👍

Thanks for the info. I always wondered what specifically that ‘s’ did for me!

David

The “s” in https means that the information travelling between two parties can’t be read or view by a third party, David. That’s like you write a letter in code before mailing so that the text can’t be read by anyone who hold the actual letter during the mailing process. All they know is where the letter comes from and where it arrives at.

As you have noted, VPN has nothing to do with security but 100% with traffic management—privacy implied.

Still, security is nuanced, the only way to 100% secure anything is not to have use it at all. So if you want to web traffic to be 100% secure, turn off your computer and your router and take a hike in the woods (but then you might get attacked by a tiger.) Nothing will work if you think in terms of black and white.

Thanks so much for all of the information in this space. I’ve found it much more valuable than many tech sites.

Regarding securing my cyber activity, I think I understand how to secure my own network, starting with not using a router that requires a login account. I also think I know when I’m at a website that is secured by looking at the url for “https” and the lock and shield icon to the left.

What I’m uncertain of is this: Let’s say I’ve taken the recommended steps to secure my local network and I’ve connected to a very secure site. Still, what about the data as it travels between myself and the site? Is there something else I need to do to ensure its security on its trip back and forth?

I thought a vpn would hide it under just these conditions, but then I read your vpn article and was dissuaded, realizing I’d just be showing my traffic to the owners of the vpn server.

What is the best way to secure the traffic during the entire trip between a secure network and a secure website?

Thanks so much,

David

Let’s focus on the good points. Give them a good read! 🙂

Trusting a brand and giving it your personal information because it is big is generally foolish, tho.

Personally, I don’t trust small brands and always turn on auto updates.

The AP mode is less intrusive but it doesn’t cut off the connection between the hardware and the vendor, Moogle. Like a bridge that’s always there whether you’re crossing the river or not, the use of the connection is at the mercy of the vendor and all that implies.

I put a privacy note in virtually all products where the issue can be a concern.

You often mention tplink in privacy notes. Is there a privacy issue for say the tplink deco BE65, if you only use it for ap mode only. So not the router function, since i use pfsense for that. Just need it for wireless mesh and as a wifi access point.

I know one area of concern is you have to login to a tplink account in order to manage the device. So in this way i’m sure they can tie your ip to that device. But to my understanding, you only login when administering the device, but rest of the time you don’t have to open the app to login correct?

But if you don’t use the router mode, are safe from the other questionable stuff like the chance of them possibly spying on your website surfs etc?

Like there is a feature that they give you for free (whether you want it or not, since there is no disable). Which inspects and protect u from bad sites or some such. I assumed this is disabled when using wireless ap mod? is that a correct assumption?

Anyway my point here is, are the privacy concerns you have for tplink deco not a problem when using as ap mode only? or does it still have the same level of privacy concerns?

1. They can see that but they have no idea who (which device) within your home network access that website, so the information is sort of useless, considering folks share their Internet access with others, like the neighbors, all the time. Also, they can’t know what a device does on the website.
2. No. That party has to get a hold of your router, your particular device, or your DNS server.
3. A third party can know your location (ball park) via your WAN IP address as shown in the screenshot of this part.

“Consequently, generally, the ISP only knows the owner of the account who pays for the service, the MAC address of the router, and the Internet traffic that flows through the account—specifically, through the WAN IP address registered to the terminal device.

The ISP does not know which person or device uses which part of the traffic—that specificity is shielded by the router. An Internet connection is almost always shared between multiple parties. Without knowing which party does what, the information an ISP can collect from the account is of little value.”

1. Does that mean the ISP cannot see the exact websites your household visits within the internet traffic?

2. Can third parties – be they of a government persuasion or hackers, scammers etc – see your exact web traffic remotely simply by knowing your IP address, or would someone actually have to monitor in real time internet traffic of a particular customer at an ISP (or else have physical access to the Router having logged in with your own password at your property)?

3. I wonder if you could also clarify something that I seem to see conflicting information on. Can third parties actually trace your location based on you accessing a website from a particular IP at your own home or business then?

I totally get what you mean about VPNs because like you said that would put someone at the mercy of a VPN provider.