This was one of the first things I noticed after installing my FTTH connection last year when some of the work applications/APIs started to error and upon inspection, I noticed BSNL was MITM-ing and injecting their malware into my HTTP traffic.
I did ring up BSNL to add my ID to their so-called DND List but weeks later, I noticed the same issues again. I ringed them up again to complain about it but I couldn’t rely on them anymore and realized I should’ve been even more alarmed the very first time I noticed this.
I bought a Pi and got it running AdGuard Home to better cover all the devices but since that only happens to do DNS-level blocking, I had to find another way. After a bit of googling, I figured I can do this on my Archer C6 router and I added the IP for that Express server they use to the routing table like so:
P.S. Let me know if this is inadequate but I haven’t noticed this issue popping up even on normal browser profiles
But this is definitely not OK—this is a total breach of my household’s privacy and safety on the internet. And if BSNL is willing to go this far, I’m sure they’ll employ even worse methods to carry on with their business and leaving their customers vulnerable to all sorts of horrible things. I am also aware this problem is not specific to BSNL and that all ISPs in the country have their way with our data and privacy.
This needs to end fast.