That's all sensible, it seems to me. My "rant" was an appeal for better insight tools, if possible, so that a user can make an informed determination. As things stand, people with little or no specialized security knowledge do a lot of guessing, I think.
Here's some concrete stuff about the biggest wedge of my pie chart: The app or apps generating that traffic are provided by one of the largest online companies in the world. Its services are provided across multiple apps (in my case, across two different platforms provided by a single company). On my guinea pig device were two apps, which were deleted from that device as a test, and that traffic from that device immediately stopped. That's the basis of my identifications of the source apps. I do a lot of guessing.
No service provided by that company was interrupted by blocking egress traffic to China, insofar as I could tell. Everything worked for me. The outbound traffic would come in bursts.
And now, an interesting thing to me. Other devices on my network still have the presumed source apps and were associated with that traffic. A few days ago, that traffic completely disappeared. It has not yet returned.
If you're so inclined, I'd like to hear what you make of that scenario.