back to article What could possibly go wrong? Sublet your home broadband to strangers who totally won't commit crimes

The latest passive income trend, we're told by Lithuania-based internet biz IPRoyal, is internet sharing, a term that here means "subletting" or "reselling." And "passive income," of course, refers to getting paid without doing anything, a concept that may sound appealing but generally glosses over potential costs. Launched …

  1. Andy Non
    Thumb Down

    All well and dandy until

    the police smash your front door in at 3:00 am accusing you of accessing illegal content.

    1. The Man Who Fell To Earth Silver badge

      Re: All well and dandy until

      Now how does this differ from Amazon Sidewalk? Oh yea, with Sidewalk, you get no benefit for letting Amazon & it's other customer's slurp your bandwidth.

      Personally, I don't want anyone on my network I didn't authorize, and I don't want anyone using my FIOS connection that's not on my network.

      1. martinusher Silver badge

        Re: All well and dandy until

        >Now how does this differ from Amazon Sidewalk?

        Sidewalk is a mesh for IoT devices. Its inherently low bandwidth and the content is tightly controlled. The benefit from participating is that you gain reliability -- with a single internet connection you get a single point of failure.

        FiOS used to be rock steady, 100% reliable, but depending on where you live it may not be so now. I had to switch to cable after Frontier bought our service from Verizon; it was starting to deteriorate under Verizon and it went compltely down the tubes with Frontier. So, yes, I'd assume that you don't want others using your segment for securit reasons but don't make the mistake of assuming that because it says 'xMBits/sec' on the tin that that's guaranteed 24/7/365. Its statistical and, no, per the customer agreement, you don't have any right to resell it because its not 'yours'.

        1. This post has been deleted by its author

        2. Michael Wojcik Silver badge

          Re: All well and dandy until

          the content is tightly controlled

          Sure! I'm confident that no one has ever, or will ever, use an Alexa device for anything which is illegal in any jurisdiction. Nor that illegal content will ever be captured and uploaded by a Ring device. Amazon's all about "tightly controlled" content. Why, their store is famous for ensuring the accuracy of every product advertisement.

          Yes sir, I have no qualms whatsoever about allowing Amazon unfettered access to my network.

    2. Anonymous Coward
      Anonymous Coward

      Re: All well and dandy until

      the police smash your front door in at 3:00 am accusing you of telling a joke that someone found offensive.


  2. Anonymous Coward

    Sounds great...

    Rent out my IP. Spammer sends a ton of spam. IP gets blocked. Switch router off and on again. DHCP gives me a new IP. Repeat until the ISP's entire block is blocked.

    And that's just the least illegal use of the system. ToR exit node? You are now. Proxy for a child porn site? You are now.

    1. karlkarl Silver badge

      Re: Sounds great...

      "And that's just the least illegal use of the system. ToR exit node? You are now. Proxy for a child porn site? You are now."

      I agree all cloud providers should be shut down because paedophiles could use their free anonymous 30 day trials to process illegal content.

    2. Fazal Majid

      Re: Sounds great...

      Most residential ISP address ranges are blocked by SMTP servers.

      1. sitta_europea Silver badge

        Re: Sounds great...


        Most residential ISP address ranges are blocked by SMTP servers.


        Apart from anything with a dynamic IP, my servers also block Microsoft, Google, OVH, Linode, AWS, several hundred lesser purveyors of cr@p, everybody in Africa, China, India, Myanmar, Pakistan, Eastern Europe and the Middle East in their entireties, South America, Syria, Thailand, Viet Nam plus a hundred other countries, any IP/host/domain on any of a dozen DNS- and RHS-BLs, plus ...

        The odds are that the subject of this article this is *already* on the long list of reasons for those blocks.

        Sometimes I think it would be easier to skip blocklisting altogether and just list the couple of dozen IPs from which we'll actually accept connections.

        1. IceC0ld

          Re: Sounds great...

          isn't this how you do things anyway ?

          BLACKLIST = everything

          WHITELIST = individually added IP's that you actually want to use

        2. Claptrap314 Silver badge

          Re: Sounds great...

          I contacted my ISP about this more than a decade ago. Turns out that 822 specified more than one port, and it's only the default one that's blacklisted. I continue to email the world from my home system inside various ISPs ever since...

      2. tip pc Silver badge

        Re: Sounds great...

        Turns out isps add their user ranges to a block list that google checks. Business users ranges don’t get added so they can send email

        Error from google when trying to smtp a mail to them.

