[PLUG] Mozilla Firefox, Cloudflare DNS Resolver and Digital Citizenship

[MC_Sequoia]

"I did find an interesting discussion by Cloudflare CEO stating how she wants digital citizenship to be forced upon everyone, and I found it fascinating that my Mozilla Firefox browser was pushing DNS lookups via Cloudflare."

Firstly, I want to very clear that personal privacy, anonymity & security is very important to me whether in the digital or non-digital realm and I think it's in our collective best interest to be.

With that being said, I'm by no means a digital privacy & security expert.

Here's the DNS data that Cloudflare collects.

:What information does the Cloudflare resolver for Firefox collect?

Any data Cloudflare handles as a result of its resolver for Firefox is as a data processor acting pursuant to Firefox’s data processing instructions. Therefore, the data Cloudflare collects and processes pursuant to its agreement with Firefox is not covered by the [Cloudflare Privacy Policy](https://www.cloudflare.com/privacypolicy/)

. As part of its agreement with Firefox, Cloudflare has agreed to collect only a limited amount of data about the DNS requests that are sent to the Cloudflare Resolver for Firefox via the Firefox browser. Cloudflare will collect only the following information from Firefox users:

- date
- dateTime
- srcAsNum
- srcIPVersion
- dstIPVersion
- dstIPv6
- dstIPv4
- dstPort
- protocol
- queryName
- queryType
- queryClass
- queryRd
- queryDo
- querySize
- queryEdns
- ednsVersion
- ednsPayload
- ednsNsid
- responseType
- responseCode
- responseSize
- responseCount
- responseTimeMs
- responseCached
- responseMinTTL
- answerData type
- answerData
- validationState
- coloID (unique Cloudflare data center ID)
- metalId (unique Cloudflare data center ID)

All of the above information will be stored briefly as part of Cloudflare’s temporary logs, and then permanently deleted within 24 hours of Cloudflare’s receipt of such information. In addition to the above information, Cloudflare will also collect and store the following information as part of its permanent logs.

- Total number of requests processed by each Cloudflare co-location facility.
- Aggregate list of all domain names requested.
- Samples of domain names queried along with the times of such queries.

Information stored in Cloudflare’s permanent logs will be anonymized and may be held indefinitely by Cloudflare for its own internal research and development purposes.:"

Reference - https://developers.cloudflare.com/1.1.1.1/privacy/cloudflare-resolver-firefox

I don't know what every piece of DNS query data listed is but I can if this is accurate and fully transparent I only see the destination ip addr and no source ip addr. Therefore, none of your DNS queries can be tied back to your ip address.

There isn't anything here that concerns me. Maybe you know more and if you think there are things here to be concerned with, I'm very interested in learning more.

It seems to me that Mozilla has been investing in privacy & security over the years and that investment has paid dividends with good reviews from security pros and they've even gained some market share. I believe in the Mozilla Foundation and I think it's an organization worth $upporting.

Let me very clearly state that I'm against hate, violence, bigotry, racism, oppression, misogyny, ignorance, misinformation and fear mongering. Much of which I saw on various social media platforms that I stopped using many years ago.

So, when unfounded claims based on fear and/or ignorance are posted in public spaces, I strongly support the challenging and open discussion of them.

I did a few quick web searches and I couldn't find any credible sources that talked about "digital citizenship being forced upon everyone."

I did however find this TechCrunch article from 2014.

"A lot of political speech now happens online, but that also makes it very vulnerable to DDoS attacks from those who don’t agree with a given viewpoint. Many of these sites are hosted by individual journalists (and citizen journalists, if you want to make that distinction) and artists, who likely don’t have the infrastructure and knowledge to protect themselves against these attacks.

To help keep these sites operating, online security and CDN service [CloudFlare](http://cloudflare.com) today announced [Project Galileo](http://projectgalileo.org/), a partnership with 15 NGOs to help it identify and protect sites around the world that are under attack. These NGOs include the [Access](https://www.accessnow.org/), [ACUL](https://www.aclu.org/), the [Electronic Frontier Foundation](https://www.eff.org/) (EFF), the[Center for Democracy and Technology](https://cdt.org/), [Mozilla](http://www.mozilla.org/), the [Committee to Protect Journalists](https://www.cpj.org/) and the [Freedom of the Press Foundation](https://pressfreedomfoundation.org/).

Among the sites already protected by the project are minority-rights organizations, LGBT groups in Africa and the Middle East, global citizen journalists and independent media outlets in the developing world. These sites will get the same protection as CloudFlare’s enterprise users."

Reference - https://techcrunch.com/2014/06/12/cloudflare-teams-up-with-15-ngos-to-protect-citizen-journalists-and-activists-from-ddos-attacks/

Corporations aren't our friends. They're generally not good citizens in our communities. There are mountains of evidence throughout history. I don't trust Cloudflare any farther than I can throw them and I don't think anyone should blindly trust any corporation or any person, especially someone one on the internet that you don't know in person.

But I think trust begins with an honest intention to have an open-minded discussion based on facts, data and sound logic.

Sincere Regards,

Mike

Sent with [Proton Mail](https://proton.me/) secure email.