Comcast and Mozilla strike major privacy deal

The biggest ISP in the U.S. agrees to encrypt DNS lookups in Firefox, ensuring users’ privacy

After a nasty and public dispute over privacy, the makers of Firefox and the United States’ largest ISP are finally joining forces.

What’s it all about? Here’s how it went:

Earlier this year, Mozilla rolled out encrypted DNS over HTTPS (DoH) by default for all U.S.-based Firefox browsers. Firefox users can use this protocol by default while surfing the web, meaning their web traffic is fully encrypted. 

The technology blocks third-party interception and prevents Internet Service Providers from maintaining visibility over users’ activity. To accomplish this, Firefox started routing users’ web traffic to DNS servers hosted by either Cloudflare or NextDNS instead of servers hosted by ISPs or networking companies. 

ISPs didn’t like this and cried foul. In a significant development, the United States’ largest ISP is joining the party.

Mozilla just announced a partnership with Comcast, in which the massive internet service provider will allow encrypted DNS lookups on the Firefox browser.

Comcast is agreeing to turn on encrypted DoH by default for Firefox users on its broadband network, which brings internet service to more than 26 million subscribers.

If they choose, Firefox users on Comcast can still switch to servers hosted by others like Cloudflare or NextDNS, which were already part of Mozilla’s Trusted Recursive Resolver (TRR) program.

“Comcast has moved quickly to adopt DNS encryption technology and we’re excited to have them join the TRR program,” said Eric Rescorla, Firefox CTO. “Bringing ISPs into the TRR program helps us protect user privacy online without disrupting existing user experiences. We hope this sets a precedent for further cooperation between browsers and ISPs.”

These privacy-focused moves typify the approach Mozilla has taken in recent years to fine-tune and differentiate its Firefox browser from a host of competitors like Google Chrome and Microsoft Edge.

However, Mozilla’s shift to DoH angered ISPs, who in the UK previously branded the company an “internet villain” for simply considering implementing the protocol.

That’s why it took some time for Comcast and Mozilla to join forces. Comcast was reluctant because DNS lookups are one of the key methods ISPs deploy when implementing tools like web blockers. DNS lookups are often sent to servers that can allow third-parties to gain access to users’ search and browsing history without their knowledge.

The tech website Ars Technica detailed how Mozilla and Comcast had previously fought over DNS plans. Comcast’s lobbyists complained to Congress about Mozilla’s plans for Firefox. Mozilla in turn accused ISPs of lying to Congress to spread confusion and criticized Comcast specifically.

That’s all in the past now.

“We’re proud to be the first ISP to join with Mozilla to support this important evolution of DNS privacy,” said Jason Livingood, Comcast’s VP of technology policy and standards. “Engaging with the global technology community gives us better tools to protect our customers, and partnerships like this advance our mission to make our customers’ internet experience more private and secure.”

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Security best practices for PostgreSQL

Securing data with PostgreSQL

Download now

Transform your MSP business into a money-making machine

Benefits and challenges of a recurring revenue model

Download now

The care and feeding of cloud

How to support cloud infrastructure post-migration

Watch now

Recommended

Verizon recalls millions of hotspot devices due to fire hazard
wifi & hotspots

Verizon recalls millions of hotspot devices due to fire hazard

9 Apr 2021
How to measure your network bandwidth
broadband

How to measure your network bandwidth

26 Mar 2021
Samsung and Marvell develop low-power SoC to support 5G
system on chip (SoC)

Samsung and Marvell develop low-power SoC to support 5G

26 Mar 2021
Facebook cancels undersea cable to Hong Kong
Network & Internet

Facebook cancels undersea cable to Hong Kong

11 Mar 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Data belonging to 500 million LinkedIn users found for sale on hacker marketplace
hacking

Data belonging to 500 million LinkedIn users found for sale on hacker marketplace

8 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021