Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

5/7/2019
03:25 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Quad9 Offers Owners of Android-Based Devices DNS Security Protections for Free

Privacy-centric DNS service blocks access to more than 15 million malicious events per day, limiting access to malware and phishing as well as encrypting private DNS data.

Berkeley, CA, May 7, 2019 – Today Quad9 released Quad9 Connect - a mobile app allowing the more than 2.5 billion global users of smartphones built on Android to use the free security and privacy driven recursive domain name service (DNS) to block access to malicious websites and maximize web browsing privacy while using an Android mobile device. Launched in late 2017, Quad9 is used billions of times a day across6 continents, typically blocking access to tens of millions of malicious events per day. The Quad9 Connect mobile app can be downloaded from the Google Play Store at https://bit.ly/quad9-android.

Whenever a Quad9 user clicks on a website link or types an address into a web browser, Quad9 checks the site against a list of domains combined from more than 19 different threat intelligence partners. Each threat intelligence partner supplies a list of malicious domains which examine such factors as scanned malware discovery, network IDS past behaviors, visual object recognition, optical character recognition (OCR), structure and linkages to other sites, and individual reports of suspicious or malicious behavior. Based on the results, Quad9 completes or denies the lookup attempt, preventing connections to malicious sites when there is a match.

"Over the past 18 months, global users of Quad9 have bolstered their cyber protections and maximized their privacy," said John Todd, executive director of Quad9. "Our Android solution has been in development for several months, and we're excited to add an easy-to-use solution to solve the otherwise difficult configuration problems that Android presents for DNS modification. The Quad9 network is fully prepared for the expected exponential growth of traffic as global Android users come on board."

"IBM is proud to be a key member of Quad9 since its launch in 2017. Since then, the service has experienced tremendous adoption," said Paul Griswold, Director of Strategy and Product Management, IBM X-Force Threat Intelligence. "The launch of the Quad9 Android app will help to further extend Quad9's user base and make its security, privacy, and performance benefits available to Android mobile users worldwide."

Privacy is built into the DNA of Quad9. No personally identifiable information is collected or logged by the system. IP addresses of end users are not stored to disk or distributed outside of the equipment answering the query in the local data center. The application uses DNS-over-TLS protocols to encrypt DNS data over the Internet, ensuring that mobile carriers, wireless hotspots, or any other network operator in the path cannot see the DNS requests from the client. Quad9 is the only not-for-profit organization dedicated only to the operation of DNS services. There are no commercial motivations for revenue streams involving collecting or selling your private data, and the core charter of the organization is to provide secure, fast, and private DNS security.

The application supports encryption using the standards-based protocol DNS-over-TLS. Quad9 Connect gives feedback to the user in the event that a referenced site is on the threat list via a notification. It supports "walled garden" hotspot signups and works across both Wi-Fi and mobile carrier data networks.

Quad9 systems are currently distributed worldwide in more than 140 locations in 82 countries, with an expansion target of 200 locations in total for 2019. These servers are located primarily at Internet Exchange points, meaning the distance and time required to get answers is lower than almost any other solution. These systems are distributed worldwide, not just in high-population areas, meaning users in less well-served areas can see significant improvements in speed on DNS lookups. The systems are "anycast" meaning queries will automatically be routed to the closest operational system.

About Quad9

Quad9 is a free, recursive, anycast DNS platform that provides end users robust security protections, high-performance, and privacy. Quad9 is an independent nonprofit formed from a collaboration of IBM, Packet Clearing House and the Global Cyber Alliance. Learn more at www.quad9.net.

 

Media Contact:

Adam Benson
Vrge Strategies
[email protected]

Phone: (202) 999-9104

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Windows 10 Migration: Getting It Right
Kevin Alexandra, Principal Solutions Engineer at BeyondTrust,  5/15/2019
Baltimore Ransomware Attack Takes Strange Twist
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/14/2019
When Older Windows Systems Won't Die
Kelly Sheridan, Staff Editor, Dark Reading,  5/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12184
PUBLISHED: 2019-05-19
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136.
CVE-2019-12173
PUBLISHED: 2019-05-18
MacDown 0.7.1 (870) allows remote code execution via a file:\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138.
CVE-2019-12172
PUBLISHED: 2019-05-17
Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137.
CVE-2019-12168
PUBLISHED: 2019-05-17
Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command Shell (aka Administration > Commands) screen.
CVE-2019-12170
PUBLISHED: 2019-05-17
ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PH...