As someone who took the plunge years ago, you just have to accept that some programs will just be unusable. There are likely alternatives, though very few will be 'drop in' replacements so to speak. So there will be a learning curve.
It's the price you pay to have full control of your system. As time goes on, it gets easier.
On one hand, I get it. You're used to Windows and want to use an environment you're used to and apps you're comfortable with.
On the other, you need to be aware that you're going to be constantly fighting an uphill battle. Microsoft doesn't care that you don't want those programs using resources, they're going to install them because it's in the best interest of their shareholders. The programs might be able to be removed using third party tools, but then you're relying on random tools found on the internet to remove bits of your operating system without hurting anything or doing anything malicious.
The data these programs gather is more valuable to Microsoft than the blowback because this is the exact stance people will take: sure it sucks that this is being forced upon me, but it's still better than leaving. So I'll either deal with it (99% if users are here) or ill find a random program and cross my fingers it does only what's on the label.
The only solution I see is to swap to something else, causing Microsoft to lose market share and thereby convincing shareholders not to force this on users.
The choice is yours.
I agree.
So the solution, OP, is to set the DNS settings on your NAS to your router's internal IP so the firewall can redirect the traffic to your new port.
I don't think anyone is advocating for turning a blind eye to Mozilla. I think the argument being made is that a monoculture for browsers is a concern that can outweigh some blunders Mozilla makes.
I'm old enough to remember what a shit show ActiveX was for web security.
Never ask a company to pick between the right thing and profit.
It's fundamentally impossible for a publicly traded company not to choose profit over 'The Right Thing', fullstop. Shareholders feel that have a fundamental right to growth, and if Google's CEO were to choose 'The Right Thing' over profit, the shareholders can oust them in favor of a CEO willing to choose profits.
Enshittification is where every public company ends up, because the line MUST go up, no other alternative is acceptable.
IMO, that's splitting a hair.
For a browser that supposedly respects user privacy, the fact that this is opt-out rather than opt-in really leaves a bad taste in my mouth.
I'm going to reconsider my monthly recurring donation to Mozilla, especially if they keep this up.
Even if law enforcement can get a warrant, unless there's a backdoor in the encryption then the data stays private. That's the whole point of encryption.
The fundamental problem is law enforcement feeling entitled to snoop on private communications with a warrant vs the inherent security flaw with making a backdoor in encrypted communications. The backdoor will eventually get exploited, either by reverse engineering/tinkering or someone leaking keys, and then encryption becomes useless. The only way encryption works is if the data can only be decrypted by one key.
Anyone else remember when TSA published a picture of the master key set for TSA approved luggage locks and people had modeled and printed replicas within hours?
I made the swap after they forced Windows 7 update behavior to change. You used to be able to download updates but you got to choose when to install them. Then they changed it to either they're on and fully automatic, or fully off.
At the time, I was running a computer repair company, and my work computer running Win7 was running a data recovery on an accidentally formatted drive for almost two days. After I had left and the program finished, Windows was all "Oh, the computer is idle now. Let me give you a 15 minute warning that I'm going to install updates and reboot if you don't cancel".
After the second time, I formatted my work computer. Shortly after, I did the same to my gaming PC. Haven't looked back once.
So often just swapping the user agent from Firefox to Chrome makes these sites work flawlessly. So they're putting in extra code to detect Firefox and serve a "we don't support your browser" page when they could just... not. And if a user complains about X, they could say we don't test on Firefox, try on Chrome.
AFAIK, the unilateral nature of TOS/EULA agreements in the day of Software as a Service hasn't been litigated. Which means there isn't a court's opinion on the scope or limits of a TOS/EULA and what changes can be made.
Currently, Adobe has the full force of contract law to initiate this change without any input from consumers because a case about this has never made it to the courts.
It'll be interesting to see where this goes, but Adobe will likely backpedal on their language in the TOS before any case gets to a Judge because the last thing any company wants is for a TOS/EULA agreement to be fundamentally undermined by a court.
Likely the only reason why the SC came down on this the way they did was because of the nebulous standing.
Generally, you can't come to court without a realized injury. Meaning you've been actually hurt, not that you have the potential to be hurt. It's the difference between arguing "This law may prevent me from getting a marriage certificate as a homosexual individual" and "I legally applied for a marriage license and was denied one". Whether or not you think it's a good idea, it reduces the case load of courts around the country.
The Mifepristone case was brought all the SC by a group of people who couldn't show an actual injury. Their arguments all centered around "Some of the people we represent might be affected by the fact that Mifepristone is so flagrantly prescribed, and dealing with the fallout of an abortion goes against the beliefs of these specific people we represent". And the SC rejected that on standing alone, because it would open the flood gates for all sorts of lawsuits. "My child is threatened by the manufacture of AR-15 rifles by X company because they're used in school shootings!" etc.
That is the only reason why this case was decided the way it was. If you want to protect Women's rights, you need to turn out in your local elections every chance you get.
An inbound only DNS forwarding rule would be pointless. All DNS queries should be originating from within the network.
EDIT
I think I see what you're getting at. Assuming that the firewall is running on the NAS vs on the router.
The OP doesn't specify, but I would assume the firewall rule would be on the router, as that makes the most sense to force all DNS requests on the network to go through the pihole.