ProHoster > Blog > litaba tsa inthanete > Mozilla e Hlahisa Mofani oa Boraro oa DNS-over-HTTPS bakeng sa Firefox

Mozilla e Hlahisa Mofani oa Boraro oa DNS-over-HTTPS bakeng sa Firefox

Khampani ea Mozilla phethela tumellano le bafani ba boraro ba DNS holim'a HTTPS (DoH, DNS holim'a HTTPS) bakeng sa Firefox. Ho phaella ho li-server tsa CloudFlare DNS tse fanoeng pele ("https://1.1.1.1/dns-query") le E latelangDNS (https://dns.nextdns.io/id), tshebeletso ya Comcast (https://doh.xfinity.com/dns-query) le yona e tla kenyeletswa ditlhophisong. Kenya tšebetsong DoH ebe u khetha mofani ka ho li-setting tsa khokahano ea marang-rang.

Hopola hore ho Firefox 77, tlhahlobo ea DNS holim'a HTTPS e ile ea lumelloa ka likopo tse 10 tsa liteko tse rometsoeng ke moreki e mong le e mong le khetho ea boiketsetso ea mofani oa DoH. Cheke ena e ne e tlameha ho koaloa tokollong 77.0.1, kaha e fetohile mofuta oa tlhaselo ea DDoS tšebeletsong ea NextDNS, e neng e sitoa ho sebetsana ka katleho le mojaro.

Bafani ba DoH ba fanoang ka Firefox ba khethoa ho latela ditlhoko ho bahanyetsi ba DNS ba tšepahalang, ho latela hore na mokhanni oa DNS a ka sebelisa data e amohetsoeng bakeng sa ho rarolla feela ho netefatsa ts'ebetso ea ts'ebeletso, ha ea lokela ho boloka lits'oants'o ka lihora tse fetang 24, e ke ke ea fetisetsa data ho batho ba boraro, 'me e tlameha ho senola tlhahisoleseling. mabapi le mekhoa ea ts'ebetso ea data. Ts'ebeletso e boetse e tlameha ho itlama ho se hlahlobisise, ho sefa, ho kena-kenana le, kapa ho thibela sephethephethe sa DNS, ntle le ho latela molao.

Ka liketsahalo tse amanang le DNS-over-HTTPS, motho a ka boela a hlokomela tharollo Apple ho kenya ts'ebetsong ts'ehetso ea DNS-over-HTTPS le DNS-over-TLS likhatisong tse tlang tsa iOS 14 le macOS 11, le eketsa tšehetso bakeng sa likeketso tsa WebExtension ho Safari.

Hopola hore DoH e ka thusa ho thibela ho lutla ha tlhahisoleseling mabapi le mabitso a baamoheli a kopiloeng ka li-server tsa DNS tsa bafani, ho loants'a litlhaselo tsa MITM le DNS traffic spoofing (mohlala, ha o hokela ho Wi-Fi ea sechaba), ho thibela ho thibela ho thibela DNS (DoH). e ke ke ea nka sebaka sa VPN sebakeng sa ho thibela thibelo e kentsoeng maemong a DPI) kapa bakeng sa ho hlophisa mosebetsi haeba ho sa khonehe ho fihlella li-server tsa DNS ka kotloloho (mohlala, ha o sebetsa ka proxy). Ha e ntse e le boemong bo tloaelehileng likopo tsa DNS li romelloa ka ho toba ho li-server tsa DNS tse hlalositsoeng tsamaisong ea tsamaiso, tabeng ea DoH, kopo ea ho fumana aterese ea IP ea moeti e kenyelelitsoe ho sephethephethe sa HTTPS 'me e romelloa ho seva sa HTTP, moo mohatelli. e sebetsana le likopo ka Web API. Tekanyetso ea hajoale ea DNSSEC e sebelisa encryption feela ho netefatsa moreki le seva, empa ha e sireletse sephethephethe ho tsoa ho thibelo ebile ha e fane ka tiiso ea lekunutu la likopo.

Source: opennet.ru

Eketsa ka tlhaloso