If they're really evil, they'd proxy all traffic through a single host (eg. d2v3i0u0qtn52v.cloudfront.net), so you have to choose between no IOT features, or getting subjected to all the ads/telemetry.

>so you have to choose between no IOT features I'll bring out the fainting couch. These devices are enough of a poison pill that you're better off without them. You can problem block them with Pihole, but you're one update away from either circumventing the Pihole, or breaking your IoT device because something got changed on the manufacturer's end.

At that point you're better off not connecting the device to the internet at all.

I think we might be at that point currently.

No - as I’ve said upthread, the real evil is running DoH on the www host.

Now what ?