I definitely agree that you should be able to control what connections your own devices make. But we need to ensure that such control is only possible at the endpoint, since if it were possible at the router, then the bad guys could do that to censor other people's devices.
In your specific case, that means that while devices should offer a configuration setting for which DNS server to use, it shouldn't be via blindly listening to the possibly malicious DHCP server.
it definitely should be possible at a router level, why should i be forced to configure each device individually? that said, obviously it should be possible to override on the device level, like it already is most of the time.
> it definitely should be possible at a router level, why should i be forced to configure each device individually?
Because you shouldn't be able to control other people's devices just because they happened to connect to your Wi-Fi. And you don't have to configure them all individually anyway: you can use Group Policy, MDM, etc. to configure that setting on your whole fleet at once.
All of the traffic leaving China goes over the CCP's network. Do you think they should be able to keep censoring the whole country? Or if Comcast started censoring municipal fiber websites, would that be okay since the traffic was going through their network?
What does any of that have to do with my private home network? I don't run a country - democratic or not, nor an ISP trying to beat out competitors. This is my network that I designed for my purposes.
In your specific case, that means that while devices should offer a configuration setting for which DNS server to use, it shouldn't be via blindly listening to the possibly malicious DHCP server.