zlacker

On linux you can use IceCat. On windows, download simplewall and block pingsender.exe there. Should get rid of the queries if you combine it with userjs tweaking.

>>no_tim+(OP)
Just setup pihole - you can run it on any server and use it as a local dns server. Probably somebody else has done the work to list these spammy domains.

>>no_tim+(OP)
thank you for the tip! I use an OpenWrt acces point that is on my desk and uses dnsblocking through blacklists. This way I have a wired and wifi network that block the most annoying stuff by default. It also integrates nicely with wireguard too.

>>callam+wc
What about DNS over HTTPS?

>>no_tim+(OP)
> On windows, download simplewall and block pingsender.exe there

Even if that works, it'll likely get patched out eventually with a forced update.

If you do insist on using Windows, an external firewall is the only way to be sure. But even that isn't foolproof since another update may decide that your Windows license isn't valid unless the analytics server is reachable.

>>paulry+di
If you just want FF to not use it you can block "use-application-dns.net" which acts as a canary domain for it to disable DoH.

If you want to block it from things you don't trust to have such methods (or always listen to them) you'll have to upgrade to a firewall that can filter outbound connections to IPs the client hasn't received a DNS response for or require use of an explicit HTTP proxy for outbound connectivity.

Just blocking DNS can be a good middle ground for reasonable effectiveness without as much effort.

>>no_tim+(OP)
Or just use LibreWolf, it's just FF with uBlock and disabled tracking out of the box (available for GNU, macOS, and MSW iirc).