For the next #IronFox release, we intend to remove built-in DNS over HTTPS providers that do not have their addresses signed with DNSSEC and/or do not enforce DNSSEC for domains that support it. We're making this change because we believe it's our responsibility to hold the default selection of providers to the highest possible standards, and due to the improvement in privacy and security that it will provide for users.
The following providers will be impacted:
- AdGuard
- AdGuard (Unfiltered)
- NextDNS
- Quad9
- Wikimedia
Unfortunately, as Quad9 is one of the providers impacted, we intend to switch the default provider for new users to Mullvad (Base).
If you are currently using any of the effected providers, your choice will be respected, and they will remain your selected DNS provider after updating, though we would strongly recommend switching to one of the other built-in providers if possible.
We wanted to share this announcement before release to make users aware and get feedback around this change. We look forward to hearing what the community thinks!
