
ISP Association Nominates Mozilla as “Internet Villain” - pjc50
https://www.ispa.org.uk/ispa-announces-finalists-for-2019-internet-heroes-and-villains-trump-and-mozilla-lead-the-way-as-villain-nominees/
======
readyp1
It says in the link that Mozilla was nominated "for their proposed approach to
introduce DNS-over-HTTPS in such a way as to bypass UK filtering obligations
and parental controls, undermining internet safety standards in the UK".

So... for circumventing censorship, then?

~~~
sdfin
Is there any disadvantage about activating it? Is the default
([https://mozilla.cloudflare-dns.com/dns-query](https://mozilla.cloudflare-
dns.com/dns-query)) adequate?

~~~
dcow
Requests take orders of magnitude more data because you have to negotiate TLS
each time. Not the end of the world obviously but you will generate more
traffic and observe slightly reduced performance.

~~~
icebraining
> you have to negotiate TLS each time

It's not so bad, because HTTPS supports keep-alive, so you can make a bunch of
queries with a single TLS handshake.

------
stordoff
Hero:

> Sir Tim Berners-Lee – for spearheading the 'Contract for the Web' campaign

Contract for the Web:

> [Governments will] Keep all of the internet available, all of the time

> So that no one is denied their right to full internet access.

> Respect people’s fundamental right to privacy

> So everyone can use the internet freely, safely and without fear.

> [Companies will] Respect consumers' privacy and personal data

> So people are in control of their lives online.

[https://contractfortheweb.org/](https://contractfortheweb.org/)

Villain:

> Mozilla – for their proposed approach to introduce DNS-over-HTTPS in such a
> way as to bypass [censorship and prevent ISPs viewing DNS queries]

I'm sorry, what?

------
ljm
And how important is ISPA.org.uk? If you’re up to date with our government’s
ideas about internet censorship (aspirational to China, in a nutshell) then
this org and post has no credibility.

The UK government has a serious axe to grind against any aspect of the
internet they don’t like. They are trying to censor in their favour, using
children as an excuse.

DNS over HTTPS is a thorn in their side. But of course, never mind Google and
GDPR, they don’t give the slightest shit about any of that.

Never mind that DNS over HTTPS enhances the security of their own digital gov.
movement.

~~~
devoply
You must not be a wanker unless you register to be a wanker. Also no wanking
teens. Their innocent eyes must be protected from depravity.

\- UK government

~~~
DonHopkins
If only the word wanker had another, more general, less sexual connotation,
that did not involve literally having sexual intercourse with ones self. Then
there would not be so much of a stigma associated with registering as a
wanker.

------
DoctorNick
I have to give them credit; because of this article, I found out that Firefox
now supports dns over https and I just enabled it in my browser. Thanks!

~~~
climb_stealth
For anyone else searching for the option:

> Firefox -> Preferences -> General -> Network Settings -> Enable DNS over
> HTTPS

~~~
StavrosK
This overrides my DNS server, right? I use dnsmasq to rewrite all local
addresses to their local IPs when I'm on my LAN, but it looks like this will
break that.

~~~
hcs
One option is to use the .local TLD for local domains, those will never be
resolved via DoH.rDoH. ref
[https://wiki.mozilla.org/Trusted_Recursive_Resolver](https://wiki.mozilla.org/Trusted_Recursive_Resolver)

~~~
fanf2
.local is reserved for multicast DNS so it is a really bad idea to use it for
private DNS

~~~
hcs
Thanks for pointing that out, I'll stop recommending this.

------
dmix
If the future internet is going to look anything like how their site looks I
don’t want any part of it:

[https://i.imgur.com/EyljrGA.png](https://i.imgur.com/EyljrGA.png)

90% of the content is needlessly covered, including the ridicolous EU cookie
policy that interferes with millions of websites while providing almost no
practical value to privacy.

~~~
Avamander
The GDPR prompt wouldn't even be required if nothing shady is going on :P

~~~
squiggleblaz
The GDPR prompt doesn't make me safer though.

~~~
dmix
I never read them, like everyone else.

------
lgierth
If I were in an ISP's shoes, I'd be thankful for Mozilla to neutralize the
legal attack surface which apparantly is running DNS for customers.

