Sending DNS queries in open does not protect from DNS hijacking which is ubiquitous in SE Asia for example. So you end up getting ‘free security solution’ that at the last mile is deliberately slowed down, registered and falsified.
Much better and more secure solution could be assembled in 15 minutes using dnscrypt-proxy with ip and domain filtering and caching. [^1]
Additionally I am always suspicious why IBM suddenly wants to collect my DNS queries? Sorry big corpo but I don’t trust your good intentions any more. We are long past the innocence of first years of the Internet.
If IBM or any other big name really wants to help with DNS security why don’t they give financial and material help to heroes like jedisct1, Martin 'd0wn' Albus, soltysiak and others who put their time, effort and money into running DNSCrypt servers? Money plunged just in design of Quad9 webpage they could have kept some servers running for years[^2]
Much better and more secure solution could be assembled in 15 minutes using dnscrypt-proxy with ip and domain filtering and caching. [^1]
Additionally I am always suspicious why IBM suddenly wants to collect my DNS queries? Sorry big corpo but I don’t trust your good intentions any more. We are long past the innocence of first years of the Internet.
If IBM or any other big name really wants to help with DNS security why don’t they give financial and material help to heroes like jedisct1, Martin 'd0wn' Albus, soltysiak and others who put their time, effort and money into running DNSCrypt servers? Money plunged just in design of Quad9 webpage they could have kept some servers running for years[^2]
[1] https://github.com/jedisct1/dnscrypt-proxy/wiki
[2] According to soltysiak his monthly costs are c.a. 40€/month but as it is his private expense he had to limit memory in his server.
https://dnscrypt.pl/2017/04/02/finacials-in-q1-2017/