Mozilla says it is puzzled by the decision of the UK Internet Service Providers Association to nominate the browser creator as the villain of the year on the Internet in 2019.
The ISPA of the United Kingdom early in This week he proposed Mozilla, a self-proclaimed defender of freedom on the Internet. , as a black hat for its "proposed approach to introducing DNS-over-HTTPS in such a way as to circumvent filtering obligations and parental controls in the United Kingdom, which undermines Internet security standards in the United Kingdom".
The filtering obligation comes from the United Kingdom Digital Economy Act 2017, which includes the requirement that websites offering adult content in the United Kingdom verify the ages of site visitors. The previously delayed policy should have entered into force on July 15, but was delayed again last month in a bureaucratic problem. The rules are expected to take effect in about six months, maybe.
DNS-over-HTTPS (DoH) is a specification designed to close one of several remaining privacy holes that expose web users to scrutiny. It protects online queries sent through the domain name system, so an intermediary in the network can not intercept them and determine which sites the applicants intend to visit.
ISPs that do not provide DNS service can not see DNS queries that go through their networks, but DNS providers. As Cloudflare or Google, among others, still have access to unencrypted queries, and therefore could filter certain sites.
Cloudflare, Google and Mozilla, among others, have been testing the technology, which is compatible with Firefox 60 and later versions. But some organizations worry that improved privacy protects lawbreakers. Last month, the Internet Watch Foundation (IWF), a UK-based advocacy group that fights against images of child sexual abuse online, expressed concern that technology hinders its filter list.
The objection of the ISPA of the United Kingdom is similar: the privacy offered by DoH It makes it easier for people to breach the law by avoiding filtering.
This is so by design: as Google points out in its DoH developer page, "traditional DNS queries and responses are sent over UDP or TCP without encryption, which puts them under surveillance." DNS-based Internet filtering. "
Mozilla finds ISPA's research disconcerting.
" We are surprised and disappointed that an industry association for ISPs decided to twist an Internet infrastructure upgrade for decades. " , a Mozilla spokesperson said in a statement provided to The Register by email. "Despite claims to the contrary, a more private DNS would not prevent the use of content filtering or parental controls in the United Kingdom. United. DNS over HTTPS would offer real security benefits to UK citizens. "
Mozilla insists that its goal is to build a safer Internet and to continue to have a constructive conversation about security with" credible stakeholders " in the UK. "The company did not say whether it considers the ISPA to be a credible actor.
The creator of the browser does not plan to enable DoH by default in the UK." However, we are currently exploring potential partners in the UK. DoH in Europe to bring this important security feature to other Europeans in general, "said company spokesman.
The other contenders of the ISP group for the title of" Internet villain "include Article 13 The Rights Directive of author, to threaten freedom of expression online, and the president of the United States, Donald Trump, for causing confusion in the global supply chain of telecommunications through its blacklist of Huawei and others.
Consequence: at the ISPA awards ceremony on July 11 in London. ®
Balance consumerization and corporate control.