I just started with ControlD on my Android Phone and have not had any problem with updates that i can tell. I added the DoH Malware and No Ads DNS option from the list in the AdGuard Android App.
Now that I have some time to myself,I did a quick test in a phishing website: Code: hxxps://apply.trustpad-reward.info/bsc Now, the phishing website is not recognized by either Google Safe Browsing (Firefox) or Smartscreen filter (Edge). With AdGuard Private DNS the HTTPS website is regularly open: With NEXT DNS the phishing website is blocked: I also switch Next DNS in Firefox.
The option 'Block newly registered domains' in NextDNS offers a strong defence. Edit: ControlD does also.
I decided to enable the NEXT DNS blocking page in Firefox. Unfortunately,after installing the NEXT DNS certificate you also need to make this change in about:config Code: "security.enterprise_roots.enabled" set to true
Some other quick test. Interestingly, the same phishing website: Code: hxxps://www.amazon.co.jp.sttkjf.top/ generate a different alert pop-up in Edge and Firefox. With Firefox, the browser's Google Safe Browsing filter takes priority over blocking Next DNS: With Edge, the Microsoft SmartScreen filter,now,does not block the phishing web page,so the NEXT DNS block intervenes: As always, the situation (Microsoft SmartScreen filter) could change quickly.
I started using ControlD Option2 with No Ads, Trackers and Malware on my W10 and could not be happier. It's seems a lot faster than the CleanBrowsing DNS that i had before. I have ControlD HTTPS in the Chrome setting for secure DNS.
I also entered ControlD DNS (free) at the system level. ControlD DNS - Only OISD - Full It's faster for me Cloudflare.
ControlD Free DNS is (mostly) faster for me compared to Cloudflare DNS (my previous DNS), as per DNS Jumper. I'm using ControlD Unfiltered on my personal laptop. I'm using ControlD Family Friendly on my home laptop for family members. It is one of the few DNS services that enables "Strict" Restricted Mode on YouTube. Most of the DNS services enable "Moderate" Restricted Mode on YouTube.
I test tested ControlD with Malware,Tracking, and Ads Filter. This is the P2 DNS and did not seem to block any Ads. I changed to the P1 DNS which only has the Malware Filter.
I was going with ControlD with Malware filter, but changed to Malware, Phishing, and Gambling filters.
Heya folks, I'm actually from Control D. Glad to see all the success stories here. I'd be happy to answer any questions or increase the durations of your trials if you're uncertain
Currently using NextDNS, but have used Control D and AdGuard. AdGuard routing sucks and they can't do anything to fix it, so i stopped using it and it takes really long time for them to answer to emails. Control D i paid for a year and it was good, but didn't renew it (thinking about going back)
I have the paid version of NextDNS and ControlD. ControlD has been adding a lot of pretty cool features lately, even more that NextDNS. But for me, ControlD's routing is nowhere near as cool as NextDNS'. Pages load a lot faster for me with NextDNS, and it's not even really close.
That is a good read. Thanks @Dragon1952. Also, you can import/export custom rules with ControlD, which I did not see mentioned. With it you can also temporarily disable filtering if need be. With NextDNS you can't.
I always find fascinating how desperately competition tries to draws customer away, adguard only sends trolls, at least controlID did a fair comparison. But for starters they are comparing a feature unlimited free NextDNS with theirs paid one, as if that were not bad enough, multiple paid tiers actually. CD has only twelve 3rd party blocklists and they all block ADs, even their native ones. I block only tracking, about 50K rules overall, that includes the most basic adguard tracking and notrack (not notracking). NextDNS is currently the best malware/phishing blocking DNS, only Quad9 comes even close, so while other features are nice, this is still my main concern. CD also does not support ClientHello (ECH). Clearly, CD uses dark mode, I can hardly see anything and you can not switch it off. The GUI is very cumbersome and slow (screen), heavily scripted? The fact that they had to write an article how to use it, speaks for itself. Yes they have some comparable features, but because they are hidden, they suffer for it, like blocking VPNs or SafeSearch. Basically half of their article is about this problem. The GUI and descriptions need a lot of work. I never understand why people think that more is better?! More means more blockage, so in the end you will have to disable the filter to be able to use the service, thus using no filter in the end. It is all about granular control. I guess adding 500 TLDs sounds like fun to some. I was left speechless after reading this. Clearly privacy and unfiltered results means nothing? The specified toggle follows Canadian laws and might not be illegal in US or Japan. Not to mention sometimes you need to visit those. Looking forward to it, at least they do not play a dead bug like NextDNS. I also like, that activity log shows IPs as well as domains, it can be usefull for a firewall configuration. I was about to test phishing/malware domains, but this stopped me. Blocking NRDs blocks majority of malicious webpages and CD seems to have failed here, so I no longer bother with further testing untill they get it working.
