My router was playing up, initially I couldn’t get my phone to connect, which I thought was my fault - since I started running grapheneOS but then other devices stop connecting and then those that were connected couldn’t access certain sites etc.

I still live at home, so my mum who isn’t technologically literate phoned the ISP, and attempted to fix it. Turns out it just needed a reset, as the last time it had been reset was 8 years ago.

What was a surprise was that the ISP guy told my mum how many devices were connected to the internet. She found that immensely creepy.

I doubt there’s anything I can do to reduce the trust burden with an ISP, beyond telling my mum to use a VPN. My threat model always had ISPs as a risk that had to be taken, however I am curious as to if there is anything at all that can be done! That’s also not immensely impractical?