Mozilla’s effort to secure domain name requests now has a major new ally: Comcast. The cable giant’s Xfinity brand has become the first internet provider to provide encrypted DNS services through Mozilla’s Trusted Recursive Resolver program. If you’re a Firefox user with Xfinity service, it should be that much harder for people to snoop on your website requests or intercept them for attacks.
The technique needs companies like Comcast to help due to its very nature. In addition to encrypting the data using DNS over HTTPS, Mozilla needs to ensure that companies managing the data have rules that limit data collection, provide transparency for that data and prevent the domain name resolver from either blocking access or modifying the content. Companies like Cloudflare and NextDNS have already signed on.