> The ability to update the firmware may also be locked down. You should have full control over firmware updates.
Bizarrely, for DOCSIS modems, even if you buy your own modem, the ISP has control over firmware! They can (and do) push any arbitrary firmware to your modem. The manufacturers go along with this for some reason.
So make sure to separate your modem and router too.
Yes it's key to separate both, but regardless they know DNS queries + can see all http traffic and TLS handshakes will reveal (in plaintext) the name of sites connected to. So basically... they know very well where you go, they just don't always know (sometimes they do) what is being transferred there.
> The ability to update the firmware may also be locked down. You should have full control over firmware updates.
Bizarrely, for DOCSIS modems, even if you buy your own modem, the ISP has control over firmware! They can (and do) push any arbitrary firmware to your modem. The manufacturers go along with this for some reason.
So make sure to separate your modem and router too.