Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Aïda Amer/Axios

A new feature in Mozilla and, soon, Chrome web browsers will stop snoops — from your boss to criminals — from tracking which sites you visit. But the same technology also has opponents, as many groups fighting child exploitation say it will hamper their work, and a few internet experts argue it will undermine security.

The big picture: The feature, known as DNS over HTTPS (DoH), has a lot of support in the internet engineering and privacy communities, including the Internet Engineering Task Force, a key internet standards body. But as in the larger debate over encryption, privacy benefits can have downsides for some parties.

How it works: Until very recently, when you typed “axios.com” into a web browser, the first stage of that request was sent out over the internet unencrypted. That data could be:

  • Compiled and sold by Internet service providers and used for ads.
  • Subpoenaed by the government.
  • Available for your boss to see, if you worked on a corporate network.

DoH changes that by encrypting the name you visit, so no one but you and a DoH provider like Google, Cloudflare or Quad9 see them. And those groups pledge to quickly delete all logs.

Driving the news: Last week, Google announced it would switch Chrome and Android users to DoH whenever the provider they used for unencrypted browsing also offered DoH. Mozilla announced plans this weekend to begin testing out DoH by default for all users in the U.S.

  • That created an uproar at child endangerment organizations, who worry that enabling DoH by default will circumvent parental filtering software in the U.S.
  • Groups have had similar concerns in the U.K., where internet service providers filter illicit websites as users try to access them — something that's impossible to do with DoH.

Google thinks it is being misunderstood. The company's proposal would only change a user's settings from the old, unencrypted system if doing so wouldn't affect existing filters and security, meaning the child endangerment argument really wouldn't apply.

  • "All existing filters and controls remain intact," the company said in a statement.

But there are security reasons why some people oppose DoH, too.

  • Paul Vixie, who laid a lot of the groundwork for the old DNS system, warns that DoH prevents corporations from filtering connections to malicious domains.
  • Vixie believes that a nearly identical service that provides better visibility, DNS-over-TLS (DoT), is a superior choice. Both options use the same encryption algorithm.

DoH advocates argue that their preferred protocol has a key advantage over DoT. DoH uses the same pathways as web browsing, making it impossible to block without blocking all web browsing. DoT doesn't disguise itself that way.

  • But Vixie believes that puts the security of the few over that of the many. "With DoH, they are solving a problem that most of the world doesn't have by creating a problem that everyone in the world will have," he said.

Mozilla says that many concerns are already being addressed on its end.

  • "Our deployment plan will disable DoH if parental controls are in place," said Selena Deckelmann, senior director of engineering, adding the same will be true when Firefox detects certain security products.
  • And Cloudflare notes that parental filters that operate before starting to connect to a website will still work. "Someone looking to use DoH to keep their web browsing data private can apply parental filters or security products on their DoH endpoint," said Alissa Starzak, Cloudflare head of policy.

The bottom line: The risks to parental controls might not be as grim as the child endangerment argument suggests.

Go deeper

Senate confirms retired Gen. Lloyd Austin as defense secretary

Photo: Greg Nash-Pool/Getty Images

The Senate voted 93-2 on Friday to confirm retired Gen. Lloyd Austin as secretary of defense. Sens. Mike Lee (R-Utah) and Josh Hawley (R-Mo.) were the sole "no" votes.

Why it matters: Austin is the first Black American to lead the Pentagon and President Biden's second Cabinet nominee to be confirmed.

House will transmit article of impeachment to Senate on Monday, Schumer says

Photo: Drew Angerer/Getty Images

Senate Majority Leader Chuck Schumer (D-N.Y.) announced that the House will deliver the article of impeachment against former President Trump for "incitement of insurrection" on Monday.

Why it matters: The Senate is required to begin the impeachment trial at 1 p.m. the day after the article is transmitted.

Dan Primack, author of Pro Rata
2 hours ago - Politics & Policy

Private equity bets on delayed tax reform in Biden administration

Illustration: Brendan Lynch/Axios

In normal times, private equity would be nervous about Democratic Party control of both the White House and Congress. But in pandemic-consumed 2021, the industry seems sanguine.

Driving the news: Industry executives and lobbyists paid very close attention to Treasury Secretary nominee Janet Yellen's confirmation hearings this week, and came away convinced that tax reform isn't on the near-term agenda.