Not really necessary people make DNS requests which are pretty easy to track if you know what URL was requested that will be the exact product. This can all be done by man in the middle and monitoring network traffic. But even that is sort of unnecessary. They could very possibly have contracts with ISPs or other network operators some of that is likely just secret and they dont disclose it.
They do it all to build up a huge web of interconnected data points. Duckduckgo itself they might take as evidence that someone is trying to hide something. Then the government goes to a FISA court and gets permission to have other tech companies hand over all your data. Its not any one site its the picture that can be gleamed from all the data available across all the sites.
Duckduckgo is not the problem. They are using publicly scrapable information. So for instance if they have fingerprinted your device they see you go to duckduckgo, then they see you access a site about buying guns, it becomes trivial to determine what you searched for. They would not have direct access to what you search on duckduckgo and duckduckgo is not giving them access. They are using various methods to collect data based on habits. You can use literally any service you want and they could do the same thing.
Probably just whatever the public metadata is. metadata is super powerful especially if you have a lot of it. if the email was protonmail to protonmail they will get nothing. If it’s gmail to protonmail they will know that user X is talking to User Y in gmail. They will also have the email header information which is basically just going to be clear text. so they can still ascertain who you know, who you are talking about, and maybe a bit about what the conversation has to do with.
EDIT: so I asked protonmail directly about it and they confirmed its only publicly available information that they can get. For instance they can try and verify if a certain email address exists. However proton told me that they actively watch for this kind of thing and block IPS trying to do this sort of monitoring.
I think you are making more of a political and philosophical argument than a technical one. The project for tor browser and associated technologies is a 501c3 nonprofit. It’s technology is open source and can be independently reviewed by third parties. Control of the network and it’s technology is distributed and is not controlled by any single government or entity. It’s not a perfect solution but it’s better in certain contexts than other options. It just depends on your use case but the torproject is not doing anything “wrong” they are not a shill for a particular government.
I would need to do some testing but a potential flaw I can already think of is that your browser will look fairly unique to finger printers. So for instance you are already running a variant of firefox which only has about 3% of the market share. Now you are running a variant of firefox that has a really unique settings. So instead of being 1 in crowd of hundreds of thousands or millions you will be 1 out of few thousand maybe or possibly just hundreds if adoption is slow enough. Then add browsing habits to that you could potentially narrow the person down to a few dozen or even a dozen people quick. You would likely be better off using a more popular browser with just a VPN. However I don’t care what browser you use you still need to be careful if you want to stay private.
Exactly and if you have to use stock android or iOS to get this feature you are agreeing to so much intrusions into privacy that it’s sort of moot.