this post was submitted on 02 Jul 2024
8 points (75.0% liked)

Privacy

833 readers
2 users here now

Privacy is the ability for an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.

Rules

  1. Don't do unto others what you don't want done unto you.
  2. No Porn, Gore, or NSFW content. Instant Ban.
  3. No Spamming, Trolling or Unsolicited Ads. Instant Ban.
  4. Stay on topic in a community. Please reach out to an admin to create a new community.

founded 2 years ago
MODERATORS
[email protected]
8
Privacy Implications of using ISP issued Router? (links.hackliberty.org)
submitted 4 months ago* (last edited 4 months ago) by [email protected] to c/[email protected]
15 comments fedilink hide all child comments
 

I know this is an outrageously bad idea, I don't need convincing. I am just looking for some more information and discussion on what exactly the exposure and surveillance risk is.

I'm asking both for my own education (I am still very green to networking), and to better explain to people in my life if and why they should care.

  1. Is it true that traffic can be tracked and logged by ISP through DNS lookups, as these routers are preconfigured to use their internal dns service?

  2. If this is changed (like base.dns.mullvad.net), how much does this actually mitigate the risk here?

  3. What about when a VPN (mullvad) is also being used at all times? Would it then be "overly paranoid" to fear this untrusted box all the traffic goes through?

I personally take a conservative approach to things like this and assume it's an unacceptable risk, but I don't really understand what the truth is.

Thank you in advance for your time and thoughts.

EDIT: I'm asking about US and US adjacent areas

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 4 months ago (1 children)

I always put a firewall that I own inside the ISP router. Right now I'm using an old ASA 5505 but I'm considering upgrading to a Firewalla Gold. I slay segment my network so that it phones and notebooks are on one network and the TV and Xbox and other things that I have no control over on another.

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago) (1 children)

Seems like a fair solution, thank you for the reply.

Is the ISP router a bottleneck concern for you or do you have a recent/decent model?

[–] [email protected] 1 points 4 months ago (1 children)

I'm on SpaceX. I have their latest terminal.

I used to be in Bell Canada and before that a local ISP. I've always had a firewall inside the ISP router because I work in information security and don't want anyone inside my network. My high network can reach my low network but my low network can't reach my high network.

[–] [email protected] 2 points 4 months ago (1 children)

You've given me a lot to think about and look into, thank you.

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

You're welcome. Check out Firewalla. They make nice devices and they are relatively affordable.