diff --git a/README.md b/README.md
index 9a53fe9..117ccee 100644
--- a/README.md
+++ b/README.md
@@ -20,6 +20,7 @@
   - Weak ciphers and outdated TLS versions disabled by default
   - Hardened compilation configuration
   - Bundled with [hardened_malloc](https://github.com/GrapheneOS/hardened_malloc)
+  - Uses Mullvad's adblock DNS-over-HTTPS to provide Encrypted Client Hello
   - More to come
 
 ## Building
diff --git a/settings/omegafox.cfg b/settings/omegafox.cfg
index 86ceaf8..643fc76 100644
--- a/settings/omegafox.cfg
+++ b/settings/omegafox.cfg
@@ -1,7 +1,3 @@
-// =================================================================
-// CAMOUFOX FUNCTIONALITY
-// =================================================================
-
 // Use dark theme
 defaultPref("extensions.activeThemeID", "firefox-compact-dark@mozilla.org");
 
@@ -382,10 +378,6 @@ defaultPref("datareporting.policy.dataSubmissionEnabled", false);
 defaultPref("datareporting.policy.dataSubmissionPolicyAccepted", false);
 defaultPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true);
 
-// -------
-// CAMOUFOX: Removed pref to disable pdf.js
-// -------
-
 // Disable BFCache in parent process.
 // We also separately disable BFCache in content via docSchell property.
 defaultPref("fission.bfcacheInParent", false);
@@ -455,10 +447,6 @@ defaultPref("security.enterprise_roots.enabled", true);
 
 defaultPref("toolkit.shutdown.fastShutdownStage", 0);
 
-// -------
-// CAMOUFOX: Removed pref to use light theme by default (make less like headless)
-// -------
-
 // Do not use system colors - they are affected by themes.
 defaultPref("ui.use_standins_for_native_colors", true);
 
@@ -673,4 +661,11 @@ defaultPref("security.tls.version.max", 4); // 4 = TLS 1.3
 defaultPref("security.ssl3.rsa_rc4_128_sha", false);
 defaultPref("security.ssl3.rsa_des_ede3_sha", false);
 defaultPref("security.ssl3.dhe_rsa_aes_128_sha", false);
-defaultPref("security.ssl3.dhe_rsa_aes_256_sha", false);
\ No newline at end of file
+defaultPref("security.ssl3.dhe_rsa_aes_256_sha", false);
+
+// Enable Encrypted Client Hello
+defaultPref("network.trr.enabled", true);
+defaultPref("network.trr.uri", "https://adblock.dns.mullvad.net/dns-query");
+defaultPref("network.trr.mode", 2);
+defaultPref("network.dns.echconfig.enabled", true);
+defaultPref("network.trr.bootstrapAddress", 194.242.2.3);
\ No newline at end of file