Sure. Most of the actual traffic is encrypted by https these days. So they can’t look inside. But they can see to what IP you send these encrypted packets and from where packets come to you.

With DNS they can see what domains you typed in and your computer looks up. Just the part to the .com or something and nothing after. And sure, they’re preconfiguring their DNS server. Because they’re an internet service provider and you pay them to provide services like domain name lookup to you. They’re certainly not going to preconfigure a server of their competitors and funnel your data to them.

With something like Mullvad, if you configure that correctly (!) also your DNS requests go through an encrypted tunnel. Now your ISP can only see you connect to some Mullvad server. And now Mullvad provides DNS to you and they’re now the ones who can see what kind of domains you look up.

You can often just change your DNS settings. Either in the devices or for all your network in the router. But mind that plain DNS on port 53 is unencrypted. You’re connecting to a different setver then, but theoretically they could snoop on you if it’s an unencrypted connection.

Isn’t there some ISP in the US that is kinda trustworthy? I mean Mullvad or all the other VPN services are companies, too. Depending on your use-case and threat scenario, you might want to choose a different ISP if you’re afraid of them… But I’m not an expert on American companies. And I also use third-party DNS servers. I own my Wifi router and I set the DNS to opennic.org and also configured an AdBlocker.

These days you really better pay attention what you’re buying and what kind of ecosystem you’re buying into.

I get why they check if it’s children with accounts they’re not supposed to have… I once saw a documentary about VR. And there are lots of adults enjoying adult content. Mingling in virtual bars and clubs and doing adult stuff. I’m not sure if VRChat etc are available on the Meta devices… But it’s not great that children are in those virtual areas. Not for them and not for the other people who want to do their thing. So I get why they’re cracking down on this and forcing people to use the correct account.

However, requiring phone numbers, ID and credit cards is ridiculous. And lots of services do it. Google also restricted my account (for claimed suspicious activity) and now they want my ID. And I refuse to provide it.

I’d argue it’s not a defeatist attitude, since they included the proper solution. To “need new laws”. And that’s how we generally do it. We disallow companies ripping off people, despite that maybe providing a better profit margin. We force water parks to implement some minimum standards to prevent accidents, despite not caring about safety would cost them less. I’d argue it’s the same here. Just blaming it on the user isn’t the proper thing to do. It just doesn’t work for the general audience. Yes, you could do the water park inspection yourself, everyone could do some research which one is safe… And following that analogy everyone could get educated and use cash and GrapheneOS. But it’s not the correct approach to the issue as a whole. And it doesn’t really work.

It kind of ties into their argument that it’s more complex than that. And I’d agree. People always want simple answers to complex truths. Could very well be the case that you can’t say if Brave is “the best” without analyzing the threat scenario. Or even after doing that you end up with a list of both pros and cons.

Let me scroll through your phone, see if there are some nice pictures or chats, the google search history, browser history… Uuh what’s that Lovense Buttplug App for? Do you have any medical conditions or mental health struggles? How do you approach people on Tinder? What’s your salary?