Thanks for posting that. Never heard of them until now. I like to know what the options are whether I use them or not.
That is a good read. I knew people were going to love reading that Blog. I found that Blog on the ControlD Twitter.
Hi there, I'm actually the author of that article, and thanks for a detailed retort. Let me answer the points you raised. 1. Yes, NextDNS has a "free" plan, but it's limited at 300k queries. My phone generates more queries than that in a month, and I'm not a heavy phone user, I spend <1hr on my phone per day and have very few apps installed. Aside from niche uses cases, the free plan is useless imo. Control D has totally free / unlimited resolvers available, including mirrors for popular 3rd party blocklists: https://controld.com/free-dns You can't customize these, but you can send unlimited queries. 2. Yes, we only have 12 3rd party blocklists, only the most popular/quality ones. 95% of our users don't use them however, because our in-house Ads & Trackers one is arguably superior. It's based on feedback from millions of Windscribe users, enforces a reasonable amount of domain blocks, and will have very few false positives compared to all other lists. We added 3rd party blocklists only at the request of the users, and many told us they have switched back to our native filter because of the false positives that riddle many of these 3rd party blocklists maintained by some dude as a hobby. You may think "I never saw any false positives, so this is BS", however I speak from actual experience. We've experimented with many of these, by adding them as a source to our own Ads & Trackers list, which was used on Windscribe by millions, before Control D even existed. Every time we've done this, with every single 3rd party list, we'd immediately get hundreds of support tickets about incorrect blocks that break something. We always had to roll them back. This is why I say ours has MUCH fewer false positives, for a large group of people. Your millage may vary. 3. How do you evaluate "best malware/phishing blocking"? What is the method for comparison? 4. Not sure about the ECH comment, destination sites have to support ECH, and as it stands now, none do except for a handful of Cloudflare experiments. Since you mentioned ECH, we're actually working on a project right now that would allow the end user to enable ECH internet wide, even for destination websites that don't support it (100% of the Internet as it stands now). This leverages our proxying capabilities, however it will require installation of a root certificate to work, as it's impossible without it due to how TLS 1.3 works (transcript hash specifically). 5. UI comments are a bit of a personal preference. Our UI is mostly inspires love or hate feelings. Most love it thou, some hate it. Sorry. That being said, it's undergoing a major overhaul right now of how the control panel is structured. Once done, I think you will be pleasantly surprised. 6. OS "native protection" toggles for individual OSes seemed odd to me, as why would you want to block telemetry from one but not the other? I'm all for choices, but this one seems odd to me. You either block telemetry, or don't. If you have a niche case where you DO want to do this, you can make custom rules. Most people don't care thou (we asked), they just want a simple toggle that does what it says. 7. Blocking TLDs, do you really need to block 500 TLDs? And if you do, an inverse is better: block EVERYTHING and make an allow list for TLDs you want, like so: https://www.reddit.com/r/ControlD/comments/10rw1yb/default_rule_block_all_traffic/ 8. The CSAM comment is ridiculous. Project Arachnid distributes a list of confirmed child pornography domains (its really deplorable **** if you actually saw the list of domains), accessing these is illegal in every single country. 9. The NRD blocklist is indeed quite weak, the vendor we use isn't the greatest and we're swapping them for another shortly. It will be improved.
