Originally Posted by speed_demon
I was not aware Mozilla partnered up with Cloudflare. I have some experience with Cloudflare's service and support and have nothing good to say about them.
Since you seem to be quite knowledgeable on the subject xJumper, in what capacity is CF working with Mozilla? I just switched to FF from Chrome but I dunno how long I want to stick with FF. Still looking at my options.
Cloudfare has been "working" with everyone, they want to become THE dns resolver when it comes to browsers and the internet. Recently many browsers have been moving towards trying to implement DNS over TLS or some form of encrypted DNS system. Apart from a handful of providers, most users ISP's do not support DNS over TLS or any of the related protocols so the browser makers have gravitated to towards the one or two centralized providers that do, Cloudfare and Google being the main ones.
Basically a lot of browsers, including Firefox have Cloudfare DNS support baked into them or at least have it as an option. With this specific Firefox plugin you are sending everything through Cloudfare. Word on the street is that Mozilla and Firefox are on track to make DNS over HTTPS through Cloudfare as a default option in the regular stock FF browser in a few coming releases, this plugin or not.
When it comes to implementing/using DNS over some form of encryption there's many ways, including this said plugin. There's different providers, different protocols, etc. It's all confusing and sometimes hard to implement correctly, and then when you do implement it correctly you are still faced with the problem that all your DNS queries are up streamed to a sole single entity (e.g Cloudfare or Google) who may have dubious motives in regards to your privacy.
My recommendation to tackle the DNS security/privacy problem would be to forget about this plugin, any of the DNS over TLS, DNSSEC, Open DNS or whatever else they have going and just use a VPN. If you have a VPN setup correctly (a lot of people don't) and you are not leaking any DNS requests, all your DNS requests will go to your VPN provider through an encrypted tunnel and you'll be safe that way along with being safe from any of the other attack vectors the "Firefox Private Network" plugin is trying to protect you against.
As for browsers, you really only have three choices. Chrome, Edge/IE or whatever they call it now (soon to be Chrome anyway) or Firefox. Firefox is still probably the best name in town as far as security/privacy goes for a multitude of reasons beyond which I could write in a single post. There's a bunch of other, what I call "one off" browsers, e.g. Waterfox, Palemoon, Brave, Vilvadi or whatever and I would caution against those. I haven't seen any that offer anything really spectacular in regards to privacy/security over FF, they don't have the same level of development backing so things like updates/security patches are sometimes lagging, and they actually make your privacy worse. "Alternative" browsers like those basically represent like 0.0001% of the browser market share, you can almost guarantee that you will be fingerprinted and uniquely identifiable across many websites just by virtue of being in the 0.0001% of users using those indie web browsers.
Here is a short form breakdown some knowledgeable internet people have done on the whole thing.