Corollary is, spyware can use DNS to exfiltrate data [0]. Or, send out client-side metrics with cleverly drafted DNS requests [1], or use it as a 3p-cookie replacement [2].
Fun story about this. I know one of the former guys at Xobni back in the day when it was still a thing. They had made an enterprise version that was sold to companies like Apple, Intel, etc. But even though the enterprise software no longer made external API calls, the company still wanted usage metrics so they could monitor feature usage. Knowing how locked down the networks were at companies like this, they exfiltrated the usage data via infrequent DNS requests to their DNS server. Everything was going fine until one day a dozen or so users at Intel stopped reporting. Hours later all of Intel stopped reported. Within the next day other companies started coming offline. Apple first, then some other large tech company and then a whole slew of them.
Turns out when you spy on your users word gets around.
So I split my packets up into smaller chunks. Now you need to rate limit DNS. But you still need to allow regular DNS traffic somehow, or you break the internet.
And packet rate. Some corporate firewalls may detect this as abusive and block it leading to questions from the security operations team and the person testing this out.
I'm not sure why this should be a corollary now. DNS exfiltration has always been possible, just like the article you linked to says. (I also like to point people to https://twitter.com/rsobers/status/1293539543115862016 in this context because it puts the idea so succinctly.)
Turns out when you spy on your users word gets around.