Travel routers, in the sense that the term is normally used, definitely use Wifi. Wifi on the "client" side (normally encrypted Wifi), and either ethernet, Wifi (normally unencrypted public wifi) or possibly (but rarely) 4G on the uplink side.

No, not really. (As you clearly understand given your mention of HTTPS Everywhere). You are protected as long as your communication to the site uses HTTPS. Your bank might use HTTPS, but if someone is intercepting your traffic then it's possible you were silently redirected to a different site that's not using HTTPS, or is using HTTPS, but is not your bank. Rather than repeat what I've said here before, I'll just point to this previous post.

HTTPS Everywhere certainly helps with this problem, as do new things like HSTS (which forces your browser to always use HTTPS for specific sites automatically, without HTTP Everywhere), but for the average person it's still far too easy to have your traffic going somewhere other than where you're expecting and not realize it...