[dehrmann]

> I am sick of having to assume my network hardware is trivially compromised.

I don't have the gateway my ISP gave me on my LAN for this reason. I do have to laugh a little bit about people who use a VPN to hide requests (DNS? Because most of the web is HTTPS, now) from their ISP when their ISP has a device on their network.

[WorldMaker]

Even personally owned hardware has its risks from today's ISPs. DOCSIS standards require every off the shelf cable modem to basically have giant "management" back doors for the ISPs. They can remotely install firmware updates to your modem that you own for "your safety" and there's not much you can do about it.