Firefox 77.0.1 will be released today to fix one issue
Mozilla plans to release Firefox 77.0.1 to the Stable channel later today. The new version of the web browser comes just a day after the release of Firefox 77.0 Stable on June 2, 2020.
While it is not uncommon for Mozilla to release a smaller update shortly after a major version update, the time between a major release and a bug fix release is usually a good indicator of the importance of the update.
The release notes list a single bug:
Disabled automatic selection of DNS over HTTPS providers during a test to enable wider deployment in a more controlled way
The linked bug, 1642723, provides additional insight on the fix. According to its assignee and other contributors, the fix "prefs-off a feature" related to Firefox's rollout of DNS over HTTPS that caused network strain on the network of the provider NextDNS.
We need to be able to roll this out gradually so that we don't overload any providers. Even the dry-run involves up to 10 requests per client which can be very significant when the entire release population updates.
NextDNS is one of the providers that Mozilla selected for inclusion as a default HTTPS over DNS providers in the Firefox web browser.
This prefs-off a feature that seems to be effectively DDoS'ing NextDNS, one of our DNS over HTTPs providers. This patch is blocking the rollout of Fx77.
DNS over HTTPS is a new security and privacy feature that is being rolled out in Firefox, and also available in other browsers. Most browser makers, e.g. Google, plan to introduce support for DNS over HTTPS this year. Microsoft has integrated the feature in the company's Windows 10 operating system as well recently.
Mozilla stopped the rollout of Firefox 77.0 Stable because of the bug. The organization created a patch and plans to release it on June 3, 2020 to the Firefox Stable population.
Now You: are you excited about DNS over HTTPS?
.. not exited. now we have an in-tree wireguard – thx @torvalds – and this complete nonsense is leaking dns requests to cloudflare – or whatever. but thx @ moz. 4 the flatpak & wayland support (despite some bugs in the stable release).
As long as FireFox allows to disable this DNS over HTTPS security theater crap, I will remain a FireFox user.
DNS over TLS is preferable, because when you do not live in the US, ISPs (and their DNS servers) are more trustworthy than ISPs in the US. Which is why DNS over HTTPS is security theater crap.
Both Firefox an Chromium-based browsers allow you to disable it…
network.trr.mode set to 0
In Chromium-based browsers (Chrome, Edge, Brave, Vivaldi, Opera etc.):
chrome://flags/#dns-over-https set to “Disabled”
Cool, an important update. Finally, they’re removing telemetry from the finished product and taking google/cloudflare out of the browser for good!
oh wait, nevermind :/
It’s to do with all the work they’re doing on centralising everyones browsing data. Carry on I suppose, priorities and all that.
“are you excited about DNS over HTTPS?”
I just want things to work. While I thank you for the post, I didn’t really understand it. I am still waiting for 77.0 on Ubuntu. I guess this fix doesn’t apply to 68.9.0 esr.(I have both on different computers.)
Concerning DNS over HTTPS, in whatever browser as well as on the OS level (announced for Win10 I think), I don’t care for that, don’t use it and don’t plan to. I’m satisfied with DNSCrypt-Proxy, especially when used with the DNScrypt protocol rather than DoH.
About the Firefox 77.0 issue, fixed the next day with this 77.0.1, I have no idea if a problem I encountered with 70.0 is that very one fixed by 77.0.1, but I encounter it no more with latest version : FF70.0 would crash on startup, occasionally, when historically I’ve maybe encountered less than 10 crashes ever since Firefox 2.x … anyway, no more startup crashes (apparently) with FF77.0.1
The article displays a screenshot without mentioning explicitly the about:config setting :
doh-rollout.trr-selection.enabled … false
Is this the setting (maybe with others) which has been modified with FF77.0.1 (from true to false)?
Personally I’ve disabled TRR (Trusted Recursive Resolver aka DoH in Firefox) by means of all available related settings I was ware of, all within Firefox’s AutoConfig and even Firefox’s Registry Group Policies, so I doubt ‘doh-rollout.trr-selection.enabled’ — if set to true in FF70.0 — may have been the cause of the crashes. I’ve added it anyway to my anti-TRR settings.
