The short answer is that it doesn’t really matter, and that I recommend using your ISP’s provided equipment, unless you come across some compelling reason not to. I don’t see one here.
Become a Patron of Ask Leo! and go ad-free!
Your ISP’s provided router
The biggest reason for using your ISPS’s provided equipment is that they’re the ones responsible for supporting it. Or better yet, they can support it when you have questions about it. They should be able to.
Logging isn’t a huge issue and remote management might well be required for the ISP to be able to support you.
Who do you trust?
One of the things that I think is important to realize here is that ultimately your ISP can monitor pretty much anything you do.
They’re in charge of the bits that cross the internet to and from your connection regardless of how you’re connected, and this isn’t really anything new. Using their equipment doesn’t make it substantially easier. Replacing it with your own doesn’t make it substantially more difficult.
Your ISP can see what websites you go to and they can see the contents of the unencrypted web pages you see. They can’t see the contents of your https connections, but they can at least see that you made them and to whom.
But as I keep saying, you and I, we’re just not that interesting. Our ISP’s have way better things to do than to pay attention to or watch what we’re doing. Even recording what we’re doing just isn’t that exciting. I mean, why would they?
If you subscribe to the NSA style paranoia, well then, no ISP and no router would be safe from spying eyes. But again, I honestly believe that most people have an over-inflated sense of importance when it comes to spying eyes.
But what if you’re interesting?
Now, of course, there are people with very real and very legitimate issues. People who are “interesting” need to take some steps.
So, if you believe you are one of those “interesting” people, well, things get difficult depending on just how paranoid you are. And I don’t mean paranoid in a derogatory way. People who have legitimate reasons to be concerned absolutely should be paranoid.
Yes, you can use a VPN and in fact, that’s a pretty reasonable solution for a number of situations. But if you don’t trust your ISP, why would you trust the provider of a VPN service? You can take that kind of thinking to an extreme very, very quickly.
So as I said, I recommend to most folks that you just use the equipment that your ISP provides unless you have some known, specific, compelling reason not to.
8 comments on “Is My ISP’s Router Safe to Use?”
Sometimes there is no choice but to use your own router.
My ISP(AT&T) supplied router only has four ports. Two ports go to two television sets. Magic Jack for the other leaving one port available. Definitely not enough. So I use my router, plug magic jack and two computers in, and have one for computers which I am repairing.
When ports on your router are limited, simply acquire a multi-port switch. Out from your router into the switch, then from your switch’s free ports to anything you want. Always handy to have a switch around. Very small and cheap, too.
My cable company recently started handing out their own free routers. From what I have been reading, these routers not only provide the customer with his network connection but also broadcasts a WiFi signal for the company’s hotspots. Apparently, they want each customer to be a hotspot so that the company’s hotspot coverage is vastly increased at minimal cost. There is no direct connection between the customer’s side and the hotspot side so it is supposed to be very safe. The MAC of customer devices is memorized by the router. This blocks those devices from connecting to the hotspot side of the router. Most people don’t even know they are part of the company’s WiFi network. I happened to see this on a forum about the cable company. Not sure if I want to be broadcasting signals for my cable company.
Doesn’t this decrease your bandwidth as people use the hotspot? The connection between the router and the CO can only handle a certain amount of traffic. How can allowing more people on your internet connection be good?
That sounds very strange. I’ve heard about a project where people can get a special router to make open hotspots all over, but I can’t believe an ISP would do something like this by default. Could you say which ISP this is so we can check out their website to find out how this works?
ISP is Cablevision/Optimum. Here is the link to forum: http://www.dslreports.com/forum/r28855720-Optimum-Smart-Router-Offer~start=30
WiFi comments begin about Dec. 12 and go on from there. I was unsure if all this was true. Then my next door neighbor installed Cablevision. I found their network SSID( with their name) on a network scan. Along with this was a SSID for Optimum WiFi. I have never seen either of these networks before. I can connect to the WiFi signal but it is weak and couldn’t get much throughput.
More info here.
There are a few points you make in your article that I rather disagree with. Customers have a very limited number of choices when it comes to choosing an ISP. I’m limited basically to AT&T or Comcast in my area. This inability to shop around means that I’m forced to accept terms of service that I’d really rather not have to accept, simply to be connected to the internet.
When you state “Our ISP’s have way better things to do than to pay attention to or watch what we’re doing. Even recording what we’re doing just isn’t that exciting. I mean, why would they?”. ISP’s have massive incentives to collect large amounts of data for advertising purposes. Data collection generates a significant amount of their revenue, more so probably than the bills customers pay for their service. Someone does not need to be concerned with an individual at the ISP literally spying on them, but they definitely should be concerned with mass data collection and aggregation.
The statement “But if you don’t trust your ISP, why would you trust the provider of a VPN service?” can be answered fairly easily. The job of the VPN is to protect the privacy of their customer. That is not the goal of the ISP. There are also numerous VPN services, meaning if a VPN provider does not do what they say, or does not have acceptable terms, customers can switch to a different one very easily. As I stated before, this is not true of ISPs in most areas.
Realistically I agree with you that the majority of users should just go with something out of the box, rather than fiddling with configuring their own router/firewall. However, your lack of concern for general data collection is concerning.