This is very troubling, and I’m not even sure where to start. I recently received an email message from my ISP which alerted me to an incoming update. I didn’t worry too much since this is obviously not the first update they’ve ever pushed through.

However, after this update, I noticed that my guest connections and some other things had changed / disappeared. I logged on to my router, and I immediately noticed my custom password had been reset to the default. No problem, I entered it.

At this point, I saw that all of my options were greyed out. I could change the password, which I did, but nothing else. I immediately called my ISP.

I was told that I would have to use their app now, so as much as I dislike using proprietary phone apps, I conceded and installed the app through the Play store.

However, the agent was not entirely honest with me. I still can’t bifurcate my 2.4g and 5g connections, nor can I add or remove any guest connections. I immediately enabled “privacy mode” via the app, which purportedly prevents information from being collected by something called “HomePass,” and I “Delete[d] Guard events” whatever the hell that means, but this seems really troubling. I can no longer access my modem/router settings via the normal interface, but have to use an Android app?

There is only one other ISP in my area. They have much worse/slower service, but should I switch, or is this just the “new normal”? Does what I’m describing even make sense? I’m not a tech expert, but I feel like I’ve self-taught myself how to navigate these settings, and learned from others in online forums, but now … an Android app?

I’d appreciate any advice. I’d even be willing to purchase my own modem/router instead of using the one from my ISP, if that fixes this mess.

Edit: So I need my own router, at least. I did some research, and these are the ones I can get locally that are within my budget:

  • TP-Link Archer AC1900 Dual-Band Mu-Mimo Wi-Fi Router with Gigabit Port

  • Linksys AC1200 Dual Band WiFi 5 Router

  • TP-Link Archer AX1500 WiFi 6 Dual-Band Wireless Router | up to 1.5 Gbps Speeds

  • TP-Link Archer C54 | AC1200 MU-MIMO Dual-Band WiFi Router

  • NETGEAR - Nighthawk AC1900 WiFi Router, 1.9Gbps (R6900) I’VE BEEN WARNED AGAINST NETGEAR THOUGH IN OTHER FORUMS

  • TP-Link | AX1800 4 Stream Dual-Band WiFi 6 Wireless Router | up to 1.8 Gbps Speeds

  • TP-Link Archer AX3000 | 4 Stream Dual-Band WiFi 6 Wireless Router | up to 3 Gbps Speeds

  • Linksys E7350 AX1800 Wi-Fi 6 Wireless Router

Am I right in thinking the TP-Link AX3000 is best?

Edit 2: At first, I bought the Netgear AC1900, which seemed like a great deal. Turns out it was unusable without creating a netgear account, so I returned it in exchange for the TP-Link Archer AX1500, and it appears to be working! I got everything set up pretty close to the way it was before, except even better.

Once I save money, I’ll also invest in a different modem and return this one to my ISP.

This was a big wake-up call for me in terms of privacy. I never listened to people saying not to use your ISP’s equipment because I always trusted my ISP (it’s not one of the big name ones). Never trust a company. Lesson learned. I appreciate all the responses I got! This community is great!

  • trafficnab@lemm.ee
    link
    fedilink
    English
    arrow-up
    6
    ·
    edit-2
    1 年前

    That shit would get thrown in a metal cage and treated as a radioactive DMZ network-wise if I was forced to use it

    My ISP is the dumb pipe my internet comes from, it’s bad enough that they inject bandwidth cap warnings into the raw HTML of webpages like some sort of adware virus, they can stay the fuck out of my local network

    • fraksken@infosec.pub
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 年前

      messing with html sounds very worrying to me. is that on https connections to any site they do not control? Do you have an isp application installed?

      • trafficnab@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 年前

        Only HTTP, they intercept any unencrypted page in flight and inject a giant banner at the top that won’t go away until you acknowledge it, no local application required

        This is 100% legal in the US, and in fact, some small regional ISPs actually made money injecting actual ads into webpages, literal spyware