• Firefox 114 offering Secure DNS Options – does AT&T ISP Support?

    Home » Forums » AskWoody support » Questions: Browsers and desktop software » Updates for browsers, apps and add-ins » Firefox 114 offering Secure DNS Options – does AT&T ISP Support?

    Author
    Topic
    Tex265
    AskWoody Plus
    June 6, 2023 at 12:36 pm #2564313

    Question in Title above.

    FF 114 now has 4 Secure DNS options.

    I can’t find if AT&T provides or supports Secure DNS.

    It also appears from internet commentary that AT&T does not allow users to change the DNS provider from AT&T.

    What Firefox DNS option to select to not mess AT&T ISP connections up?

    Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)
    • This topic was modified 1 year, 9 months ago by Tex265.
    Reply | Quote
    Viewing 3 reply threads
    Author
    Replies
    • Alex5723
      AskWoody Plus
      June 6, 2023 at 2:15 pm #2564326

      Select nothing : off

      Reply | Quote
      • Mothy
        AskWoody Lounger
        June 10, 2023 at 11:52 am #2565109

        I always leave the setting off as well as I do not want Firefox (or any other application) to use anything other than the DNS settings of the operating system itself where the local hosts file is also included to resolve domain names. Otherwise Firefox would bypass my blocking hosts file (ex. StevenBlack) and be exposed to all the ad networks and known malicious Internet websites that the file normally blocks which would greatly reduce the privacy and security of the web browser (or any application that can access the Internet).

        Reply | Quote
    • Tex265
      AskWoody Plus
      June 6, 2023 at 3:41 pm #2564341

      Well, maybe not.

      In doing more research, it appears under my current FF 113 there is a Setting that I was unaware of.

      Settings>General>Network Settings>Enable DNS over HTTPS (all the way at the bottom of the screen)>Provider = Cloudflare (Default selected).

      So apparently FF has been providing some level of Secure DNS for some time!

      Not sure how AT&T is dealing with it, or are they overriding the request?

       

       

       

      Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)
      Reply | Quote
      • Microfix
        AskWoody MVP
        June 6, 2023 at 3:59 pm #2564346

        Ref: https://support.mozilla.org/en-US/kb/firefox-dns-over-https

        About our rollout of DNS over HTTPS
        We completed our rollout of DoH by default to all United States Firefox desktop users in 2019 and to all Canadian Firefox desktop users in 2021…..

        If debian is good enough for NASA...
        Reply | Quote
      • lmacri
        AskWoody Plus
        June 7, 2023 at 9:06 am #2564486
        Tex265 wrote:

        In doing more research, it appears under my current FF 113 there is a Setting that I was unaware of. Settings>General>Network Settings>Enable DNS over HTTPS (all the way at the bottom of the screen)>Provider = Cloudflare (Default selected).

        Hi Tex265:

        I posted about this new DNS over HTTPS (DoH) setting on 06-Jun-2023 in the Norton Tech Outpost thread Firefox 114. I don’t know if you’ll find any useful information in that thread since I don’t use AT&T as my ISP, but I did note that:

        • The old check box at General | Settings | Network Settings | Settings | Enable DNS over HTTPS  disappeared after I updated to FF v114
        • My new settings for DNS over HTTPS (DoH) in FF v114 at Privacy & Security | DNS over HTTPS | Enable Secure DNS Using: were automatically set to Default Protection using my local provider (i.e., my ISP, Shaw Communications) instead of the public DNS resolver (CIRA Canadian Shield, Firefox’s previous default provider for Canadian users) that I had previously selected.

        I’m not certain, but the new Mozilla support article Configure DNS over HTTPS Protection Levels in Firefox seems to suggest that your local provider / ISP will not be offered as an option for a DNS resolver in the new FF v114 settings unless it supports secure DoH like Cloudflare, CIRA Canadian Shield, etc.
        ————-
        64-bit Win 10 Pro v22H2 build 19045.2965 * Firefox v114.0.0 * Microsoft Defender v4.18.23050.3-1.1.23050.3 * Malwarebytes Premium v4.5.30.269-1.0.2037 * Macrium Reflect Free v8.0.7279

        Reply | Quote
    • WCHS
      AskWoody Plus
      June 6, 2023 at 9:40 pm #2564409
      Tex265 wrote:

      What Firefox DNS option to select to not mess AT&T ISP connections up?

      Tex265 wrote:

      Not sure how AT&T is dealing with it, or are they overriding the request?

      In FF 114, if you wanted to know if AT&T is not allowing DNS to work, you could set the protection level to “Max Protection”. Then, a security warning is supposed to show if, let’s say, FF can’t connect to the secure DNS resolver because AT&T is not allowing it to.

      My ISP is AT&T. I have one URL on my Desktop that is an http:// URL. It belongs to my local utility. I have the DoH protection level set to MAX and I have HTTPS-Only Mode set to ‘Enable HTTPS-Only Mode in all windows’. The http:// URL gets resolved to https:// (I see the ‘s’ in the URL field after the resolution, but the URL in the icon Properties is without the ‘s’). The page opens with no security warning. So, apparently, A&T is letting Cloudflare do its work.

      1 user thanked author for this post.
      Tex265
      Reply | Quote
    • WCHS
      AskWoody Plus
      June 7, 2023 at 1:02 pm #2564533

      It is wise to close FF and open it again, just to be sure the DNS Protection Status you have chosen sticks. This advice comes after switching the Protection Status from Max to the Default and finding that FF reported DNS over HTTPS to be ‘off’, whereas it’s supposed to be ‘on’. Closing and restarted FF fixed that.

      Reply | Quote
      • Tex265
        AskWoody Plus
        June 10, 2023 at 7:40 am #2565061

        Thanks for the input.  I selected Max Protection (Cloudflare) and have had no problems or triggers at all!  Apparently AT&T is OK with this after all.

        Several folks comments in ghacks under the FF 114 announcement say Max Protection is the same protection that was being provided under recent past FF versions.

        Why did you switch to the Default Protection which doesn’t seem to receive very high marks?

        Windows 10 Pro x64 v22H2 and Windows 7 Pro SP1 x64 (RIP)
        Reply | Quote
    Viewing 3 reply threads
    Reply To: Firefox 114 offering Secure DNS Options – does AT&T ISP Support?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.