Security Issue - DNS leak via Firefox/Waterfox

[Kunuyana 8]

The new Firefox updates introduced something called DNS over Oblivious HTTP. I noticed having this enabled causes the real DNS server IPs to leak via https://ipleak.net/  - Disabling it like in the screenshot prevents this for now but even then it sometimes fails and shows the real countries DNS. It would be nice to have an Eddie update asap to address this.

[Hypertext1071 5]

Try choosing "Off", then Firefox/Waterfox will just use what your system provides it. Hope that helps!

[Kunuyana 8]

Thanks. I'm aware of it, but many new users still trust in the safety of the Eddie. They may not realize this new update causes identity leak by default and that the browsers need to be manually adjusted outside of WebRTC leak prevention.
That's why I posted here so the devs can address it.

[Staff 10285]

1 hour ago, Kunuyana said:

They may not realize this new update causes identity leak by default

Hello!

This does not seem to be the case, the DNS query is tunneled, even when the destination is an "alien" DNS. If you have gathered evidence that in some way the DNS query is tunneled outside the VPN tunnel (with Network Lock enabled) can you please tell us how to reproduce step by step so we can re-check with tools like Wireshark? The only thing we can think of is when Firefox forces a DNS query to the gateway, the gateway is your router, and you keep your own ISP DNS configured on the router (so DNS queries to the router are not blocked by Network Lock, which allows anything to the router, and then the router forwards the DNS query to your ISP DNS), is this your case?

Kind regards