        Reaction of the server:

        Error: 550 5.7.1 [x.x.x.x] The IP you're using to send mail is not

        authorized to send email directly to our servers. Please use the SMTP

        relay at your service provider instead. Learn more at

        You can use google as a relay which works fine. I’ve heard smtps works fine too but it tried yet.

    3. ihearyoumummy

      Re: Sounds great...

      Tor, not ToR. And they likely can't set up an exit because they can't port forward to your connection or host services from it. And as mentioned, residential ISPs block unauthenticated SMTP so spamming is not really a concern here. And how exactly are they going to shut off your router to rotate IP addresses? Still sounds like a bad idea altogether but not for the reasons mentioned.

  3. Giles C Silver badge

    Sounds “interesting”

    Interesting in terms of someone could use your network to access illegal content and when the police trace the connection through the isp you are the one having to defend it.

    Not something I would do.

    I once knew someone who left their wifi completely open (was a few years ago) so anyone could access it. Know I don’t know why unless he planned on hacking everyone who connected....

    1. doublelayer Silver badge

      Re: Sounds “interesting”

      "I once knew someone who left their wifi completely open (was a few years ago) so anyone could access it. Know I don’t know why unless he planned on hacking everyone who connected...."

      I once considered doing that basically as a service. I already had a guest network set up which couldn't see my normal network, had bandwidth limits, and could support automatic cutoffs if I wanted them. I was thinking that I had a reasonable connection rate, never got near a bandwidth where they'd reduce my speeds, and therefore wouldn't mind letting others in WiFi range use it if they needed to move some data. Then I considered what would happen if the police showed up for information on a user, which I wouldn't have, and decided that my technical knowledge meant the lack of logs proved I was erasing them. So I didn't. Still, my idea to do it was basically altruistic.

      1. Yet Another Anonymous coward Silver badge

        Re: Sounds “interesting”

        Shaw do it in Canada.

        You can connect to any Shaw home wifi router with your account details so get 'free' wifi in any city.

        The traffic is firewalled from the home user and they ultimately know your account details if there is any illegal activity. Don't know if you can opt-out

        1. doublelayer Silver badge

          Re: Sounds “interesting”

          I didn't have that because I was using my own equipment and not about to change it. Also, that's limited to customers of that ISP, which I didn't want to do. Basically, I anticipated that my neighbors could use it if their connection broke but mine didn't. Or someone else who was in the area and needed to connect. I also doubt there'd be that much risk of abuse since it would only be available relatively close to the access point, but I decided that if things did go wrong, they would go horribly wrong and I didn't like that idea. I mentioned to a neighbor that they could have the password if ever it became useful and gave up on the rest of the idea.

        2. Ian Johnston Silver badge

          Re: Sounds “interesting”

          Much the same happens with BT Internet here, though in my experience - before I went elsewhere - not many people enable the guest user service.

          1. Adrian 4 Silver badge

            Re: Sounds “interesting”

            What you get in exchange for enabling the BT service is the ability to use it on others addresses when you're not at home. It generates a separate SSID, it doesn't open up your home network.

            However, when I tried it, the signals I could get from other users were so poor that it was unusable.

          2. anthonyhegedus Silver badge

            Re: Sounds “interesting”

            That tinpot ISP you refer to actually enabled "BT Fon" or "BT WIfi" or whatever it's called BY DEFAULT, well at least they did.

            They didn't explain it very well and so most people didn't disable it.

            1. Anonymous Coward
              Anonymous Coward

              Re: Sounds “interesting”

              "[...] or whatever it's called BY DEFAULT, [...]"

              At a glance all my neighbours who are with BT have the Fon SSID access enabled.

        3. heyrick Silver badge

          Re: Sounds “interesting”

          Orange France used to do that. Your Livebox (router) essentially ran two different access points separated from each other (different IPs and everything).

          You could opt out (it was auto opt in) but this meant that you would not be able to make use of the service on other people's devices. You are either a part of the service, or you aren't.

        4. AnAnonymousCanuck

          Re: Sounds “interesting”

          This is not true, at least not within the past 2 years. Shaw cable modems are controlled by Shaw, however, you control the wifi router and you can connect any wifi router to the modem. Shaw does offer a wide area wifi network for all it's subscribers that it supplies through it's business customers. That service is opt-in for the business. The wide area wifi was extremely useful 5-10 years ago when there was very little publicaly available wifi, it is still useful occasionally.

          As to reselling internet access, the users are just running a server on their machine. Unless their contract with the ISP prohibits servers I cannot see why it should not be allowed.



