[hereme888]

Some people seem to be saying that apps and devices bypass your DNS settings.

If I set NextDNS with DoT in my Android under the "private DNS" setting, and turn on the NextDNS setting with DNS rebinding protection, would the phone and some apps still find a way around it?

I also use NetGuard, but it's more cumbersome and doesn't allow DoT.

[mhio]

It's possible. Applications don't have to rely on the OS provided mechanisms to lookup names, or even rely on DNS to get an IP for something.

Chromium contains its own DNS resolver so connects directly to a DNS server rather than use the OS, but it would normally default to your OS settings (and only use DoH when they find a matching entry in their list of DoH providers).

Desktop Firefox is an example of an app that defaults to DoH from 1.1.1.1 (in some places).