Quad9 – UK Internet Users Now Have a More Secure DNS Provider Option

Most of you reading this are probably allowing your broadband ISP to manage the Domain Name Service (DNS), which translates IP addresses back and forth into human readable form (e.g. domain names like ISPreview.co.uk), but now there’s a new choice in the form of Quad9.

The vast majority of you probably won’t feel a need to use custom DNS providers, although if your ISP starts to inject content and filtering systems into your website browsing experience, or suffers a fault with their own DNS system that hampers page loading, then you may decide to try a third-party service.

At present there are already several popular free DNS providers, such as OpenDNS and Google’s Public DNS. Some of these claim to be faster than your ISP’s DNS system, although in reality you’re unlikely to notice much of a difference. So what makes Quad9 so special?

Quad9, which has been established by IBM, the Global Security Alliance (backed by the City of London Police and Center for Internet Security) and the Packet Clearing House, appears to be much more focused on security than we’ve seen before and routes your DNS queries through a secure network of servers around the globe.

The system, which pledges not to store, correlate or otherwise leverage your private data (Google makes a similar commitment), uses threat intelligence from more than a dozen of the industry’s leading cyber security companies to give a real-time perspective on what websites are safe and what sites are known to include malware or other threats. “If the system detects that the site you want to reach is known to be infected, you’ll automatically be blocked from entry – keeping your data and computer safe“, says Quad9’s website.

Generally all that’s required to give Quad9 a try is to switch the Primary DNS and Secondary DNS numbers on your router to use an IP address of 9.9.9.9 (use this for IPv6: 2620:fe::fe). Unfortunately some ISPs won’t allow you to change the DNS settings on their bundled routers, which means you either have to disable DHCP and setup your network / LAN IPs manually (painfully tedious) or change the DNS settings on each device connected to your network.

The caveat here is that ISPs tend to lock router DNS changes for a number of different reasons. For example, they may prevent such changes so as to limit the potential for your router to be hijacked by a hacker and have its DNS servers maliciously redirected. Likewise some of the biggest ISPs deploy DNS based filtering technologies (e.g. BT Web Protect and BT Parental Controls) and that may cause problems if you try a third-party DNS solution without first disabling those features.

At present Quad9 is still growing and so it should continue to get better over time.