> Not to mention that DNS over HTTP AdBlock is basically just as easy to set up nowadays.

Only if the device in question uses the ad-blocking DNS servers.

Firefox (IIRC) by default does not use the operating system's resolv.conf. Smart TVs (and Chromecast) have also been known to ignore DNS settings from DHCP.

* https://labzilla.io/blog/force-dns-pihole

And since the DNS traffic now looks like HTTP(S) traffic, your only recourse is to block all HTTP access and tunnel it through a proxy.

As an IT guy, and the person who runs a home network, this reduces the visibility of what is happening on my network(s). Reduced visibility is bad IMHO.

You can force Firefox to use use a DNS server of your choosing with a canary domain: https://support.mozilla.org/en-US/kb/canary-domain-use-appli...

I'd prefer it Firefox was opt-in instead of opt-out, and if they'd just use the OS settings like every other piece of code on my system.

You will still do so with SNI.

Yeah and if you don't use SNI, but the website sits on its own IP, then the website can be found out via the ip, which is transmitted in the clear (unless VPNs/tunneling etc are used).