Confirmation Checklist
- I confirm that this feature is not already present on the latest release of Phoenix. You can check what the latest version is on the
Releasespage. - I confirm that this feature has NOT already been suggested on the Codeberg issue tracker, the GitLab issue tracker, and/or the GitHub issue tracker.
I’ve noticed in recent commits that future versions of IronFox might switch to Mullvad as the default DNS provider. I would like to request that you keep Quad9 in the custom list or consider reverting the change, based on security performance benchmarks.
According to tests conducted via GRC’s DNS Spoofability tool (grc.com/dns/dns.html), I’ve observed the following:
- Mullvad DNS: Returns a "Moderate" result for Anti-Spoofing Safety.
- Quad9: Consistently achieves an "Excellent" rating.
Quad9’s robust implementation of DNSSEC across all its endpoints (except for the 9.9.9.10 testing service) provides a significant layer of protection against cache poisoning and spoofing. This makes it a highly reliable choice for users prioritizing network integrity. You can find more details on their DNSSEC implementation here: https://quad9.net/news/blog/quad9-enables-dnssec-on-all-service-endpoints/
Given IronFox's focus on privacy and security, I believe providing Quad9 as a prominent option is essential for maintaining high safety standards.
Thank you for your hard work on this project!