Unless I understand incorrectly, this doesn't seem to make the problem any worse. You'd just have to block the proxy rather than the DNS server. Like DoH, only a problem if that's also the web server.
In order for this to be true the device manufacturer would have to send both DNS and web requests through the proxy. They'd also have to "obliviously" encrypt web traffic as well. Otherwise, a MITM could determine which are DoH requests or determine which server is the proxy server and which are web requests.
This means that the DNS response for the web server would always be the proxy itself, or some set of proxies (and it would have to be the same IP for both wanted and unwanted traffic). What does DNS even add at that point? You'd be better off just making your "wanted" and "unwanted" servers the same server.
I believe there was a proposal for something like this a while back, before the DoH we see now. IIRC, the idea was that DNS information could be contained inside the web page, maybe enclosed in a tag. Addresses for ad servers perhaps.
Few of these ideas can be expected to work unless Evil, LLC controls the program the end user chooses to read the web. When an advertsing services company is also the majority share "web browser" vendor, then ideas like this become feasible. Whereas if web users can choose any client to access the web,[FN1] then these ideas would be non-starters. The open source text-only browser I am using is not going to read the IP address of an ad server embedded in a web page and connect to it automatically. Even if it did, I would simply edit the source code to disable that behaviour and re-compile.
1. In theory they can but in practice they generally don't.
So you won’t necessarily even get to play this cat and mouse game - the dns requests are indistinguishable from your web requests.
I guess you could mitm your own ssl traffic and strip out dns answers there?
But then … how soon until we see DoHoH?