Huge fan of Little Snitch, and I agree: it's been really useful for discovering and shutting down all the telemetry and ad traffic. One thing people don't realize is that you can take many of the popular ad-blocking lists and subscribe to them in Little Snitch! Peter Lowe's Block List, for instance, produces a plain-text format (https://pgl.yoyo.org/adservers/serverlist.php?hostformat=lit...) that's perfect: you subscribe to it in Little Snitch, and it automatically blocks everything on the list everywhere, with updates pulled on the regular from the pgl.yoyo.org servers.
One frustration I've had lately—and it's not Little Snitch's fault!—is the number of unnamed micro-service endpoints in use. Office365, Dropbox, and others have started using random cloud IPs for their content distribution endpoints, so you get a popup for "OneDrive wants to connect to XXX.YYY.ZZZ.QQQ on port 25427. Allow?" You have no basis for knowing if that IP is legit or not, you can't use the port to judge it, and you know if you cut off too many of them the app will break. Super frustrating, and seems deliberately designed to break things like LS.
One frustration I've had lately—and it's not Little Snitch's fault!—is the number of unnamed micro-service endpoints in use. Office365, Dropbox, and others have started using random cloud IPs for their content distribution endpoints, so you get a popup for "OneDrive wants to connect to XXX.YYY.ZZZ.QQQ on port 25427. Allow?" You have no basis for knowing if that IP is legit or not, you can't use the port to judge it, and you know if you cut off too many of them the app will break. Super frustrating, and seems deliberately designed to break things like LS.