Firefox and Fastly take another step toward a privacy upgrade for the internet

Fastly and Mozilla are taking another important step toward a more secure and private internet with Firefox’s adoption of Fastly as an Oblivious HTTP (OHTTP) Relay in order to guarantee more privacy for Firefox users. We are thrilled to work in partnership with Firefox and Mozilla, who have a proven track record of investing in technologies that protect their users and working to improve the internet. How does Oblivious HTTP (OHTTP) work?

OHTTP is a spec and service architecture that engineers can use to enable more private communications between two parties by splitting the information about the requester from the information of the request being made. You can read more about OHTTP here, but the basic idea is that it is “double-blind” in the sense that the spec is designed so that there is never a single party who has all of the information about who is making a request, and what the request is. When OHTTP is not in use all of that data is mixed together, which leaves room for abuse or misuse, and also means that a malicious attack could gain access to that data. With OHTTP a new level of privacy is guaranteed. firefox blog image 2

Fastly serves as the OHTTP Relay, receiving a request from the OHTTP client (in this case it would be in the browser), that includes metadata about the requester which Fastly can read and strip away, as well as an encapsulated and encrypted request that is passed along through the relay as designed. Fastly never knows what information is in the request itself, and Mozilla never knows any of the metadata about the requester. Browsers are the beginning

The double blind communication enabled by a new generation of private-by-design technologies are impossible with HTTP alone. We believe that OHTTP, MASQUE*, and DAP** represent the beginning of a more private and secure future for all communications on the internet. Browsers occupy an important position, sitting between users and a great deal of their activity on the internet. When Firefox and other browsers adopt new technologies like this it sends an important signal that this level of privacy-by-design should be table-stakes going forward. Working toward a more private internet

This technology is still relatively complicated to implement, being adopted by larger organizations like the most popular browsers, but we are getting a glimpse of a future where more is possible. We have seen this before with the adoption of HTTPS, which is now expected and the default – not just for business and large organizations, but even for small personal websites.

Fastly views the work to bring OHTTP and other privacy protecting technologies to browsers and apps as a fundamental, necessary first step. Connected/smart device manufacturers, network hardware companies, and the consumer electronics industry at large are becoming more serious about compliance and privacy. And with the help of organizations like Mozilla, we are laying the groundwork for a future where applications – even smaller ones without the resources of an Apple, Google, Microsoft, or Mozilla, will be able to access OHTTP simply. We won’t arrive at this state tomorrow, but we are starting to have options for how to get there.

Our goal is to create a future where all internet communications are private through the democratization of these private-by-design technologies. We must start with specific use cases and particular protocols with organizations like Mozilla who share this vision, and are ready to be early adopters. Over time the aim is to broaden the use of the technology as the private communication pathways are more universally available and easy to use. We expect this to be pushed forward in at least a couple ways – first, by continued regulatory moves and privacy legislation that forces adoption of these kinds of technologies. Second, we expect it to evolve to be a standard that users expect, like the lock in their URL bar for HTTPS connections. This is the commoditization of privacy in a great way, where improved privacy becomes cheap to the point that it is only a negligible cost to adopt an improved standard, and a reputational cost if you don’t adopt it.

Fastly will not be the only option for providing a relay for this type of feature, but we do intend to be the best option. We intend to be the change we want to see in the internet and move all of us toward a future of complete privacy in internet traffic.

*MASQUE = Multiplexed Application Substrate over QUIC Encryption

**DAP = Distributed Aggregation Protocol (for privacy preserving measurement)

  • Chaos
    link
    53
    edit-2
    1 year ago

    Fire fox is living up to it’s name as they are on fire. Everytime I see a tech update from any of the major players it’s always bad, except Firefox. Keep being real. I luv u

      • @[email protected]
        link
        fedilink
        401 year ago

        What you use then? Let me guess Brave? People talk a lot of shit about Firefox but they are really the few companies that care about privacy.

        • @TCB13
          link
          English
          -41 year ago

          Ungoogled.

            • @TCB13
              link
              21 year ago

              Yes, but unlike Firefox it doesn’t call dozens of servers whenever you launch it.

              • BolexForSoup
                link
                fedilink
                101 year ago

                I would rather trust firefox a bit implicitly than passively give Google more control over the internet. That’s not a slight at you, your concerns about FF are totally valid. But Chrome and chromium have achieved such dominance that it rises to a higher priority for me than skepticism of FF.

                • @TCB13
                  link
                  English
                  21 year ago

                  I agree with you however I can’t stand behind Firefox as it is anymore.

                  • @JubilantJaguar
                    link
                    71 year ago

                    To me this looks an awful lot like the eternal idealist-vs-pragmatist schism. The problem being that by refusing to support the only viable alternative candida… uh browser, all you do is boost Tru… uh Google.

        • @TCB13
          link
          English
          21 year ago

          How is it not? Having a unique ID attached to your browser instance included with telemetry by default?

      • Timber
        link
        fedilink
        31 year ago

        Just use librewolf or any other installation method

      • @TCB13
        link
        English
        11 year ago

        I don’t even get why people downvote something that is a fact, well reported by multiple sources and that everyone can check… but okay. Maybe it is the mental break down caused by the sudden realization that Firefox isn’t that good and private after all. Who knows.