Firefox 114 updates security and improves DNS over HTTPS accessibility. Firefox 114.0 and the ESR release are available for all supported platforms. The updates will be released later on June 6th, if you are reading this on the day. https://www.ghacks.net/2023/06/06/firefox-114-updates-security-and-improves-dns-over-https-accessibility/ https://www.mozilla.org/en-US/firefox/114.0/releasenotes/
Just an FYI that I was checking Firefox v114 to see the new settings for DNS over HTTPS (DoH) and was surprised to see that:
- The old check box at General | Settings | Network Settings | Settings | Enable DNS over HTTPS has disappeared in FF v114 (see my 09-Apr-2022 images in ALF60's Firefox 99.0 where I noted that my default DNS resolver was automatically set to CIRA Canadian Shield rather than Cloudflare because I live in Canada) and,
- The new setting in FF v114 at Privacy & Secruity | DNS over HTTPS | Enable Secure DNS Using: was automatically set to Default Protection, which means that DoH is still active but now uses a local provider (in my case, my local provider is my ISP, Shaw Communications) instead of a public DNS resolver like CIRA Canadian Shield or Cloudflare. In order to use CIRA Canadian Shield or Cloudflare again I would have to change my Firefox DoH setting from Default Protection to Increased Protection.
I'm not sure now if it's better to leave FF v114 setting at Default Protection. The new Mozilla support article Configure DNS over HTTPS Protection Levels in Firefox says that "Default protection allows you to use local providers when possible. It disables DoH when VPN, parental control or enterprise policies are active or when a network tells Firefox not to use secure DNS."
I know very little about DoH, so I'd be interested in hearing how other Firefox v114 users are configuring their new setting at Privacy & Security | DNS over HTTPS | Enable Secure DNS Using: and/or their opinion about using a local provider (e.g., their ISP) vs a public DNS resolver like Cloudflare. For example, I have no idea if local providers like my ISP currently include the same malicious site blocking that most public DNS resolvers like Cloudflare do.
---------------
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.2965 * Firefox v114.0.0 * uBlock Origin for FF v1.49.2 * Malwarebytes Browser Guard for FF v2.6.3 * Microsoft Defender v4.18.23050.3-1.1.23050.3 * Malwarebytes Premium v4.5.29.268-1.0.2022 * Macrium Reflect Free v8.0.7279