Google Public DNS, the product name for the DNS servers that sit at IP addresses 126.96.36.199 and 188.8.131.52, is now able to handle the more secure DNS-over-TLS specification. Domain Name System (DNS) is the distributed, phone book-like method for converting domain names into IP addresses.
Traditionally, DNS queries have been vulnerable to sniffing and spoofing from anyone sitting on the wire, but wrapping the queries in Transport Layer Security (TLS) can go some way to changing that.
"Starting today, users can secure queries between their devices and Google Public DNS with DNS-over-TLS, preserving their privacy and integrity," Google said without mentioning the obvious -- since it is on the receiving end of your queries, it will know what domain names you are browsing, as at some point your DNS query needs to be resolved.
Users of Google's Android 9 release are able to switch to make use of DNS-over-TLS already; users need to find the Private DNS setting in Android's network settings, and set the DNS provider to dns.google -- older versions of Android do not have native DNS-over-TLS support.