this post was submitted on 17 Feb 2024
25 points (85.7% liked)

Privacy

31837 readers
90 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Is using the router and modem my cable company provided for my internet putting my privacy at risk? And if so, I have heard of openWRT routers but it seems like there's quite a bit of a learning curve with that but even if I got one would I need a non cable company branded modem as well? Any specifically that anyone here would recommend?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 8 months ago (2 children)

Where do you live? Whether you can use your own modem or not may differ. What the isp can or must do differs too.

I'll interpret "privacy at risk" as normal user privacy, with responses reasonable for normal citizens in a western/EU region (I can't confidently speak for others).

A modem is usually a "stupid" device or component. It is configured for the adequate transmission settings. It's not a concern.

The router is often rented and managed (and updated) by the isp. Replacing it with your own, a bought product not from the isp, and managing it yourself is a reasonable and relatively simple thing to do. I wouldn't call it necessary. It's the extra with extra effort. Installing your own open firmware is extra extra.

The simplest, most effective thing you can do for privacy is change the dns server of your devices. Instead of using your default routers isp provided one, use a privacy focused/mindful one. You can use one that does not resolve ad hostnames for additional significant benefit.

When you don't use the isp dns and use secure connections the isp already has no open protocol to snoop through. If they or another party at their endpoint wanted to snoop they can only use IP addresses which may vary in usefulness or attempt other more sophisticated tracking and analysis. A VPN would hide even the IP addressing - which is usually not necessary.

[–] [email protected] 5 points 8 months ago

The simplest, most effective thing you can do for privacy is change the dns server of your devices.

This can be the reason to switch router, my ISP delivered router doesn't allow me to change DNS delivered by DHCP or DNS used by the router. If I must setup my own DHCP server I might as well setup an opnsense and add crowdsec/suricata or zenarmor.

[–] [email protected] 1 points 8 months ago (1 children)

Is editing the DNS settings enough or do I need to edit the Netmask and Gateway that were provided by the ISP as well? Also in order for me to change the DNS settings I had to set up a static IP address, is this still a private setup?

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago)

When you talk about network setup and IP addresses you have to differentiate between your local network (between your end devices and router) and the "outside". Your devices connect to the internet through the router.

The IP gateway setting is your end device setting of which gateway to send packets through. You set it to your router. Whether this is done automatically (via "DHCP") or not doesn't make a difference in the end.

The netmask defines the network address space size. It's also something you don't need to change to set/change a DNS.

Where did you try to change the DNS setting? On your end devices would be enough. On your router it should also be a simple setting independent of other and of IP settings. (If the router allows configuration of it.)

(Did you set a static IP on your router, facing your local network, or the internet (would have to be provided by the ISP), or your end device within the local network (this is not necessary for DNS)? Either way I don't see why it would be necessary to set a static IP address anywhere.)