[Trisquel-devel] Abrowser 136 soon available for testing
Simon Josefsson
simon at josefsson.org
Tue Apr 1 09:52:21 UTC 2025
Luis Guzman <ark at switnet.org> writes:
> This release has one key change: DNS over HTTPS (DoH) is now disabled
> by default starting with version 136.
>
> This decision is based on the recent Terms of Service (ToS) update by
> Mozilla. I'm not a lawyer, but AFAIK, Abrowser is not subject to those
> terms, since it is rebranded and recompiled entirely from source, I
> believe it’s safer to disable Mozilla-hosted services by default,
> including DoH, so there is no future requirement to Abrowser users to
> accept some TOS.
>
> That said, there's a trade-off: while DoH can improve security by
> encrypting DNS queries, it may also introduce privacy concerns, as the
> DoH provider (often a centralized service) can log and track DNS
> requests.
>
> Users must decide whether they prefer to trust a centralized encrypted
> resolver, or continue using their ISP's DNS (typically
> unencrypted). Each choice has some level of privacy and security
> implications. However, the use of DoH falls outside the scope of
> Abrowser or Trisquel support umbrella, so users should made an
> informed choice of what's best for them.
I think there are three ways approaches to DoH:
1) Disable it.
2) Opportunistically enable DoH when a local resolver supports it.
3) Always enable it and use a centralized service at Mozilla.
I agree 3) seems like a bad default for Abrowser. But 2) seems better
than 1) to me. Does Firefox support anything like that, or are we out
of luck trying to get that to work?
/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1251 bytes
Desc: not available
URL: <http://listas.trisquel.info/pipermail/trisquel-devel/attachments/20250401/87a07601/attachment-0001.sig>
More information about the Trisquel-devel
mailing list