Hi there, I’m looking to get into self-hosting for privacy reasons and I wanted to ask y’all: how inadvisable is it to utilize an ISP-owned router/modem? I feel like they’re able to track everything I do online with their more than likely integrated spyware.
Regardless of whether your ISP is leveraging their ownership of your router to violate your privacy, they are using it to exploit you financially. Owning your own equipment is always going to save you money compared to what an ISP will charge you in rent.
Your router is an important security device that you should own and control your self if you want any semblence of ownership over your network.
Your modem is remotely controlled by the ISP even if you own it, and is mostly there to demodulate from the medium installed by your ISP (usually cable, or fiber but those are called ont’s not modems) to a standard cat. 6 Ethernet connection you can plug into most routers.
The main benefit of owning your own modem is not having one with a router built in and not having to pay an equipment fee.
ISP can see your traffic anyways regardless if their router is at your end or not. In here any kind of ‘user behavior monitoring’ or whatever they call it is illegal, but the routers ISPs generally give out are as cheap as you can get so they are generally not too reliable and they tend to have pretty limited features.
Also, depending on ISP, they might roll out updates on your device which may or may not reset the configuration. That’s usually (at least around here) made with ISPs account on the router and if you disable/remove that their automation can’t access your router anymore.
So, as a rule of thumb, your own router is likely better for any kind of self hosting or other tinkering, but there’s exceptions too.
Honest answer, why tf would s/o vote this down?
I’ve often wondered about down votes as well. It’s not the points, as I care nothing about that. However, if you’re going to down vote something, have the balls to explain why. Maybe the down voter knows something that we all can learn from. It just seems like a common courtesy to do so.
However, if you’re going to down vote something, have the balls to explain why.
This is why downvoting is fundamentally flawed. It could be “I don’t like it” all the way up to “I know for a fact that’s wrong,” but nobody else will ever know the rationale.
I don’t even see downvotes on my instance, and I never want to, because it just raises questions and confusion.
It might just be an error. It’s not too hard to hit one by mistake when scrolling on a touch screen device.
A router provided by an ISP is not your hardware, thus any network behind it is by definition not controlled by you. There have been numerous cases where they have backdoors or known admin passwords. In cases where there is a wire type transition (for example incoming over coax or fiber) it might be necessary to use it though. Same if it is necessary due to your contract.
In my cases I always turn off the wireless antennas and switch it to bridge mode, then place my own router/firewall device behind it.
Edit: still learning to spell.
As I’ve grown older, I’ve realized that I care a lot less about whether I own the device or the ISP. I’ll happily root the fucking thing. What are they going to do, send me to a competitor? I have 3 different networks I can connect from at any moment (including hotspots), so I’m not worried about a minor lapse due to ISP temper tantrums.
I will tell them casually too. I don’t want their support. I pay for internet access, it’s their problem if they try to make my access conditional beyond that.
We all go our own ways. Over the later years I’ve added features and with it the inevitable complexity. Self-hosting my own data has made my care more about what goes on in my network. I am not quite at the stage of adding VLAN’s but it will probably come.
Router provided by my ISP is just garbage. The settings are so scrace, I might as well just connect my PC directly (if I could, cause cable is DOCSIS). Had to buy 10yo DOCSIS router that actually is usable.
If your router is fine in settings, maybe changing it won’t be necessary. As for ISP spying on you - probably possible but certainly is not likely.
Had to buy 10yo DOCSIS router that actually is usable
Alternatively, you don’t have to be restricted to a 10-year-old router just because of DOCSIS.
You could change the router to bridge mode , effectively making it just an external modem for any ethernet-to-ethernet router of your choosing.
Recently, a major ISP in the Netherlands was determined to be streaming metadata from within their customer’s networks to Lifemote, a Turkish AI company.
Here’s a report in Dutch: https://tweakers.net/nieuws/245620/odido-router-stuurde-analyticsdata-naar-turks-ai-bedrijf.html
This is just the latest one to get caught doing it, but determine how comfortable you are having your internal network exposed to a 3rd party.
I’ve used personal/non-ISP modems and routers for 25 years because I’m not comfortable with it it. At all… But hey, you do you.
While I would say sending MAC Addresses and Wi-Fi names is very far from tracking everything you do on the internet, this highlight another very important point: The routers that provided by ISPs are usually very cheap and crappy, and this in itself security implications.
Like this example of pulling a script from an unverified HTTP source and executing it as root 🤯… Not to mention that firewalling and port forward configuration options may be pretty simplified and limited.
