My current experience highlights a series of significant unaddressed security concerns with internet service providers like Railwire and Jio Fiber, which I believe are not merely technical frustrations but systemic vulnerabilities that affect user autonomy, digital security, and the integrity of national digital infrastructure. These issues are particularly alarming given my past experiences, which include modem-related intrusions that have damaged the operating systems of multiple computers, including a robustly built freeBSD system which was on kernel security level 3. I have also faced recurrent issues building applications like a Google Cloud Nomulus app, where configuration files were mysteriously overwritten and my terminal misbehaved . My attempts to complete a basic DNS lab exercise were repeatedly thwarted by corrupted configuration files and erased progress. Furthermore, I've endured other instances of identity malignation, including persistent issues with my credit records. This history for context underscores the critical need to address the following persistent Internet security concerns:
• Lack of Full Administrative Control over ISP-Provided Modems/Routers:
◦ Inability to Disable Insecure Protocols: My Railwire modem cannot disable Telnet and FTP ports, despite attempts, because the settings revert due to firmware lock-in or ISP backend override . These are insecure, unencrypted protocols that expose the modem to "local attacks," "exploitation," and "remote backdoor access"
.
◦ Remote Overwriting and TR-069 Concerns: Railwire's backend remotely overwrites modem settings, including PPPoE passwords and configuration, often using protocols like TR-069 . Even when I attempted to disable TR-069, the "backend ACS systems often override this silently" or expect it to be active, leading to connection failures. This means I am "not in full control of my own modem/router/ONT".
◦ Firmware Lock-in: The modem firmware appears locked by the ISP, preventing me from fully controlling the device's security settings.
◦ Denial of Admin Access from New ISPs: With Jio Fiber, the end-user is explicitly denied access to the router's admin/centrum page, a deliberate policy that "strips users of control over their networks," including DNS settings, firewall configuration, and firmware visibility, severely compromising trust. I was not informed of this policy when booking the service.
• Restrictive and Opaque IP Allocation Practices:
◦ Limited IPv4 and IPv6 Assignment: Railwire consistently denies anything more than a single IPv4 /32 address, even when I offered to pay for a larger /30 pool or change my plan. Following its adoption of IPv6, Railwire offers only a single /64 address, refusing to provide /60 or larger subnets. This runs counter to best practices, as the lowest IPv6 allocation for a home network in Europe is a /56.
◦ Carrier-Grade NAT (CGNAT) Assignment: I was assigned a CGNAT IP address (in the 100.64.0.0/10 range). This "prohibits average end-users from utilizing secure Internet settings and the full functionality of the Internet" by preventing "port forwarding, gaining external visibility, or implementing certain security measures effectively".
◦ Lack of Explanation: Railwire's responses to requests for larger IP allocations are often just "one line responses saying /31 or /31 or /60 is not available, without offering any explanation" Cases in their customer support portal and closed with this reply without a way to reopen them.
• Inadequate and Insecure Support Protocols:
◦ Forced Use of Default/Insecure Credentials: Railwire support insisted on re-entering default internet credentials, despite my securely updating my password, exposing users to "credential replay or brute-force risk". I was told that even if I change my password, the internet will not work
.
◦ Insecure Remote Support Methods: Technicians requested and used AnyDesk for remote access, which lacks proper accountability and leaves the system in an "inconsistent state"
.
◦ Lack of OS-Agnostic Support: Railwire backend staff are seemingly "unable to provide technical support unless the customer is on Windows," severely limiting accessibility for users on diverse platforms like Linux
.
◦ Ambiguous MAC Address Binding: Railwire often binds PPPoE logins to a specific MAC address or PON serial number. Despite assurances that my MAC ID has remained unchanged since July, the history of MAC binding was not examined, leading to uncertainty about past or current unauthorized MAC reassignments. I faced connection issues because the "virtual interface MACs" reported by the modem did not match my device's "true physical MAC".
◦ Coercive Field Staff Conduct (Jio Fiber): Jio field staff attempted coercive installation tactics, including aggressively demanding OTPs for the wrong "AirFiber" connection, refusing to acknowledge my hold request, pressure to surrender equipment, making false claims (e.g., wired Jio Fiber being unavailable when it is present), and surreptitiously recording conversations. This constituted a "violation of privacy" and consumer rights
.
• Broader Digital Identity and System Integrity Concerns:
◦ Identity Document Misuse: The discovery that my expired driving license number might have been used by someone else highlights a severe potential for identity misuse and fraud. Despite getting a renewed license, the new numbering convention and vague history leave open questions about past misuse
.
◦ Persistent System Disruptions: I have experienced "persistent, targeted disruptions" over the past five years, including "storage integrity" issues (hard disks becoming unrecoverable), "progress reset and reversed again and again" in application development, and "DNS lab get contaminated by script file corruption" . These point to "possible surveillance, sabotage, or automated policy enforcement mechanisms," and even "persistent firmware/rootkit infections". These incidents led me to stop participating as a node in the Interplanetary Network after a router incident that made me realize that my node must not become a vulnerability vector in this research network.
.
◦ Current Precautions: Given these concerns, for the past 3 weeks, I have been using Railwire broadband only for television, connecting my computer to a USB live operating system through a tethered mobile connection . The Jio AirFiber modem remains unplugged and unused .
These issues, particularly the denial of user control, restrictive IP policies, and inadequate security practices by ISPs, are considered a "national concern" as they affect "millions of RailWire and Jio users" and pose "structural vulnerabilities in last-mile internet provisioning," undermining user trust, digital innovation, and independent network management.
On an earlier request 3 years ago Jio set the maximum that I can get is a /64 "By default we will provide /64 Subnet.
/64 | 1 IPv6 subnet | 18,446,744,073,709,551,616 |
When I asked them whether I can connect 18,446,744,073,709,551,661 devices with a /64 or only one, the conversation stopped. This was 3 years ago !
The email exchanges with Railnet is embedded above.
What is embedded below is the letters sent to jio fiber:
NotebookLM while helping me trim my write up above, offered to make an audio file, which is an interesting summary:
