>None of my devices are even capable of connecting to Facebook owned domains, I have them DNS blocked.
Can't malicious application work around your DNS block? Is there a way to be 100% sure say all Facebook/Google is blocked? I am not a networking guy so maybe the future is to whitelist IPs/domains for each device and application.
I'm not sure about this actually. I would assume that an application could connect to a DNS server directly and request an IP for a specific domain and then navigate directly. I don't believe I have any applications on any devices that do that, but it is possible.
Can't malicious application work around your DNS block? Is there a way to be 100% sure say all Facebook/Google is blocked? I am not a networking guy so maybe the future is to whitelist IPs/domains for each device and application.