        5. Anonymous Coward
          Anonymous Coward

          Re: Sounds “interesting”

          Comcast does that in the US.

      2. Anonymous Coward
        Anonymous Coward

        Re: Sounds “interesting”

        I have no password on my home wifi. That's because I live in a very old house with very thick walls and wifi only works well in the sitting room or kitchen. If I see someone I don't know on my settee, my first question will not be "Are you using my wifi?"

        1. Aussie Doc

          Re: Sounds “interesting”

          "How did you get in?"

          All in jest, of course - have one on my house --------------->

    2. MachDiamond Silver badge

      Re: Sounds “interesting”

      "I once knew someone who left their wifi completely open (was a few years ago) so anyone could access it. Know I don’t know why unless he planned on hacking everyone who connected...."

      That's one idea. Throttle the bandwidth down to a snail's pace and people won't hang on too long. Certainly not long enough to download kiddie pron of a feature film. In the mean time, you can MiM anything they do try to do. If you are really clever, you can allow full speed to anybody accessing a financial institution.

  4. Anonymous Coward
    Anonymous Coward

    lack of an answer IS an answer.

    "Do ISPs have any issue with PacketStream reselling customer bandwidth, given that many explicitly forbid resale?"

    If they can't say "some might, but we compensate by ____", the lack of an answer is in itself an answer.

    "Have any PacketStream customers had their ISP accounts cancelled or blacklisted as a result of what's done on IP addresses that they're associated with?"

    "Has PacketStream had to remove or warn any proxy address customers for illegal or disallowed activities? If so, any idea how often that happens?"

    Similarly, if they could answer "no" for the above, the would say so. Or even "yes, once early on when X happened, we compensated the 'pawn' by doing Y and we prevented recurrence by doing Z"


      Re: lack of an answer IS an answer.

      The second non-answer they provided is the most non-answer non-answer I think I have ever read.

      "Has this bad thing ever happened to any of your users?"


      1. Michael Wojcik Silver badge

        Re: lack of an answer IS an answer.

        I always hear this sort of response in the voices of the Moomians from Aqua Teen Hunger Force:

        "We value integrity! Our service is perfectly safe on the Moon!" "Do not question it!"

  5. Dan 55 Silver badge


    Hasn't this already been done ages ago with Fon? Which you probably also disabled on your BT router if you had any sense.

    1. karlkarl Silver badge

      Re: Fon

      No. That is BT making money. So it is fine.

      Us peasants aren't allowed.

      Besides, I can't see it being useful. Just keep getting free 30 day trials at one of many cloud pushers (Azure, AWS, etc) and set up a SOCKS5 proxy via SSH and use that. Done.

      1. Anonymous Coward
        Anonymous Coward

        Re: Fon

        If you look around on some of the more black hat forums, you can see that residential proxies are something people are willing to pay for rather than use a VPN. Some websites and services block IP addresses coming from data centres which are where 99% of VPN end points are so they want residential IPs that are much harder to block.

        But yes they are often use for purposes which might not be illegal but certainly go against some T&Cs such as making fake social media accounts, bumping up likes etc

      2. Anonymous Coward
        Anonymous Coward

        Re: Fon

        "[Fon] is BT making money. So it is fine."

        I take your point that rules don't apply to BT, but Fon has actually been around since before its association with BT.

        E.g. from 2006


        And, inevitably, there's

        Looks rather like the US is late to this particular game.

      3. LDS Silver badge

        "No. That is BT making money. So it is fine."

        There's a difference - if the ISP does it you're legally protected, especially if the the "rented" traffic happens on a separate IP address (as it should be). Even if sharing a connection would not violate here all residential internet contract I've seen (but occasional guests), I would never share my IP address to allow unknown traffic for which I take full legal responsibility. With some ISPs it could also trigger some "unfair use" policies which can mean your connection gets limited.

        I can't really see any useful, legal use of such service.

  6. Ken Moorhouse Silver badge

    I think there will be a lot of people searching for something like this...

    Is it called "pawnhub"?

  7. Anonymous Coward
    Anonymous Coward

    The price my ISP is charging me per GB

    is at least 10 time higher than what I could gain by sharing it with others.

    I couldn't find a proper translation for the French expression "piège à cons", all English equivalents I could find are mild.

    1. Andy Non

      Re: The price my ISP is charging me per GB

      I'd translate that as C*nt traps.

      1. Pascal Monett Silver badge

        Moron traps would be more accurate

  8. Anonymous Coward
    Anonymous Coward

    But the other way round............... much more attractive...........................


