Chrome and other browsers out there, last week launched a security protocol aimed at protecting its users from malicious actors. The new security protocol referred to as DNS over HTTPS (DoH) ensures that data traveling between your computer and a server is encrypted to thwart attempts to hijack your data.
To understand the new protocol, imagine that you sent a mail with a confidential attachment to your attorney, who replies: “Just click this link to my firm’s page and upload it there.” You trust your lawyer so you upload the documents on the given link. There is just one problem: Your lawyer’s site might have looked legitimate, but it was actually a fake. You have been tricked into providing your confidential attachment to a total stranger through what is known as a ‘man-inthe-middle’ attack.
To prevent these kinds of hoodwinks, Firefox web browser has announced a new security protocol. It is called ‘DNS over HTTPS’, (DoH) and it ensures that data traveling between your computer and a company’s server is encrypted, keeping middleman hackers out of the equation. DNS stands for Domain Name System and HTTPS stands for Hypertext Transfer Protocol Secure.
This cybersecurity approach is being embraced by other browsers and websites, too, just not necessarily by default. You can enable DoH in Chrome, for instance, and even Facebook supports a move to more secure DNS. The most important thing to know is by using DoH you will prevent such ‘man-in-the-middle’ attacks, as well as prevent third-parties that currently have access to data that links your computer to the sites you visit. Last week, Firefox began the rollout of DoH by default only for US-based users.
If you live in another country, you will have to enable the security protocol by going to Settings > General > Networking Settings > and clicking the Settings button on the right. Enable DNS over HTTPS by ticking the checkbox next to that prompt. Even if you do not use Firefox, you can take several precautions within any web browser to protect yourself from man-in-the-middle attacks by making sure that ‘HTTPS’ is always in the URL bar of the websites you visit, and not just HTTP.
