The most widely deployed public DNS’s – domain name servers – used by those seeking to improve the performance of their web search and browsing services have been OpenDNS and Google Public DNS. In particular, OpenDNS is a favorite of corporate users, including some of our clients.
These services provide virtually 100% uptime, near-instant TTL (time-to-live, the rate at which new information added to a website reaches an ISP’s users), and makes most user-tracking unavailable to your ISP.
But both of these options also employ tracking for their specific needs – Google’s to match ads to your searches and browser activity (especially if you use Chrome), OpenDNS is reporting information important to any business operation looking to optimize and secure their own networks.
Enter CloudFlare and Quad9 privacy-first DNS.
Both of these are speedy, and as we have ourselves personally discovered, are always running compared to the spotty uptime and glacial 48-hour cache of own sluggish (and overpriced) ISP.
This kind of DNS is installed in a control panel on your PC or Mac, and overrides the ISP’s default.
Installed on your PC, this system sends searches and other web activity straight to servers that do not record your IP, servers that wipe their logs every 24 hours.
Until now, Google’s 8.8.8.8 public DNS was the best personal or single pc option, but it collects anonymized data to facilitate their advertising operations. On April 1, CloudFlare launched their 1.1.1.1 service, which collects no data. CloudFlare is a private company whose main claim to fame is to provide an affordable (or in some cases, free) ‘content distribution network,’ which deploys multiple copies of websites to improve speed of delivery and protect against denial of service attacks. (We have used them for just this purpose.)
The insecurity of the DNS infrastructure struck the team at Cloudflare as a bug at the core of the Internet, so we set out to do something about it.
Quad9 is a nonprofit using 9.9.9.9 as their IP (four 9’s, Quad9, get it?). It has the endorsement of the Electronic Frontier Foundation, collects no user IPs, and has ‘no secondary revenue streams’ to tempt them to start collecting data for resale. Quad9 also provides reverse-path security against the pervasive threat of internet-of-things malware (such as the casino hacked throught their IoT fish tank).
If unsure of how to begin, we can install this via screenshare session at a nominal fee (if you are on one of our monthly plans, this is likely ‘free’). To get a session code – and if you operate a network of five or more worstations, ask for a free security audit – contact us now.