    A bad actor (but not me!) simply hi-jacks a WiFi access point in the neighbourhood. After the hi-jack, the bad actor gets FREE broadband.............................


    ............................and when the plod turn up, someone else ends up in pokey......................


    What's not to like? No rental contract, no "subletting", no "reselling"............bad actor moves on to another hi-jacked WiFi....................

  9. David Roberts

    Look at them yo-yos that's the way to do it

    "Money for nothing but your nicked IP"

    Kudos for the headline.

    I have run a VPN server locally which trombones incoming connections so that when abroad I can still access services in the UK from my usual IP address.

    Useful when you travel abroad (as far as I can remember - it's been a while).

    I wouldn't sell that as a service though.

  10. Anonymous Coward
    Anonymous Coward

    Get outta here!

    My 600Mbps is mine - all mine. And no one is sharing it.

  11. Anonymous Coward
    Anonymous Coward

    Ha ha ha

    Hahahaha. Hahahahahahahahaha. No.

  12. Fazal Majid

    I did an informal version of this

    I set up an IPsec/IKEv2 VPN on an OpenBSD box a friend installed in his home network, for purposes of circumventing Netflix's geofencing of content, because of course they blacklist most cloud provider IP address ranges. The one day the machine burned out due to a thunderstorm and that was that.

  13. Twanky Silver badge
    Holmes computer...

    ...another individual posting to the thread claims to have aroused the ire of IT staff after installing Honeygain on a work computer.

    Ire? Yup, that's one word for it.

    (I wanted the slap-head, Sherlock and nuclear explosion icons all at once).

    1. Andy Non

      Re: computer...

      A P45 icon would suffice.

  14. S4qFBxkFFg

    Sounds like Hola, but with the difference being cash rewards rather than use of the VPN:

    It was a bad idea in 2015, and it's a bad idea now.

  15. anthonyhegedus Silver badge

    “IPRoyal is built on three core pillars – security, safety, and privacy,"

    Sure it is, though to be fair, it isn't.

    1. Anonymous Coward
      Anonymous Coward

      It is for those using the shared IP, less so for those doing the sharing. ;-)

  16. petef

    What a difference an a makes

    Pawn vs pwn.

  17. Nifty Silver badge

    I misread the title and thought I'd seen "subnet your home" :-)

  18. Paul Hovnanian Silver badge


    To "share" their Internet service?

    Maybe I'm misunderstanding this use of the term "proxy". But that's usually a gateway between something like an internal (like corporate) network or a LAN and the outside world. Which still begs the question of how these users are connecting to the private side of my proxy. They either already have Internet access in (via a VPN?) In which case, what are they buying from me other than my IP address (and all the shenanigans they might use that for). Or they expect me to provide them with a WiFi connection (which means a bunch of homeless people camping in front of my house in RVs). Or perhaps the expect me to hang an Ethernet cable out an open window.

    Renting bandwidth out to someone requires that they have bandwidth in somehow.

  19. IceC0ld

    strange concepts ..........

    from article

    that let customers rent out unused bandwidth ..........

    what is this strange thing, UNUSED BANDWIDTH, I may have unlimited bandwidth, but I try my best to batter that each and every month :o)

  20. DJManas

    Residential proxies explanation


    I agree that there are many ways to use your traffic for illegal purposes, but that is why we put so much attention on security measures. We are doing everything to ensure it's safe for our pawns to share their internet through our application. Also, keep in mind that we have all logs of our clients' and pawns' activity (IPs, accessed websites and services).

    It's essential to keep in mind that Residential proxies and VPNs are different products. Most people use VPNs for illegal things. For Residential proxies, the client pays per GB used. The price is too high to use the service for intensive downloads or streaming.

    So here are a few business cases where our focus is and where we allow using that bandwidth and IPs:

    1) SEO and Business Intelligence. Having an uncensored view of the internet allows IP proxy users to gather and analyze competitor-related data such as their prices without being blocked or misled. Often, that is a substantial asset that enables businesses to gain a competitive edge.

    2) Buying High-Demand Limited Edition Items. Special release gadgets, designer clothing, and –most recently–sneakers are now an emerging alternative asset class. That rising demand for such items makes the act of a successful purchase much more difficult. That is why eager resellers have started making use of residential proxies purchase requests and successfully obtain these coveted items before anyone else.

    3) Ad Verification. With malvertising and ad fraud continuously taking up new forms, an increasing amount of websites are infiltrated by malicious actors who prevent the proper delivery of ads to the intended audience. Using services as such, companies can check whether their ads are running correctly and showing up on the right websites, exactly how they were initially intended to.

