Skip to content
Waterfox

Blog

Waterfox in Partnership with Fastly

Alex Kontos
Alex Kontos
Founder

We’ve teamed up with the stellar folks at Fastly to help power a new privacy technology, DNS over Oblivious HTTP (DoOH).

Whenever you browse the web, your DNS queries get exposed to your ISP or anyone else watching your web traffic. That means they can easily see which sites you visit and profile your interests. Rather invasive, isn’t it? ​

Waterfox has partnered with Fastly to integrate secure Oblivious HTTP relays into the browser’s DNS resolution — with this partnership, we are able to use a world-class implementation of this privacy-respecting protocol, that’s also used by many of the world’s leading platforms, including many top internet browsers. This encrypts and relays your DNS traffic through remote servers in a way that completely hides the target of your DNS queries -– and ultimately the site where your browser is planning to connect. Your DNS requests become significantly more private and secure.

​ It is important that at every stage of the connection each service is run by an independent third party. This prevents any one party from collating data together and unmasking who is making the requests.

​ Fastly operates a huge global network of edge compute locations that make this privacy relay work fast and reliably, which means there will hardly be a performance penalty when using DoOH.

​ The DNS resolver will be Cloudflare’s https://1.1.1.1 service, which is also an independent third party.

​ For us, this is a huge step in our mission to make Waterfox one of the most privacy-respecting browsers out there. Your data belongs to you, and we’ll keep working nonstop to protect it. Teaming up with Fastly brought some serious privacy superpowers to the table. We can’t wait for you to try it out!

​ Over the weekend, DNS over Oblivious DNS infrastructure was migrated over to Fastly. And as always, keep spreading the word to anyone who cares about internet privacy in this age of surveillance. We’ve got your back! ​

FAQ

Section titled “FAQ”

Q: Do you have access to the relay?

A: No, Fastly will independently manage the relay, and we don’t have direct control over the code, the service configuration or the TLS certificates. This is critical from a privacy hygiene standpoint.

Q: Will Fastly have access to my data?

A: No, due to the double-blinded nature of the OHTTP service. One layer, Fastly, handles end user identifying metadata (the Relay) while another handles the end user’s request data (the Gateway). These two layers communicate but do not collude, and do not pass identifying details about the Client to each other.

Q: Is this slower than making normal DNS requests?

A: Slightly, but not by much. Cloudflare ran tests and found that the penalty is consistently less than 1ms at the 99th percentile1,.

Q: I still don’t understand - why must the relay and resolver be run by independent parties?

A: As explained by Fastly2, the privacy guarantees relies on one fundamental property — that the proxy and the target servers do not collude. So long as there is no collusion, an attacker succeeds only if both the proxy and target are compromised. ​

Footnotes

Section titled “Footnotes”

  1. https://blog.cloudflare.com/oblivious-dns/

  2. https://www.fastly.com/blog/enabling-privacy-on-the-internet-with-oblivious-http

A New Chapter for Waterfox

Alex Kontos
Alex Kontos
Founder

Dear Waterfox Community,

Today marks a new change for Waterfox.

Over the years, Waterfox has grown and flourished, thanks to the unwavering support and enthusiasm of its incredible community. Your passion for a privacy-focused and customisable browsing experience has been the driving force behind the success of this project.

I am happy to say that Waterfox is independent again. This change allows the community and myself to shape the browser’s future direction.

As we embark on this new chapter, Waterfox’s dedication to privacy, customisation, and performance remains. I am committed to delivering a browser that prioritises your online security and respects your digital autonomy. With this change, I have the opportunity to accelerate development, introduce new features, and focus on the user experience.

One of the most valuable aspects of Waterfox is its vibrant and passionate community of users. I am grateful for your support, feedback, and contributions over the years. Your input will continue to guide the evolution of Waterfox as we meet your expectations.

In the coming months, I will be working diligently to advance the browser, focusing on improvements that enhance privacy, boost performance, and expand customisation options.

Stay tuned for future updates, as I will be sharing more details about my plans for Waterfox, including new features and opportunities to get involved.

Thank you for your continued support!

Alex Kontos Founder, Waterfox

Reblog: How the Open-Source Browser Continues to Balance Performance, UX, and Customizability with a Focus on Privacy

Alex Kontos
Alex Kontos
Founder

TL;DR: Waterfox delivers a balanced browsing experience for users to navigate the web with peace of mind. Leveraging privacy and usability, Waterfox enables users to add customizations and optimize their time on browser-based applications while protecting their online activity. Waterfox schedules timely releases to improve user experience and has more accessibility in-store, with an Android platform in the works.

Read the full article at HostingAdvice.

An Update on Waterfox Classic

Alex Kontos
Alex Kontos
Founder

Since Waterfox Classic and Waterfox Current (now G4) diverged, they have both have separate goals.

G4 has its eyes set to the future - a modern browser, focusing on modern web compatibility without sacrificing speed, or the balance of privacy and usability.

Classic has focused on keeping the tried but tested available. Unfortunately, due to the rapid nature that the web is now expanding at, keeping Classic up to date with that is difficult.

To make sure the projects aren’t falling over each other, Waterfox Classic will now be moved out of the main Waterfox development repository and into its own separate repository - updating the previously archived “Waterfox Old”, now named Waterfox-Classic.

This has the following benefits by not having two versions of Waterfox sharing resources:

  • Contributors can clearly see what Classic development is ongoing
  • GitHub Actions will be clearly segregated, allowing easy viewing of ongoing builds
  • Waterfox Classic will have its own simple landing page
  • Issues can be opened in a separate tracker, not getting closed for not focusing on G4
  • An organised, clear list of what security patches haven’t been fixed

A fair warning will be presented to all those who want to use Classic, that it may be vulnerable to multiple security issues - but the choice is given to the user to proceed at their own discretion.

This will keep Classic ongoing for as long as possible - but the success of this project will still rely on contribution.

Over the next week, infrastructure will be put in place for Classic to keep it running properly. We will let you know when this is complete.

Waterfox 4th Generation Release

Alex Kontos
Alex Kontos
Founder

View Release Notes for G4.0.0

Today marks the soft release of the 4th Generation of Waterfox. After enough time has elapsed, the automatic update will be seeded out to all users.

New Website

Section titled “New Website”

You may have noticed a new website - much more information, with a more practical structure. This website also allows us to add documentation, support documents and better ways to convey information.

We will be optimising the website over the next few weeks as well as setting up redirects for any old pages that have been missed.

New Browser

Section titled “New Browser”

Waterfox has returned to its roots with performance at the forefront. We have aggressively optimised Waterfox for as much performance as possible. Unfortunately this means we have to leave older systems behind - but any computer from the last decade should work.

ARM builds are now available for macOS and these are also optimised, taking advantage of the new hardware Apple has to offer. Windows and Linux ARM builds will also follow in due course.

We have also changed the way we make changes to the underlying Gecko platform, meaning we can now track releases faster and in a more automated way. Over the next few months we will track the central branch of Gecko. If our features apply cleanly each release, we will then stop tracking the Extended Support Releases and instead start a rolling release for Waterfox. The idea behind this change is that not only will Waterfox be incredibly performant, but also be at the forefront of supporting the latest HTML standards.

Mobile browsers are also in the pipeline, but are dependent on us having our own Sync service primed. Once that has been achieved, mobile browsers will follow. We will keep you updated on progress.