Mullvad DoH and DoT – beta release

3 mars 2021  FEATURES EXTERNAL AUDITS

We have released a beta of our encrypted DNS. Hosted and created by us, an audited non-logging VPN service. We are thirsting for your input before we take this service to the next level.

Starting today, we now have a public DNS service up as a beta that offers DNS over HTTPS (DoH) and DNS over TLS (DoT), with QNAME minimization and basic ad blocking. It has been audited by the security experts at Assured.

Our DoH/DoT servers are located in AU, US, DE, GB, SG, and SE. If you follow our guide and use Mullvad’s DNS, you should get the nearest server.

DoH/DoT is not necessarily more private or secure than our normal DNS running on our VPN servers, but it acts like kind of a safe guard for DNS.

If your VPN is turned off, DNS requests will travel encrypted to Mullvad and will not be visible in cleartext to your ISP. Make sure your lookups are not sent in cleartext – even when your VPN is turned off.

Our two DoH services

Ad-blocking version – adblock.doh.mullvad.net

Without ad blocking – doh.mullvad.net

Check out our guide.

What value does Mullvad DoH offer?

  • If you are planning to use DoH, now you have an option to select one with a focus on privacy (infrastructure audited).
  • It works without a VPN, it works for non-Mullvad customers, and it even works if you use another VPN provider.
  • If you forget to turn on your VPN, it still runs and offers somewhat more privacy.

Why are DNS servers important from a privacy perspective?

A DNS (Domain Name System) server is the first point of contact that your browser makes when you try to access information over the Internet. This is the case for every URL you visit, every file you download, and every image that loads on a website, including ads.

Since your browser contacts the DNS server for each and every new domain name request, the DNS server will know which websites you are looking at and links from that pages to other resources (like ads).

Therefore, you are constantly leaking information about what you are doing, and when, to your DNS server provider, which is usually your ISP (Internet Service Provider).

DoH can increase your privacy

DNS over HTTPS (DoH) can increase your privacy and security by performing DNS resolution via the encrypted HTTPS protocol. It also prevents eavesdropping and manipulation of DNS data by man-in-the-middle attacks.

However, the individual or company operating your DoH server can still see everything you do. If you have privacy concerns, it is therefore important to select a DoH server that your trust, and in a country where the laws comply with privacy.

For the universal right to privacy,
Mullvad VPN