5
submitted 1 year ago by SvensKia@kbin.social to c/firefox@fedia.io

As web users, what we say and do online is subject to pervasive surveillance. Although we typically associate online tracking with ad networks and other third-party sites, our online communications travel across commercial telecommunication networks, allowing these privileged entities to siphon the names of the websites we visit and monetize our browsing history for their own gain.

Enter Encrypted Client Hello (ECH) – by encrypting that first “hello” between your device and a website’s server, sensitive information, like the name of the website you’re visiting, is protected against interception from unauthorized parties. ECH is now rolling out to Firefox users worldwide, allowing for a more secure and private browsing experience.

What is Encrypted Client Hello?

ECH is the most recent step in our mission to build a better internet, one where privacy is the industry standard. Mozilla has been developing this new internet privacy technology for nearly a half-decade in collaboration with other browsers, infrastructure providers, academic researchers, and standards bodies like the Internet Engineering Task Force (IETF).

Much of our data shared through websites, such as our passwords, credit card numbers and cookies, are protected with cryptographic protocols like Transport Layer Security (TLS). ECH is a new TLS extension that also protects the identity of the websites we’re visiting – filling the privacy gap in our existing online security infrastructure.

Usually, when a browser connects to a site, it transmits the site’s name in its unencrypted initial message, allowing network operators or observers on the network to monitor the websites visited by each user.

ECH uses a public key fetched over the Domain Name System (DNS) to encrypt the first message between a browser and a website, protecting the name of the visited website from prying eyes and dramatically improving user privacy.

Privacy as a default.

With ECH on Firefox, users can be assured that their browsing patterns are more private. But Firefox’s support for ECH is only one half of the story – web servers also need to implement ECH. Fortunately, ECH is an open standard which any website operator can deploy. Cloudflare has already rolled outsupport for ECH and we look forward to other providers launching their deployments in the near future.

It’s also important to understand that no one technology can be a panacea. ECH works alongside other security and privacy features in Firefox, including DNS-over-HTTPS (DoH). DoH encrypts DNS queries to protect the translation of website names to IP addresses, which ensures that website names aren’t visible to the network in DNS traffic and is essential for ECH to be effective. DoH and ECH can also be combined with a virtual private network (VPN) to provide an additional layer of privacy and security where the VPN masks a user’s IP address and encrypts data traffic, while ECH protects the identities of the websites a user visits from the VPN provider.

While Mozilla believes that privacy and security technologies should be available by default for all users, we also recognize that in certain circumstances, users may have alternative preferences, for example, if they are relying on family safety software at home, are using network-based ad blocking or are in an enterprise environment. ECH is designed to interoperate with these practices and respect the existing DoH opt-outs in Firefox, so these users won’t need to make any changes to continue enjoying a smooth and safe Firefox experience. Similarly, if users or administrators have opted-in to the increased or maximum levels of DoH protection, their decision will likewise be respected.

A culmination of years of privacy-minded research, experimentation and testing.

Half a decade ago, Mozilla began the work needed to modernize and safeguard the Domain Name System (DNS), closing long-standing data leaks in one of the internet’s oldest and first components. Around the same time, we also began work on the protocol which became the forerunner to ECH. Developing these complex systems safely and responsibly takes time, experience and collaboration with the community.

Over the course of our long history of building technology to counter online tracking and surveillance, our contributions to standards bodies like the IETF have played a pivotal role in the development of DoH, TLS1.3, QUIC and many more crucial technologies, shaping the landscape of online privacy and encryption.

Mozilla has long invested in technologies to protect the privacy of Firefox users and ECH gives users an even higher level of privacy by safeguarding their browsing history from unsavory network practices. We stand by our ongoing commitment to ensure privacy, security and user choice are non-negotiable. Take back your privacy by downloading Firefox today.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here
this post was submitted on 03 Oct 2023
5 points (100.0% liked)

Firefox

4 readers
7 users here now

The latest news and developments on Firefox and Mozilla, a global non-profit that strives to promote openness, innovation and opportunity on the web.

You can subscribe to this community from any Kbin or Lemmy instance:

Related

Rules

While we are not an official Mozilla community, we have adopted the Mozilla Community Participation Guidelines as far as it can be applied to a bin.

Rules

  1. Always be civil and respectful
    Don't be toxic, hostile, or a troll, especially towards Mozilla employees. This includes gratuitous use of profanity.

  2. Don't be a bigot
    No form of bigotry will be tolerated.

  3. Don't post security compromising suggestions
    If you do, include an obvious and clear warning.

  4. Don't post conspiracy theories
    Especially ones about nefarious intentions or funding. If you're concerned: Ask. Please don’t fuel conspiracy thinking here. Don’t try to spread FUD, especially against reliable privacy-enhancing software. Extraordinary claims require extraordinary evidence. Show credible sources.

  5. Don't accuse others of shilling
    Send honest concerns to the moderators and/or admins, and we will investigate.

  6. Do not remove your help posts after they receive replies
    Half the point of asking questions in a public sub is so that everyone can benefit from the answers—which is impossible if you go deleting everything behind yourself once you've gotten yours.

founded 1 year ago
MODERATORS