Jump to content

Quad9 vs CleanBrowsing - Best DNS for security?

Recommended Posts

You're a little quick on the trigger finger there partner. Not everyone is a "shill", keyword pumping for the competition. I created an account and posted here because I don't think your opinion is well formed - or better, it is misplaced. 

Not that it matters, but In all likelihood, I know far more about "seo" and "spam" than you do... it (internet based marketing) is my livelihood and prior to that I owned and operated an IT consulting firm (~20 years). I have both feet firmly planted in both sides of the game.

-I never said that "major" DNS providers don't filter. Of course they do, each having their own reasons (good or nefarious). I said, if you don't want to have your results filtered, then use your OWN DNS root hints, or DNS provider that agrees to no filtering.

-I never said that search engines and DNS providers don't filter what you search for - of course they do, it is their prerogative. 

Those providers are no different than the DNS filter in your product. They intercept a query and act upon it with a filter (for whatever reason, good or nefarious). You just don't like WHERE the filters are applied (I.E. your software or somebody else's). 

I think the issue here is misplaced anger toward "censorship" and confusion about DNS architecture, or where it fits in. You appear to want to elevate DNS providers to some moral or enforced standard above that of search engines or other products. The problems is that "DNS Providers" are not a governed part of the architecture, and even if they were, only countries and entities willing to play nicely would adhere anyway-leaving us in the same boat.

You mentioned the phone book analogy - There is no "phone book".  There are "phone books" - each localized or curated for a reason, from White Pages to Yellow Pages and countless directories in between. Some specific to localities, some to business verticals, and others to carrier's own subscribers. DNS "providers" are like phone books in that sense. The difference is, that we can go a level above them and to the root servers. FWIW - there is no "phone company" analog to this, even if you collected every carriers database and centralized it!  

The cure to what ails you (as i have repeated) is that we in fact DO have the ability to see unfiltered DNS quires by starting our query at the root level. Anything in between has (will) curate the returned results. There is no jurisdictional or enforcement mechanism that could ever change this. It is not they way the system is built. To argue any differently is to be naive to how it all actually works and what can or can't be controlled. Be happy we have that at the DNS level, as from the search perspective there is no "index" of the entire "internet" to use if you don't like the filters your chosen search provider applies.

I don't disagree with your sentiment - I am just pointing out that it is misplaced. The large providers of the world are shaping the very fabric of society by carefully curating what we see and read, from politics to social behavior and everything in between. I don't like it either, but DNS itself is not the culprit.  Be angry at your provider, not the mechanism. 


Share this post

Link to post
Share on other sites

Hello, slightly worried that I am wading into something that I don't fully understand but I read the thread and it confused me and surprised me.

I found the thread by googling "cleanbrowsing" because my ISP recommends OpenDNS to do content filtering from the router and I wanted to see if there is an alternative. This thread is the 5th hit in that google search on my computer though I have already done some searches for 'alternatives to OpenDNS' and appreciate that google are clever in working out what you are looking for so that may not be what comes up when others search for the same thing....

I have 2 young children and want to block them from accidentally accessing any inappropriate content from any devices on our home network.  I have malwarebytes subscription (I expect you can check this 'root admin' from my email address) and have it installed on our PCs and mobiles but not on the smart TVs (can you??) or my children's kids fire tablets or the tablet we use to download netflix films to watch in the car.  I have done my best to set up parental controls on all the devices but I want an element of 'belt-and braces'.  I have just changed ISP,  the previous one included a comprehensive parental control system, the new one (which is fibre to the door and v. fast which is why I go it) doesn't.

Without installing something on every device my reading suggests that the only way to stop any inappropriate content coming into the network is to change the DNS settings on the router to use OpenDNS or Clearbrowsing or another DNS filter or to buy a router that has it's own content filtering system.

RootAdmin's statement was that "My preference is that ALL DNS providers should be mandated that they should not play in this area. All DNS providers should do what they're there for. To provide look up information and it should not be morally controlled by anyone.  Domain Name System (DNS) is the phonebook of the Internet and should be able to find any known, published site period." Hence my confusion - if that is a good sentiment as per JohnDoe's last line - what is the correct way to do what I want?

If there is another and better way of achieving what I want them please tell me as where I am at the moment is choosing between OpenDNS, Clearbrowsing etc as, without installing something on every device and setting it up and probably spending a bit of money to do it I don't know how to achieve it




Share this post

Link to post
Share on other sites


If you do not wish to install software on every device, then your only choice is to use a solution that filters content at the modem/router/connection level.  The downside is that if your children are ever able to connect to any other network aside from the one(s) you have direct control over, they will have unfiltered access to the entire web.  There may be a way to prevent that, such as somehow configuring each device to only connect to the connections/networks you specify, however I know of no such solution, especially since it would need to work for any device they could leave the house with (or even connect to a neighbor's connection potentially, especially if any neighbors' networks are unsecured).

I am by no means an expert in parental controls and the like, however I do use several tools for filtering content on my own system (including Malwarebytes Premium and Malwarebytes Browser Guard), but whatever solutions are chosen, they are only going to be effective as long as they are active, so either each device will have to have restricted permissions (if possible; some devices lack such capabilities) to prevent disabling and/or uninstalling whatever filtering tools you might be using for any tools installed locally, or you will have to trust your children not to disable or try to remove the tools to unblock access.

The above info may all be things you're already aware of (as I said, I'm no expert in parental controls), I just thought I'd mention it in case I could contribute anything you hadn't considered yet.

I'll have to let AdvancedSetup address his own comments that you quoted.

You might also consider creating a new topic in the same General Chat area of the forums here to start a discussion on the subject as that will be likely to attract more eyes than a reply to a 2 month old topic.  I'm sure others in our community will have knowledge to share.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.