Travel router security without VPN?
#1
Original Poster
Join Date: Apr 2000
Location: Wash DC
Posts: 95
Travel router security without VPN?
Hi, I understand the benefits of using a travel router to share connections where you might pay/connection. I understand using a VPN to get around geographic limitations.
But is there any security benefit to using a travel router WITHOUT a VPN, say in a hotel or coffee shop? This is where I get confused. Are they only helping protect me from other people (not the hotel operators or coffee shop owners, who, let's say we trust) if and only if I am also using a VPN?
So as far as security --- does a travel router with no VPN = connecting to public or hotel wifi directly?
Thanks
But is there any security benefit to using a travel router WITHOUT a VPN, say in a hotel or coffee shop? This is where I get confused. Are they only helping protect me from other people (not the hotel operators or coffee shop owners, who, let's say we trust) if and only if I am also using a VPN?
So as far as security --- does a travel router with no VPN = connecting to public or hotel wifi directly?
Thanks
#2
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,229
There is no security impact on using your own router vs connecting to the underlying wifi/ethernet directly.
Your browsing and transactions are secured either way using TLS (addresses that start with https). That's the important thing.
Your browsing and transactions are secured either way using TLS (addresses that start with https). That's the important thing.
#4
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,229
Correct, and your internet provider (VPN, hotel, Comcast, whatever) can always see your unencrypted traffic. Actual security is accomplished via encryption between your computer and the website/service you're accessing.
#5
Original Poster
Join Date: Apr 2000
Location: Wash DC
Posts: 95
thank you for the courteous reply. i already bought a little travel router and just signed up for a free VPN to try it out the next time we go on vacation.. if nothing else, it will make connecting our 2-4 devices easier, and give me a project to learn about..
#7
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,229
Sure, but tablets/phones/PCs these days default to having their firewalls block everything anyway. Also the network engineer in me is forced to say that NAT isn't intended as a security feature. The main issue is people either sniffing unencrypted traffic or tracking what you're doing. But with how pervasive TLS is becoming, that becomes less and less possible.
#8
Join Date: Jun 2019
Posts: 30
No real security benefit though. If a site uses HTTPS you are protected regardless of who listens.
VPNs can be helpful in some cases, but if you don't think anyone is targetting you specifically it's probably sufficient to install the HTTPS Everywhere extension.
(It makes sure sites like Gmail and FT that use FT won't fall back to plain, unencrypted HTTP).
Personally I choose to use a VPN when travelling, since so many sites (even ones you'd think are important) either don't use HTTPS, or have "mixed content". It's also hard to tell sometimes if a certificate error is due to an improperly configured captive portal (the thing you click "I agree to the TOS" or log in on), or a malicious attack.
Sure, but tablets/phones/PCs these days default to having their firewalls block everything anyway. Also the network engineer in me is forced to say that NAT isn't intended as a security feature. The main issue is people either sniffing unencrypted traffic or tracking what you're doing. But with how pervasive TLS is becoming, that becomes less and less possible.
Metadata can give a lot of information, so I choose not to
#9
Join Date: Jul 2007
Location: San Francisco/Sydney
Programs: UA 1K/MM, Hilton Diamond, Marriott Something, IHG Gold, Hertz PC, Avis PC
Posts: 8,147
Travel routers, in the sense that the term is normally used, definitely use Wifi. Wifi on the "client" side (normally encrypted Wifi), and either ethernet, Wifi (normally unencrypted public wifi) or possibly (but rarely) 4G on the uplink side.
No, not really. (As you clearly understand given your mention of HTTPS Everywhere). You are protected as long as your communication to the site uses HTTPS. Your bank might use HTTPS, but if someone is intercepting your traffic then it's possible you were silently redirected to a different site that's not using HTTPS, or is using HTTPS, but is not your bank. Rather than repeat what I've said here before, I'll just point to this previous post.
HTTPS Everywhere certainly helps with this problem, as do new things like HSTS (which forces your browser to always use HTTPS for specific sites automatically, without HTTP Everywhere), but for the average person it's still far too easy to have your traffic going somewhere other than where you're expecting and not realize it...
HTTPS Everywhere certainly helps with this problem, as do new things like HSTS (which forces your browser to always use HTTPS for specific sites automatically, without HTTP Everywhere), but for the average person it's still far too easy to have your traffic going somewhere other than where you're expecting and not realize it...
#10
Join Date: Dec 2006
Location: SNA
Programs: Bonvoy LTTE/AMB, AmEx Plat, National EE, WN A-List, CLEAR+, Covid-19
Posts: 4,963
I should probably plug "NeverSSL" here- as it eponymously states, it doesn't use SSL so it's perfect for being the first site you open after connecting to a captive-portal network to bring up the TOS page (if any).