Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:25 PM
Dark Reading
Dark Reading
Products and Releases

Quad9 Offers Owners of Android-Based Devices DNS Security Protections for Free

Privacy-centric DNS service blocks access to more than 15 million malicious events per day, limiting access to malware and phishing as well as encrypting private DNS data.

Berkeley, CA, May 7, 2019 – Today Quad9 released Quad9 Connect - a mobile app allowing the more than 2.5 billion global users of smartphones built on Android to use the free security and privacy driven recursive domain name service (DNS) to block access to malicious websites and maximize web browsing privacy while using an Android mobile device. Launched in late 2017, Quad9 is used billions of times a day across6 continents, typically blocking access to tens of millions of malicious events per day. The Quad9 Connect mobile app can be downloaded from the Google Play Store at https://bit.ly/quad9-android.

Whenever a Quad9 user clicks on a website link or types an address into a web browser, Quad9 checks the site against a list of domains combined from more than 19 different threat intelligence partners. Each threat intelligence partner supplies a list of malicious domains which examine such factors as scanned malware discovery, network IDS past behaviors, visual object recognition, optical character recognition (OCR), structure and linkages to other sites, and individual reports of suspicious or malicious behavior. Based on the results, Quad9 completes or denies the lookup attempt, preventing connections to malicious sites when there is a match.

"Over the past 18 months, global users of Quad9 have bolstered their cyber protections and maximized their privacy," said John Todd, executive director of Quad9. "Our Android solution has been in development for several months, and we're excited to add an easy-to-use solution to solve the otherwise difficult configuration problems that Android presents for DNS modification. The Quad9 network is fully prepared for the expected exponential growth of traffic as global Android users come on board."

"IBM is proud to be a key member of Quad9 since its launch in 2017. Since then, the service has experienced tremendous adoption," said Paul Griswold, Director of Strategy and Product Management, IBM X-Force Threat Intelligence. "The launch of the Quad9 Android app will help to further extend Quad9's user base and make its security, privacy, and performance benefits available to Android mobile users worldwide."

Privacy is built into the DNA of Quad9. No personally identifiable information is collected or logged by the system. IP addresses of end users are not stored to disk or distributed outside of the equipment answering the query in the local data center. The application uses DNS-over-TLS protocols to encrypt DNS data over the Internet, ensuring that mobile carriers, wireless hotspots, or any other network operator in the path cannot see the DNS requests from the client. Quad9 is the only not-for-profit organization dedicated only to the operation of DNS services. There are no commercial motivations for revenue streams involving collecting or selling your private data, and the core charter of the organization is to provide secure, fast, and private DNS security.

The application supports encryption using the standards-based protocol DNS-over-TLS. Quad9 Connect gives feedback to the user in the event that a referenced site is on the threat list via a notification. It supports "walled garden" hotspot signups and works across both Wi-Fi and mobile carrier data networks.

Quad9 systems are currently distributed worldwide in more than 140 locations in 82 countries, with an expansion target of 200 locations in total for 2019. These servers are located primarily at Internet Exchange points, meaning the distance and time required to get answers is lower than almost any other solution. These systems are distributed worldwide, not just in high-population areas, meaning users in less well-served areas can see significant improvements in speed on DNS lookups. The systems are "anycast" meaning queries will automatically be routed to the closest operational system.

About Quad9

Quad9 is a free, recursive, anycast DNS platform that provides end users robust security protections, high-performance, and privacy. Quad9 is an independent nonprofit formed from a collaboration of IBM, Packet Clearing House and the Global Cyber Alliance. Learn more at www.quad9.net.


Media Contact:

Adam Benson
Vrge Strategies
[email protected]

Phone: (202) 999-9104

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Breaches Are Inevitable, So Embrace the Chaos
Ariel Zeitlin, Chief Technology Officer & Co-Founder, Guardicore,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-11-15
Null pointer dereference vulnerability exists in K11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime in NSS before 3.26, which causes the TLS/SSL server using NSS to crash.
PUBLISHED: 2019-11-15
Jetty 6.x before 6.1.22 suffers from an escape sequence injection vulnerability from two different vectors: 1) "Cookie Dump Servlet" and 2) Http Content-Length header. 1) A POST request to the form at "/test/cookie/" with the "Age" parameter set to a string throws a &qu...
PUBLISHED: 2019-11-15
Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections
PUBLISHED: 2019-11-15
ClamAV before 0.97.7 has WWPack corrupt heap memory
PUBLISHED: 2019-11-15
ClamAV before 0.97.7 has buffer overflow in the libclamav component