DNS resolver 184.108.40.206 will check requests against IBM threat database
Group Co-founded by City of London Police promises 'no snooping on your requests'
The Global Cyber Alliance has given the world a new free Domain Name Service resolver, and advanced it as offering unusually strong security and privacy features.
The Quad9 DNS service, at 220.127.116.11, not only turns URIs into IP addresses, but also checks them against IBM X-Force's threat intelligence database. Those checks protect agains landing on any of the 40 billion evil sites and images X-Force has found to be dangerous.
The Alliance (GCA) was co-founded by the City of London Police, the District Attorney of New York County and the Center for Internet Security and styled itself "an international, cross-sector effort designed to confront, address, and prevent malicious cyber activity."
IBM's helped the project in two ways: back in 1988, Big Blue secured the 18.104.22.168/8 block of 16 million addresses, which let it dedicate 22.214.171.124 to the cause.
The Alliance, which oversees the initiative, said the other partner, Packet Clearing House, gave the system global reach via 70 points of presence in 40 countries.
It claimed users wouldn't suffer a performance penalty for using the service, but added it plans to double the Quad9 PoPs over the next 18 months.
GCA, which did the development work, also coordinated the threat intelligence community to incorporate feeds from 18 other partners, “including Abuse.ch, the Anti-Phishing Working Group, Bambenek Consulting, F-Secure, mnemonic, 360Netlab, Hybrid Analysis GmbH, Proofpoint, RiskIQ, and ThreatSTOP.”
The organisation promised that records of user lookups would not be put out to pasture in data farms: “Information about the websites consumers visit, where they live and what device they use are often captured by some DNS services and used for marketing or other purposes”, it said. Quad9 won't “store, correlate, or otherwise leverage” personal information.
Google makes the same promise for its 126.96.36.199 DNS service, saying: “We don't correlate or combine information from our temporary or permanent logs with any personal information that you have provided Google for other services.” However, most home users accept the default configuration for their ISP, each of which will have its own attitude to monetising user data.
GCA also said it hoped the resolver would attract users on the security-challenged Internet of Things, because TVs, cameras, video recorders, thermostats or home appliances “often do not receive important security updates”.
If you're one of the lucky few whose ISP offers IPv6, there's a Quad9 resolver for you at 2620:fe::fe (the PCH public resolver). ®