With just a few clicks, you could better arm yourself against hackers and block advertisers from tracking you online.
Cybercrime is projected to cost the global economy more than $2 trillion a year by 2019, according to market analysts Juniper Research, and many of those scams start with phishing — tricking people into clicking on outrageous links through legitimate-looking emails.
An easy way to block these attacks: Change the Domain Name System (DNS) that your computer uses. Most computers connect to the DNS that’s automatically set by their internet service providers, but there are safer alternatives.
How services compare
Cloud fare is a relatively new DNS service and has the fastest performance for 72 % of locations around the world, according to tests from security researcher Nyokolas Z. Second and third place, respectively, in terms of speed were Google and Quad9.
Quad9 checks URLs against a big list of compromised sites that are maintained by 19 different security intelligence firms, to ensure the URL has not been flagged for being dangerous in the past. If it has been, Quad9 will block the site. Unlike Cloudfare and Google, the organization behind Quad9 describes its service as “entirely altruistic,” created in partnership with IBM and security company Packet Clearing House (PCH). Quad9, a nonprofit, doesn’t charge consumers for the service and promises not to gather or sell user data.
“Every DNS service you use is mining data and selling it to advertisers,” said Caleb Barlow, vice president of threat intelligence at IBM. “But Quad9 also prevents companies from tracking customers.”
Privacy laws instituted by the Obama administration were overturned in April 2017, which means internet service providers can now sell your browser history to advertisers without your consent. Utilizing Quad9 or a similar private DNS could block that. Quad9 can prevent malware such as the recent Russian software called VPNFilter, which infected hundreds of thousands of gadgets across 54 countries, according to John Todd, executive director at Quad9.
“Within a few minutes, everyone using Quad9 — even people already compromised — would be protected from these threats,” he said.
Using Quad9 — or any other DNS service — is not a fix-all for hacks, however, said Mike Banic, vice president of marketing at automated threat management solutions company Vectra, based in San Jose, Calif. Because Quad9 blocks malicious domains or IP addresses that have attacked in the past, a cyber attacker who really wanted to get into your computer or organization could find a way around it by utilizing a fresh IP address or domain, he said. Any DNS service should be utilized in addition to existing firewalls and anti-malware software, said Todd.
“Quad9 offers privacy, but it will not prevent other services from tracking,” he said. “We aren’t a replacement for in-depth firewalls, we are an additional layer of security. For users, we are the first line of defense — and since we are free, there’s no reason not to do this.”