Your internet provider knows where you’ve been

If you use Firefox, your web browsing habits will become a bit more mysterious to your internet provider.

Mozilla, the non-profit developer of the Firefox web browser, will make this happen by switching U.S. desktop Firefox users to an encrypted form of the directory assistance behind all internet navigation, as announced in a post last week.

This change involves the Domain Name Service, which lets you get anywhere online by translating your request for a site into the numeric Internet Protocol, or IP, address matching the computer that will deliver the web page in question.

With traditional internet providers, “DNS” sends these queries without the encryption protecting most email and web browsing. So your provider could know the domain names you wanted to visit, as could an eavesdropper online.

That’s the digital equivalent of calling 411 on speakerphone in public – or, for later generations, asking Siri a personal question in a crowded room.

The fact that you checked Amazon might not shock anybody. But your visits to sites of particular presidential candidates or those of certain health-advocacy organizations could expose much more about you.

Firefox will close that loophole by cutting your internet provider and any interlopers out of the loop. Instead, it will send each lookup query via an encrypted link to the network-security firm Cloudflare, which has offered a free and encrypted DNS service since 2018.

Your provider will still see the Internet Protocol addresses of sites you visit – but in many cases, they will only match servers at “content distribution networks” that host multiple companies, leaving little clue about where you went.

Mozilla says this will be switched on automatically “over the next few weeks.”

To see if Firefox’s new feature is active or to turn it on yourself, click the menu button at the top right corner, choose “Preferences,” scroll all the way down to the Network Settings header and click the “Settings” button below that, and check the “Enable DNS over HTTPS” option.

Joseph Lorenzo Hall, senior vice president for a strong internet at the non-profit group Internet Society, called encrypted DNS “an important user-protective move that reduces the amount of digital exhaust out of our devices, homes, and vehicles.”

(Remember that Firefox’s version can’t help other apps on your computer, like your email app. To do that, you’d need to change your computer’s network settings to employ a different DNS – something technically-savvy users have done for years to ride out some ISP breakdowns.)