I used to agree with this, but now I don't actually think I do. Apple's app privacy report can be used to guarantee network access for any iOS app - https://support.apple.com/en-us/102188
That only shows the domain eg facebook.com, not facebook.com/tracking-script. There's no reason that they can't put all the bad stuff on the same essential, first-party domain needed for the app which makes DNS blocking and viewing not effective.
That's why you can't block youtube ads with DNS, only with a browser-level adblocker because the browser adblocker is able to block the specific paths.
You can view the full encrypted traffic with something like mitmproxy, but there's ways apps can detect or prevent it.
For me, right now, I think it's conceivably a security advantage if the source isn't public. I know security by obscurity isn't a strategy alone, but with an incredibly difficult surface area to attack, I think user's using the app are very well protected, except for against nation states.
That's why you can't block youtube ads with DNS, only with a browser-level adblocker because the browser adblocker is able to block the specific paths.
You can view the full encrypted traffic with something like mitmproxy, but there's ways apps can detect or prevent it.