Personally, I highjack all DNS requests made on my network at my router, then use a VPN tunnel to resolve them on a server that I control that runs unbound. My guess is that FIOS was doing the same to you, just without your interests in mind.
A similar setup to mine could be deployed at your network edge, and it could then force all of your port 53 DNS requests to go over a more secure protocol. Of course you would have to figure out how to set this up, and it wouldn't protect your devices anywhere except your home network.
I had tried 2 different routers and got the same result, including bypassing the router at one point, and I even ran my router's WAN through a wireless hotspot on my phone at one point and saw the problem stop.
A similar setup to mine could be deployed at your network edge, and it could then force all of your port 53 DNS requests to go over a more secure protocol. Of course you would have to figure out how to set this up, and it wouldn't protect your devices anywhere except your home network.