[clug] Trusted Recursive Resolver

jhock at iinet.net.au jhock at iinet.net.au
Mon Aug 6 05:17:15 UTC 2018


Alternatively use Tor browser or Orfox instead of Firefox. 

On 6 August 2018 1:03:36 PM AEST, Bryan Kilgallin via linux <linux at lists.samba.org> wrote:
>{If you are in IT, you have likely heard already about the SPOF, the 
>single point of failure. If the SPOF breaks (like a router), the whole 
>infrastructure will collapse. What Mozilla effectively does is adding a
>
>SPOF for all of their users. But the main problem is not that if 
>cloudflare is down that nobody can surf anymore. No, the real problem
>is 
>that it fully disables anonymity. Think about a whistleblowler who
>wants 
>to send information to a newspaper. In the days before Mozilla's
>change, 
>the DNS resolution was local and could be attacked. However with 
>Mozilla's change, all DNS requests are seen by Cloudflare and in turn 
>also by any government agency that has legal right to request data from
>
>Cloudflare.
>
>Let's stop here for the moment and repeat: With Mozilla's change, any 
>(US) government agency can basically trace you down.
>
>If there is anything wrong with your government (for instance 
>corruption, collusion or fraud) and you have information to publish 
>about it, the government will be able to trace you down. This puts any 
>whistleblower at risk.}
>
>{Update #1: How to turn TRR off
>
>User rendx nicely described on hackernews how to turn off TRR and we 
>want to share this info with you:
>
>     Enter about:config in the address bar
>
>     Search for network.trr
>     Set network.trr.mode = 5 to completely disable it}
>
>https://blog.ungleich.ch/en-us/cms/blog/2018/08/04/mozillas-new-dns-resolution-is-dangerous/
>-- 
>members.iinet.net.au/~kilgallin/
>
>-- 
>linux mailing list
>linux at lists.samba.org
>https://lists.samba.org/mailman/listinfo/linux



More information about the linux mailing list