Hi, I was wondering if anyone could help me understand the privacy concerns when using branded modems. I have OpenWRT on my router but I have to use the modem from the company which can autoupdate firmware and stuff like that.
I use DNS over HTTPS, ech, etc. I have a VPN but I don’t use it for every day browsing. I was just curious if the modem itself has features where it can phone home or if that doesn’t matter as the requests are going to the ISP anyway. If so and this is common how would I find these requests, something like Wireshark, and block with Pihole?
Actually all modems runs proprietary firmware, so hypothetically it can have backdoor.
But i treat this as so low possibility, that i would just disregarded it.
If you feeling extra paranoid, configure your clients to treat modem as WAN (so router or PC will drop all connections from modem to router/pc wile allowing outgoing). This prevents exploits from modem side.
But it is extremely unlikely and i would be more concerned about ISP which can see at leas domains and IPs you connect to, not about modem.
My opinion: just use VPN/Tor and disregard fears about modem itself
Even if you own your own modem (I do), the ISP still has to configure it to run on their network. Owning the modem is a price strategy so you don’t have to pay for renting one. As for security / privacy, it’s relatively a very edge problem. As the other comment or replied, this is mostly mitigated with your own router (which you’ve already done) and a VPN / tor.