this post was submitted on 17 Feb 2024
25 points (85.7% liked)

Privacy

31876 readers
389 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Is using the router and modem my cable company provided for my internet putting my privacy at risk? And if so, I have heard of openWRT routers but it seems like there's quite a bit of a learning curve with that but even if I got one would I need a non cable company branded modem as well? Any specifically that anyone here would recommend?

you are viewing a single comment's thread
view the rest of the comments
[–] bobs_monkey@lemm.ee 13 points 8 months ago (2 children)

Tl;Dr: screw ISP modems. If cash is tight, go with a 3rd party router you can slap ddwrt/openwrt. If you've got some money and time, go with something a little more robust.

Modems aren't really a big deal, all they really are is an interface to the cable system's RF signaling, as well as subscription enforcement (speeds, if you paid your bill, etc). Any thing leaving your router is going to be seen by the ISP either there or at the headend, so it doesn't really matter. They make 3rd party modems, but performance increases may be minimal.

Routers on the other hand, I wouldn't trust their gear as far as I could throw it. Perhaps I have a tinfoil hat on, but I wouldn't put it past them to log all traffic before it hits my VPN and phone home, let alone hold and handle my configuration correctly (looking directly at you, Spectrum). I recently got Frontier fiber and they provided an Eero router, and I don't care for that thing (primarily because they're owned by Amazon, and I don't trust Amazon even more than my ISP). For my networks, I pass all traffic through a VPN on the router level so that all my ISP sees is a big blob of encrypted blah (with the exception of streaming apps, whom are isolated on their own network with very strict firewall rules and are not allowed anywhere near my trusted network, only because some get cranky when used over a VPN and they're data vacuums). Additionally, ISP-provided routers have a tendency to lack configuration options, even port-forwarding (useful for gaming, servers, etc). Not entirely sure where your networking skills are at, but I'm guessing you might have some basic familiarity given that you're here and asking.

Most 3rd party routers will give you better performance and configuration options than your ISPs nonsense, and maybe a better degree of privacy (though maybe not). If privacy is your concern, all your traffic needs to be encrypted out of your router through a trustworthy VPN, and steps on your local network need to be taken to ensure that traffic is handled appropriately. Do your research on the brand and company of any gear you're looking to buy, and make sure they line up with what you're looking for.

I haven't messed with dd-wrt/openwrt in probably 10+ years, but they were a great option for consumer-grade hardware back in the day, and I'd hope they still are. The software simply did it's job of routing packets and that was it, no shenanigans. There is a bit of technical knowhow involved, but their guides were great and very thorough. As long as you understand basic networking concepts, it should be reasonably straightforward to set up a basic network.

If you have the money and time to learn, I'm personally a fan of Ubiquiti (when I'm paying for it) and Ruckus (when a client/someone else is paying for it). These are much more involved networking hardware companies and there is a good sized learning curve (and cost), but if you want something to play with and a streamlined network, they're awesome. Ubiquiti has a pretty decent wizard to get a basic network going, and from there you can mess with it at your leisure. Their Dream Machine (UDM) is a great all-in-one router/wifi AP, but it's also almost $300, depending on your money situation.

[–] Cyberbatman@lemmings.world 4 points 8 months ago* (last edited 8 months ago) (2 children)

Dude thanks for sharing, I'll be sure to check out more into Ubiquiti devices. Any suggestions on VPN providers?

[–] NegativeLookBehind@kbin.social 5 points 8 months ago

Mullvad is very nice

[–] bobs_monkey@lemm.ee 3 points 8 months ago

No worries. Be warned, their customer support is absolutely non-existent. For VPNs, Mullvad.

[–] BobGnarley@lemm.ee 2 points 8 months ago (1 children)

Would using something like a Glinet Beryl travel router increase privacy in this scenario if you just used WiFi repeater mode and only connected to that router or would your cable provided router still be able to decrypt all of your traffic due to being unable to change their DNS settings? To be honest I know very little about networking I just want to increase my privacy to the fullest extent possible

[–] bobs_monkey@lemm.ee 2 points 8 months ago* (last edited 8 months ago) (1 children)

I would hardwire that Beryl unit to your ISP's router (Beryl WAN to ISP Lan, or even just skip the ISP's router entirely and plug the Beryl into the modem) and pretend their wifi doesn't exist. Do you have physical access to the network gear and/or roommates that might be weirdos about it?

[–] BobGnarley@lemm.ee 1 points 8 months ago (1 children)

I did hardwire it to the modem and it's been awesome once I figured out what I was doing lol thank you so much for all of your help! Someone else mentioned changing the DNS settings is important for privacy, would you recommend to edit the Netmask and Gateway as well (I'm just using the same ones the ISP gave me in DHCP) or is changing the DNS enough?

[–] bobs_monkey@lemm.ee 2 points 8 months ago

Changing DNS is a good idea, but leave the netmask and gateway alone.