    4) Content Delivery. Millions of individuals have to deal with the fact that some content is geo-restricted to them. However, these restrictions can be surpassed by temporarily borrowing somebody else’s IP, which makes the internet genuinely borderless.

    5) Social Media Management. Social media managers often create several accounts to promote their brand. But the issue they face is that Facebook, Instagram, and other platforms tend to ban users who have multiple accounts. Since these apps track users by their IP address, employing a residential proxy is a way to circumvent these restrictions.

    I hope that will make things a bit more clear. However, it's really up to the person to decide if they want to share their internet connection. I just don't want you to think we're planning to do anything illegal with your bandwidth or IP.

    1. LDS Silver badge

      Re: Residential proxies explanation

      "SEO and Business Intelligence" So usual SEO attempt to access data they should not, and from which they could be forbidden access for good reasons, and game the system.

      "Buying High-Demand Limited Edition Items". Bypassing "one item per person" limits? To resell them at even higher prices? That too violates seller rules. Because of people like you I can't find a graphic card at a reasonable price, it looks.

      "Ad Verification" Or faking views and clicks to make money?

      "Content Delivery". Contents are geofenced because licenses may have been bought for a region only. Again, accessing contents the user has no right to access, since didn't pay for them.

      "Social Media Management." Again, it looks a way to fake users for fake "followers", "likes" and "reviews"

      "I hope that will make things a bit more clear."

      Yes, it's clear the service is used only for shady areas that if not (still) utterly illegal, violates T&C, is unethical, and just makes the internet a worse place - and people not having a static IP could end up with IPs blocked by idiots using such systems.

      Hope ISPs bans the use of such products and blocks the originating IPs directly.

      1. Anonymous Coward
        Anonymous Coward

        Re: Residential proxies explanation...

        Many thanks to brand new elReg contributor DJManas for their "explanation".

        Even more thanks to long-term elReg contributor LDS for the translation into more honest language.

        If I understood them both reasonably correctly, this innovative/disruptive new service is just another opportunity for internet middlemen to make a quick buck from would-be spivs and wideboys who want to (putting it generously) "bend the rules". Not a million miles from e.g. the "buy a (fake) review" scams on Amazon, for example - LDS already made this comparison.

        DJManas as a username pops up in related discussions elsewhere too.

      2. batfink Silver badge

        Re: Residential proxies explanation

        3) and 5) are easily done by the employees simply signing on from their personal accounts. This doesn't require disguised accounts.

  21. Anonymous Coward
    Anonymous Coward


    Just don't look at their website.

  22. Pascal Monett Silver badge

    Please, have some decency

    " 'On average, our Pawns earn around $5-30 per month.' This in response to an individual claiming the amount was only about $0.15 per day. "

    You cite costs per month, then contracdict with price per day. Not the same ratio.

    $0.15 per day is $4.50 a month. That is easier to compare and quickly understand that nobody is getting $5 a month.

    1. Robert Carnegie Silver badge

      Re: Please, have some decency

      I imagine you only get paid when someone actually uses your network. Or, I could subscribe, but not let anyone actually connect. Or it may be more nuanced... anyway, users seem to connect to your network through an app, so, do you have to be home with your phone, for this to work?

  23. Blackjack Silver badge

    [Tor as a service that enables anti-surveillance and anti-tracking uses that he supports]

    Oh you sweet summer child. Tor makes Chrome spying look like a toddler entering an olimpic race.

    Tor only use is having a very unsafe proxy and light up like a Christmas tree that runs on batteries in the middle of a blackout.

  24. Aseries

    Wait a minute.

    How does this sharing take place? If some other users are tacking on to your Internet service are they not getting there through some other ISP? Or is this about folks in your apartment building leaching off your WiFi?

    1. Blackjack Silver badge

      Re: Wait a minute.

      Basically they are using your Internet as a proxy server. You get paid a pittance for your Internet address to get banned everyone and your IP to get in the law watchlist.

  25. FriendInMiami

    Comcast has / had a problem today - I got this email


    My Account >

    xFi Advanced Security is currently unavailable

    We're writing to let you know that xFi Advanced Security is currently unavailable. We’re working to fix the issue and will email you again when it's been resolved. In the meantime, you may want to turn on Protected Browsing. You can find it in the Connect section of the Xfinity app.

    You can continue to use all your other xFi features, including parental controls and the ability to pause WiFi.

    We apologize for the inconvenience.

    # # #

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like