I’m new to things privacy related and seeking guidance on how to properly establish network privacy and anonymity in an apartment. I recently moved in to a large, modern apartment complex that has at&t fiber pre installed. The complex states at&t is their preferred provider, and that they have a partnership. After move in, I was contacted by an at&t representative to begin the internet setup process.
Does this indicate the apartment complex has unique oversight and monitoring capabilities through this provider? Can it be verified that my internet setup is direct through at&t without any involvement of my property? Would it be advisable to seek out a different provider all together, or are there privacy measures that can be taken such that something like this is unimportant?
From your previous sentence, there’s a good chance that the landlord does have some level of insight into AT&T’s network, or vice versa. That way the landlord can contact AT&T that a new tenant is incoming for the setup process, and/or AT&T can view info about the complex to know what and where a specific tenant is for maintenance/internal use.
It’s also pretty common that ISPs can usually know what modem/router you’re connected through using their own network’s tools just from your subscriber information, so they can remotely restart misbehaving devices or try to troubleshoot certain issues.
I would say if it really matters to you, just assume that they do have insight and prepare yourself based on that worst-case assumption.
If your complex is partnered with AT&T, chances are you probably can’t (easily) use a different provider. But you may still be able to use a different provider such as Starlink or 5G cellular networks depending on its viability for your situation.
Regardless of which option you choose, you might also be interested in an OpenWRT router running behind your ISP issued router in Bridge Mode. This would allow you to have full control over your router separately from the ISP router, and also let you do some cool things like isolating network devices using a Wireguard VPN on the network level.
I would probably use a virtual telecom that uses the AT&T network. They can’t prohibit you to chose any provider of your choosing, but this only matters if the building has other networks than AT&T.
The low effort version I went with was unifi router set as DMZ (only use DMZ if bridge and half bridge aren’t available). Unifi handles all vlans and ssids, which I have set up in a somewhat complicated way.
Less private for sure but lots of good security features and updates. Without it, my understanding is that ISP could see all devices on my lan. Instead they see a unifi router set to direct all traffic through a VPN. Proton free VPN can be used on the router as your one free device. I have nordvpn but tried proton free and I think it is just as good.
I agree with this 100%. I’m in the same situation where my ISP is the only option available in the country (bundled with TV), and the account in the landlord’s name. I have a router running a Wireguard VPN connection 24/7 and I’ve turned off the wifi from the ISP’s router, so it’s just my wifi signal in the house. The ISP only sees VPN traffic and no one seems to care one bit as long as the bill gets paid.
I would suggest at least also setting your wifi to not broadcast the SSID as well.
Hidden WiFi can be nice to not annoy your neighbors with SSID spam if you use multiple SSID like me, but the connecting devices have to announce themselves to find the network. It is also still possible for someone to get the SSID.
You can’t really hide info that’s being broadcast over the air, only encrypt it like with WPA 2 and 3 with a good password. Wired only would be better, but that’s not realistic for most of us nowadays. Public SSID is therefore good since hopefully your router is your most secure device.
Guest or device isolation networks are also good. You can put smart devices, out of date devices, actual guests, and the like on there.
You mean cellular internet by virtual telecom? Why specifically hosted by AT&T, anything to do with it being in contract with the complex? I can’t imagine setting up with any carrier to cause trouble.
No, home internet. They can’t force you to choose AT&T, you can choose any ISP that provides internet to your place. I don’t know if in the US there also home internet virtual providers. In Europe ISPs are forced to rent their broadband to any telecom that request it. Hence we have virtual telecom provider for fixed internet.
Depends on your threat model, but I’m thinking about neighbors. Are wardrivers now stalking apartment hallways? Probably not a real concern.
Will your neighbors all see “BobsSecretWifi_nomap?” on their phones? Sure. Nosy neighbors take any bread crumb and run with it.
Randomizing would prevent your neighbors from hacking your wifi - if that’s a genuine concern, go for it. Will you get questions from nosy neighbors about it? Maybe. Which is more likely?
And yes, good call on lowering the broadcast power.
I doubt if hiddIng SSID would deliver any tangible improvement on privacy on any front.
For network scanners they still sees BSSIDs, which is deemed much more useful in terms of geomapping and is actually being collected on a daily basis.
For nosy people, a completely random, or any SSID that does not contain any PII or make and model of the device is enough. We are not talking about nosy people actually trying to guess your password here.
Hidding SSID would trigger your device keep asking “are you {SSID}?" to any AP they encounter, I would say that is a “slightly" bigger risk.
Hardware wise, I can only see the at&t fiber jack mounted on the wall, as well as a “Cat5e network interface module”. There’s also other various cable connections, and I’m not exactly sure what they are or where they lead to, however the fiber itself isn’t currently connected to a gateway. On my property’s website they also state “residents are responsible for setting up their own internet service”, so the overall messaging is a bit confusing. Is it any better that I’m who’s responsible for purchasing and connecting the gateway, or is this not really relevant?
I received this response today from management regarding other providers -
“AT&T is listed as our preferred provider because they offer reliable service in our area and have established a partnership with our community, making setup convenient for residents. However, you are not required to use AT&T—you can choose any cable or internet provider you prefer.”
After some research I discovered “ AT&T | Connected Communities Portal ” which seems to be what they market to apartments. Perhaps I should ask directly if this is the partnership they’re referencing?
I also forgot to mention, there’s free shared WiFi for the community that’s available 24/7. Would something like this be better for privacy/anonymity since it isn’t directly associated with your unit?
I’ve read a bit on OpenWRT as you mention, as well as OPNsense, and do intend on implementing one of these. Would this negate the ISP dilemma, or does it remain an important aspect?
Regarding 5G and Starlink, may I ask how these compare to standard internet for privacy, and if they possess any unique advantages/disadvantages? Apologies for all the beginner questions.
At least you get the choice to opt-in on your own terms to any internet provider, instead of it possibly being tacked on to your rent/utility/etc. Some people might be adequately served by their phone carrier’s data if they don’t use the internet particularly much (e.g. elderly folk).
I would say to just stay away from it unless there’s extraneous circumstances like an emergency; there are plenty of things like your device’s MAC address, position relative to certain WiFi antennas, Bluetooth signals, and internet traffic coming out of your devices that can be used to identify or fingerprint you. Better to just not deal with the headache and have a known secure network you can rely on at the minimum.
Every little bit helps to add to your privacy and/or security. Separating your hardware from the ISP also lets you be a bit more agnostic with your network capabilities, especially when you may move elsewhere in the future. By having your own hardware, you can tailor your own settings and whatnot without the worry of a modem upgrade or different ISP’s hardware breaking your setup.
No problem about the questions, better to ask and be informed than be burned after the fact
From my limited understanding, Starlink’s product security team seems to be open to fixing security/privacy issues. A short while ago they received a disclosure from security researchers about WiFi BSSID and position tracking, which they fixed. You can check out the researchers mentioning this in their Black Hat talk from back earlier in 2025 (non-timestamped link). That talk in whole also might interest you and others since it has some interesting data they presented is somewhat relevant.
Not quite sure how reliable the connection itself is, but I do remember hearing that Starlink’s stability does suffer a slight amount during weather. Also whether you agree/disagree with the ownership structure and operation of Starlink is a wholly different issue that you’d need to ask yourself.
As for 5G, your situation makes me think you live in a fairly populated area which could suffer from radio traffic congestion, so it may not necessarily be the best option. I’ve also heard that 5G home internet providers often have significantly lower data caps in comparison to broadband/fiber.
Someone else might be able to chime in with more information or resources to help you further in that regard.