My FF Autoconfig settings pertinent to disabling TRR (lockPref is specific Autoconfig, in user.js it’ll be user_pref of course) :
// disable DNS-over-HTTPS (DoH) (FF60+)
// 0=off, 1=race (removed in FF69), 2=TRR first, 3=TRR only, 4=race for stats but always use native result (removed in FF69), 5=explicitly off
lockPref(“network.trr.mode”, 5); // ENTERPRISE POLICY SETS IT TO 5 WHEN ITS ‘DISABLE DNS OVER HTTPS’ IS CHECKED.
// disable checking the registry for network changes that indicate that TRR should not be used.
// disable using TRR on the ground of network changes
// disable TRR rollout
lockPref(“doh-rollout.trr-selection.enabled”, false); // Default=false (FF71.0.1)
My Firefox’s Registry Group Policies pertinent to blocking TRR :
I may possibly overdo it given some settings implicitly imply others, but it won’t harm.
As usual I considerably detail my ways of proceeding, for whom it may be helpful and always open-minded to experts’ criticism.
Anyone know how to get spell check in ungoogled chromium working?
This one is good, the server behind it is open source and they don’t log your data:
In case you don’t know how to add extensions from the Chrome Web Store to Ungoogled Chromium:
Thanks IH, enjoy your commentary.
They’re doing a poor job of explaining why DNS over HTTPS is so “important.” I never had issues with DNS. Instead of being tracked by our ISPs we’re instead being tracked by NextDNS and CloudFlare. Obviously money is changing hands here. They’re just trying to figure out what else can be sold next.
So no, not really a fan. It will be interesting to watch the day one of these centralized DNSs goes down or gets hacked and with it the a big chunk of the internet goes black for millions of people all at once. The whole point of the internet was being distributed and here we are consolidating it for “not a very good reason.”
Wait. Mozilla came out with DNS over HTTPS for Firefox before Google came out with it for Chrome?
I guess the trolls here are wrong given that they claim that all Mozilla does is follow Google’s lead.
Not sure if Mozilla really wants to be on the forefront here:
But then, I am not surprised that Mozilla will be handing over data to Cloudflare willingly, just like their sponsor Google does (probably just a coincidence). I wonder who will profit from traffic being centralized… *cough* state *cough*
In Chromium it is implemented on the code level as well, it is just not enabled yet:
DNS over HTTPS is super duper Slow at loading webpages, so i wouldn’t recommend using it
The entire point of defaulting DNS over HTTPS is to put pressure and force providers to upgrade
The point is handing over your all your traffic to (and centralizing traffic info at) Cloudflare, a US-based company. Cui bono?
Direct download links with checksums and gpg verification:
I use it (doh) and there are certain reasons to.For example US ISPs are allowed to sell your data.
Some countries are forced to site blocking because a court order and implement dns website blocking.So using Firefox lets me override that.Lets not forget there is also esni enabled in config.
What other tools offer esni ?
I would prefer to get a alternative to the forced password app Lockwise since the logons stored in the browser are not independent of the underlying OS.
An export import function is completly missing as if not integrated at all. A listing of all logons and password in a table like structure as was the case before is missing as well.
I see that the future is a cloud logon password safe place within mozilla which a do not find likable at all.
I find this to be a grave bug.
This is stupid. Do the update with http, then the switch to https.
DoH can still be turned off in Options. Or start with the default, then switch? Some users have been forced into DoH? Maybe not? FF is big enough to DOS NextDNS with a single digit market share?
Honestly can’t tell what state DoH is in; Mozilla is hosing the whole thing so badly. I set DNS in my router because keeping track of all our browsers is frustrating. NextDNS is already our secondary provider. Cloudflare is NOT our primary, tee hee.
The DoH subject has been made confusing by all the “experts” trying for simple explanations. It’s not needed to keep your ISP from tracking your requests, although many think so. It’s not even needed to keep your DNS requests “secret,” there are other simple ways.