~~~
leblancfg
I didn’t know that either! For anyone else wants to try it out:
[https://www.reddit.com/r/firefox/comments/a5evhr/configure_d...](https://www.reddit.com/r/firefox/comments/a5evhr/configure_dns_over_https_in_firefox/)

~~~
lgierth
Umm I think you commented under the wrong parent

------
nathancahill
Mozilla should use this in ads. Like Snowbird's 1-star ad campaign [0]

[0] [https://www.snowbird.com/one-star/](https://www.snowbird.com/one-star/)

------
realshowbiz
Considering my past personal experiences with IPSs, Mozilla must be doing
something right.

------
nine_k
ISP Association makes a controversial move, gets publicity.

Mozilla gets a controversial nomination, also gets a bit of publicity.

News outlets have a bit more to write about.

In a cynical way, it's a win-win situation.

It also somehow resembles me a move by a n acquaintance of mine, a professor,
who wrote to his students something like: "We recommend to use [this list of
expensive textbooks]; the use of free textbooks available at [list of URLs] is
not officially endorsed." Because, you know, want to let the students know
about the free textbooks, but can't do so in a positive way.

------
dredmorbius
Since we're also talking about OpenWRT[1], you can enable DNS-over-HTTPS via
DNSMasq for all software and devices on your LAN.[2]

1\.
[https://news.ycombinator.com/item?id=20356811](https://news.ycombinator.com/item?id=20356811)

2\. [https://openwrt.org/docs/guide-
user/services/dns/doh_dnsmasq...](https://openwrt.org/docs/guide-
user/services/dns/doh_dnsmasq_https-dns-proxy)

------
dredmorbius
And: ISP A&A have donated what would have been their ISPA membership fee to
the Mozilla Foundation:

[https://twitter.com/aaisp/status/1146803916853645314](https://twitter.com/aaisp/status/1146803916853645314)

------
rocky1138
After reading their reason, I would like to say to Mozilla: keep up the good
work.

------
judge2020
Wait till Google pushes the Chrome update that includes the UI for enabling
DoH. Google Chrome already supports DNS over HTTPS (just the UI is not
available on non-mobile)[0] and they're working on eSNI[1].

0: [https://github.com/bromite/bromite/wiki/Enabling-DNS-over-
HT...](https://github.com/bromite/bromite/wiki/Enabling-DNS-over-HTTPS)
(bromite exposes this flag)

1: [https://crbug.com/908132#c14](https://crbug.com/908132#c14)

------
apsdsm
On my phone this website throws up a giant banner over the bottom 30% of the
screen telling me I have cookies disabled and that I really do need to turn
them back on please.

Riiiight. Moving on then...

------
wmf
In other news, Mozilla names all ISPs Internet villains.

------
sys_64738
DNS over https is coming to Chrome shortly:

[https://chromium-
review.googlesource.com/c/chromium/src/+/16...](https://chromium-
review.googlesource.com/c/chromium/src/+/1639663)

------
amatecha
At the risk of sounding a bit sensationalistic, I think any org that calls
Mozilla an "Internet Villain" just instantly loses any credibility to discern
the hero/villain status of any other organization in the future :P

------
Mindwipe
It's worth noting that IPSA has a complaints procedure open to customers of
their member ISPS.

I'll certainly be making a complaint about their board tomorrow.

------
black6
> Mozilla – for their proposed approach to introduce DNS-over-HTTPS in such a
> way as to bypass UK filtering obligations and parental controls, undermining
> internet safety standards in the UK

In other words, for keeping the Internet true to its philosophical roots—to
transmit information from A to B, regardless of the number or complexity of
steps in between.

------
lone_haxx0r
Obviously, they are not stupid enough to really believe this. There are
evident political interests in this nomination, but it's still amusing how
they're saying it with a straight face.

I'm sorry for breaking my composure, but I'm laughing my ass off at these
people. 10/10.

------
pixxel
Noob question, if I may. I have Cloudflare's 1.1.1.1 enabled on my devices via
each device's own network settings. How does enabling Firefox's "Enable DNS
over HTTPS" at browser level factor into things? Is one ignored or conflicted?

Firefox's Cloudflare DNS Resolver* collects less data than 1.1.1.1. Would be
nice to use Firefox's Resolver at system level, heh.

*[https://developers.cloudflare.com/1.1.1.1/commitment-to-priv...](https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/)

------
jchw
Hmm, maybe Mozilla should nominate the ISP Association for something similarly
flattering given how absolutely absurd a conviction this is.

------
ddingus
Great!

I am in the process of returning to Mozilla as primary browser.

This helps.

------
preinheimer
The Net interprets censorship as damage and routes around it.

Close this as "works as designed".

~~~
squiggleblaz
1990s era myth. Falsified entirely nowadays but anyone who's ever been in a
non-first tier democracy. The internet drops packets and they don't get
through. And we're not just talking about the Great Firewall of China. More or
less democratic states - and sometimes the free market of ISPs - will
effectively censor you.

That's precisely why Mozilla has tried to create a new protocol to deal with
the censorship. A bunch of people doing work to negotiate and implement a new
protocol is not "the internet" unless you have the most depraved view of
people or a view of "the internet" so broad as to be completely meaningless
that we even had the internet in mediaeval Sweden.

------
borland
Association of criminals nominates the police as "City's worst Villain"

------
RaleyField
And I, as a member of the esteemed assembly of contributors to this thread, am
pleased to nominate Internet Services Providers’ Association as the 2019
Internet Villain. Congrats..

------
aussieguy1234
For introducing DNS-over-HTTPS to circumvent censorship.

This will be great in dictatorships, where anything the dictator doesn't want
you to see is censored.

------
kangnkodos
Where is the great firewall of China on the list of villains? Surely that is
doing more harm than Mozilla.

------
ipsum2
Wow, this got flagged off the front page really quickly, even though it has
183 votes in the last 2 hours.

