Comcast and Mozilla strike major privacy deal

The biggest ISP in the U.S. agrees to encrypt DNS lookups in Firefox, ensuring users’ privacy

After a nasty and public dispute over privacy, the makers of Firefox and the United States’ largest ISP are finally joining forces.

What’s it all about? Here’s how it went:

Earlier this year, Mozilla rolled out encrypted DNS over HTTPS (DoH) by default for all U.S.-based Firefox browsers. Firefox users can use this protocol by default while surfing the web, meaning their web traffic is fully encrypted. 

The technology blocks third-party interception and prevents Internet Service Providers from maintaining visibility over users’ activity. To accomplish this, Firefox started routing users’ web traffic to DNS servers hosted by either Cloudflare or NextDNS instead of servers hosted by ISPs or networking companies. 

ISPs didn’t like this and cried foul. In a significant development, the United States’ largest ISP is joining the party.

Mozilla just announced a partnership with Comcast, in which the massive internet service provider will allow encrypted DNS lookups on the Firefox browser.

Comcast is agreeing to turn on encrypted DoH by default for Firefox users on its broadband network, which brings internet service to more than 26 million subscribers.

If they choose, Firefox users on Comcast can still switch to servers hosted by others like Cloudflare or NextDNS, which were already part of Mozilla’s Trusted Recursive Resolver (TRR) program.

“Comcast has moved quickly to adopt DNS encryption technology and we’re excited to have them join the TRR program,” said Eric Rescorla, Firefox CTO. “Bringing ISPs into the TRR program helps us protect user privacy online without disrupting existing user experiences. We hope this sets a precedent for further cooperation between browsers and ISPs.”

These privacy-focused moves typify the approach Mozilla has taken in recent years to fine-tune and differentiate its Firefox browser from a host of competitors like Google Chrome and Microsoft Edge.

However, Mozilla’s shift to DoH angered ISPs, who in the UK previously branded the company an “internet villain” for simply considering implementing the protocol.

That’s why it took some time for Comcast and Mozilla to join forces. Comcast was reluctant because DNS lookups are one of the key methods ISPs deploy when implementing tools like web blockers. DNS lookups are often sent to servers that can allow third-parties to gain access to users’ search and browsing history without their knowledge.

The tech website Ars Technica detailed how Mozilla and Comcast had previously fought over DNS plans. Comcast’s lobbyists complained to Congress about Mozilla’s plans for Firefox. Mozilla in turn accused ISPs of lying to Congress to spread confusion and criticized Comcast specifically.

That’s all in the past now.

“We’re proud to be the first ISP to join with Mozilla to support this important evolution of DNS privacy,” said Jason Livingood, Comcast’s VP of technology policy and standards. “Engaging with the global technology community gives us better tools to protect our customers, and partnerships like this advance our mission to make our customers’ internet experience more private and secure.”

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

Lumen’s on-net subsea fiber route connects US with France
Network & Internet

Lumen’s on-net subsea fiber route connects US with France

29 Jul 2021
FCC questions the legitimacy of some rural internet bids
digital divide

FCC questions the legitimacy of some rural internet bids

27 Jul 2021
Ericsson and Verizon reach multi-year agreement on 5G
5G

Ericsson and Verizon reach multi-year agreement on 5G

16 Jul 2021
What is IPSec?
Internet Protocol version 6 (IPv6)

What is IPSec?

30 Jun 2021

Most Popular

UK gov considers blocking Nvidia's takeover of Arm
Acquisition

UK gov considers blocking Nvidia's takeover of Arm

4 Aug 2021
RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Preparing for AI-enabled cyber attacks
Whitepaper

Preparing for AI-enabled cyber attacks

22 Jul 2021