[shirshak55]

I think dedicated firewall can help a lot. Like if I use spotify i should be able to use firewall and tell spotify app can connect only to https://*.spotify.com if there are other url it should ask permission for that. I think this would help a lot. Especially when facebook implants its tracker to most app using sdk

[kube-system]

DNS blocking/filtering is a flimsy solution which is only effective if most people don't use it. If it ever becomes mainstream (which is starting to happen), trackers will just use CNAMEs or proxies (which is also starting to happen)

[llsf]

I believe pi-hole does support blocking CNAMEs: https://pi-hole.net/2020/07/15/pi-hole-5-1-released/#page-co...

[Terretta]

Like pihole, the device friendly NextDNS.io service can follow/block the CNAMEs.

[kube-system]

And some trackers have already sidestepped that and switched to proxying requests server side.

The only reason anyone is using CNAMEs is because pihole and NextDNS are of negligible adoption, and adding a CNAME is super easy to do. Once CNAME blocking is more prevalent, it will become mainstream to proxy tracking requests as well.

example: https://developers.google.com/analytics/devguides/collection...

[progman32]

Check out umatrix.