How to Encourage Your ISP to Use Better Security
One day, I was playing around with my router configuration and discovered that my ISP’s updates server was using HTTP instead of HTTPS. This raised concerns about the security of my router. TR-069, a protocol commonly used for router management, should be paired with HTTPS to minimize the risk of attacks.
While I disabled TR-069 on my router to mitigate any vulnerabilities, I recently received an email from my ISP requesting that I reset my router. Although the email did not provide a reason, I suspect it is related to the disabled TR-069. If my ISP requires TR-069 to be enabled, I want to ensure that it does not compromise my security.
To encourage your ISP to use better security, follow these steps:
-
Tell your ISP about the security issue. Although they may not take immediate action, it is important to inform them for ethical reasons.
-
If your ISP ignores your concerns for an extended period, report the issue to popular technology-oriented news websites in your location. This can help raise awareness and potentially shame the ISP into improving their security protocols.
-
If the news websites are uninterested or your ISP remains unresponsive even after public scrutiny, consider switching to a different ISP that prioritizes security.
It is worth noting that these steps are applicable if you live in the UK and want to avoid any legal troubles.