Long as it works, OK; if done right, it adds security. Mozilla’s certainly not done making it not work. Chromia get their DNS from Windows, whoopie! MS is king at breaking stuff.
Stay at Home has jacked internet traffic to the point where browsing is noticeably slower. Streaming on multibillion dollar cable news channels is awful right now. Sluggish DoH could easily cause more disillusioned Firefox users to defect.
The fun’s beginning; DoH will be 2020’s equivalent of 2019’s VPN’s. Most users are still clueless about VPN’s!
Linux mint 19.3 here and I’m on FF 76.0 and was never offered any other fix for 76 but was just offered FF 77.0.1 today, and it’s blacklisted currently until I’ve had the chance to see what’s been changed for the worse once again.
It’s beginning to become more like that game of Windows 10 whack-a-mole only it’s not the Folks from Redmond in this case it’s the Folks from the Mozilla foundation. And I just knew that Browsers where becoming a little too much like OSs unto themselves over the years and the Browser wars are really still ongoing more or less and it’s become that end user metrics collection that’s paying for it all.
So I’m thinking that really the Mint Maintainers should maybe looking at the browser and how they can give their end users some sort of default that’s longer term support sans the rapid release cadence as that’s sure what Mint’s about as far as their OS Distro that’s downstream based on Ubuntu LTS.
I’m really not wanting to go beyond FF 76.0.0 and also want to avoid snapd and all that other nonsense that’s deciding things for me against my better judgment.
> So Iâ€™m thinking that really the Mint Maintainers should maybe looking at the browser and how they can give their end users some sort of default thatâ€™s longer term support sans the rapid release cadence
That already exists, look up “Firefox ESR”.
> Iâ€™m really not wanting to go beyond FF 76.0.0
Strictly speaking from a security perspective, this is not a very good idea.
Well, these days it seems Mozilla fixes one thing, but breaks 10 other things at the same time. I hate the last 3 updates from Mozilla. All my custom mouse functions along with 2 addons is now broken, I don’t know what they did, but I might be moving to another browser soon.
Interesting, I clean uninstalled Firefox 77 and re-installed version 74.01 and everything works…what have you done Mozilla?
OK so I’ve decided that I need to go back to Firefox if I want a customizable browser, since it appears that soon Pale Moon and Basklisk will not be able to use Polymer v2 of YouTube. But i don’t really like where Firefox is going either.
As i mentioned before, ESR 60 was new enough to be fast and modern, but still customisable to my liking.
Is there a way (as a non-developer) that I can rebuild Firefox ESR 60 and put in place all of the newer security updates? I asked it once on MSFN, but they’re only interested in keeping XP and XUL alive. Even Matt Tobin asked me why anyone would anyone in their right mind want to rebuild ESR 60? Well then why Baklisk? Why Pale Moon? Why Waterfox? So spare me that.
Can what I need be done, and who should i put myself in touch with?
I second this. Would appreciate it if you could share a copy when you accomplish this.
Gladly! I really doubt I’ll hear back. There is very little interest in early Quantum versions by those who are forking Firefox versions, but I think they were the best compromise between performance, modern looks, and customization.
Well I’ve been running Firefox Current for an hour or so. In almost EVERY way – it’s way faster than Pale Moon. I think I’ll be moving over to it.
Sorry I meant Waterfox Current – my bad :(
I’m trying Waterfox Current. I think it’s based on v68 ESR. It seems to be working well.
OH YUCK I get the crappy new address bar in Firefox 77 similar to Firefox 75’s updated address bar (dang Mozilla!)
fortunately there’s a way to get back the classic address bar in FF 77/77.0.1 by following the instructions from this Winaero page:
The DNS server in my Talk Talk router redirects http://www.mozilla.org to some Talk-Talk servers, giving me the “KidsSafe has blocked this site” message, so unless I fiddle with the DNS I cannot even update Firefox.
Since DoH allows me to tweak DNS just for the browser, I’m in favour of DoH.
One biggie for those that prefer e10s disabled in Windows. If you use the environment variable:
You’ll end up with every web page displayed as gibberish. You’ll need to enable e10s. One more choice gone.