Comcast and Mozilla strike major privacy deal

The biggest ISP in the U.S. agrees to encrypt DNS lookups in Firefox, ensuring users’ privacy

After a nasty and public dispute over privacy, the makers of Firefox and the United States’ largest ISP are finally joining forces.

What’s it all about? Here’s how it went:

Earlier this year, Mozilla rolled out encrypted DNS over HTTPS (DoH) by default for all U.S.-based Firefox browsers. Firefox users can use this protocol by default while surfing the web, meaning their web traffic is fully encrypted. 

The technology blocks third-party interception and prevents Internet Service Providers from maintaining visibility over users’ activity. To accomplish this, Firefox started routing users’ web traffic to DNS servers hosted by either Cloudflare or NextDNS instead of servers hosted by ISPs or networking companies. 

ISPs didn’t like this and cried foul. In a significant development, the United States’ largest ISP is joining the party.

Mozilla just announced a partnership with Comcast, in which the massive internet service provider will allow encrypted DNS lookups on the Firefox browser.

Comcast is agreeing to turn on encrypted DoH by default for Firefox users on its broadband network, which brings internet service to more than 26 million subscribers.

If they choose, Firefox users on Comcast can still switch to servers hosted by others like Cloudflare or NextDNS, which were already part of Mozilla’s Trusted Recursive Resolver (TRR) program.

“Comcast has moved quickly to adopt DNS encryption technology and we’re excited to have them join the TRR program,” said Eric Rescorla, Firefox CTO. “Bringing ISPs into the TRR program helps us protect user privacy online without disrupting existing user experiences. We hope this sets a precedent for further cooperation between browsers and ISPs.”

These privacy-focused moves typify the approach Mozilla has taken in recent years to fine-tune and differentiate its Firefox browser from a host of competitors like Google Chrome and Microsoft Edge.

However, Mozilla’s shift to DoH angered ISPs, who in the UK previously branded the company an “internet villain” for simply considering implementing the protocol.

That’s why it took some time for Comcast and Mozilla to join forces. Comcast was reluctant because DNS lookups are one of the key methods ISPs deploy when implementing tools like web blockers. DNS lookups are often sent to servers that can allow third-parties to gain access to users’ search and browsing history without their knowledge.

The tech website Ars Technica detailed how Mozilla and Comcast had previously fought over DNS plans. Comcast’s lobbyists complained to Congress about Mozilla’s plans for Firefox. Mozilla in turn accused ISPs of lying to Congress to spread confusion and criticized Comcast specifically.

That’s all in the past now.

“We’re proud to be the first ISP to join with Mozilla to support this important evolution of DNS privacy,” said Jason Livingood, Comcast’s VP of technology policy and standards. “Engaging with the global technology community gives us better tools to protect our customers, and partnerships like this advance our mission to make our customers’ internet experience more private and secure.”

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Lumen’s on-net subsea fiber route connects US with France
Network & Internet

Lumen’s on-net subsea fiber route connects US with France

29 Jul 2021
FCC questions the legitimacy of some rural internet bids
digital divide

FCC questions the legitimacy of some rural internet bids

27 Jul 2021
Ericsson and Verizon reach multi-year agreement on 5G
5G

Ericsson and Verizon reach multi-year agreement on 5G

16 Jul 2021
What is IPSec?
Internet Protocol version 6 (IPv6)

What is IPSec?

30 Jun 2021

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
Zyxel USG Flex 200 review: A timely and effective solution
Security

Zyxel USG Flex 200 review: A timely and effective solution

28 Jul 2021