Privacy

47127 readers

1389 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS

Protect myself from my ISP? (lemmy.world)

submitted 1 day ago by certified_expert@lemmy.world to c/privacy@lemmy.ml

36 comments fedilink hide all child comments

Noob here. This is probably the most repeated question, but I don't know the technical terms to make the appropiate digging online, and thought of asking humans before slopping my way around.

I don't trust my ISP or the government above it.

The ISP remotely manages the local network! So I installed a router of my own and my devices only to that one.

I would like to encrypt (?) anything that goes out of my own router, so my ISP doesn't evesdrop what I'm doing even if they want to (I know I know... if they really wanted, they could just send friends to my house).

Using Linux, Android GOS, and Pihole. They live under a "picked-up-from-a-shelf" router; and that router under theirs.

(I cannot get a different ISP)

Thanks

you are viewing a single comment's thread
view the rest of the comments

[–] ki9@lemmy.gf4.pw 13 points 1 day ago* (last edited 1 day ago) (1 children)

VPN is the answer but keep in mind that you're just moving the trust to the VPN (they can see your traffic).

The web uses a request/response architecture. Your computer requests a cat pic from the server and the server sends a cat pic back. Your real IP address must be in the request... otherwise the response cannot be routed back to you. VPNs act like couriers making requests and receiving responses on your behalf. So:

The cat pic server sees traffic coming from the VPN provider and doesnt know who you are.
The ISP sees encrypted traffic to the VPN but doesn't know what it is.
The VPN sees everything.

Most web traffic is already encrypted with TLS but not the domain names and IPs (needed for routing).

If you really want to be anonymous on the web, use tor, but it's slow and many websites block tor exit nodes so you will have a degraded experience.

[–] certified_expert@lemmy.world 3 points 1 day ago (2 children)

If I use VPN, my isp will see that I send and receive gibblish to and from a single address (the vpn server), all over port 443, right?

If I use TOR, what does my ISP see?

[–] ki9@lemmy.gf4.pw 2 points 15 hours ago

Itll go over a different port depending on the vpn protocol (i recommend wireguard). So the isp will know it's vpn gibberish, but there are ways to tunnel the ciphertext through https again (like wstunnel). A bit overkill for your setup but comes in handy if you need to break through firewalls (if you are in china and wireguard ports are blocked but 443 is allowed)

If you use tor, your isp sees tor traffic (gibberish) but tor also supports obfuscation to make it look like http. All you need to use tor is tor browser (mobile apps exist too) so try it out... It's free but you will see the limitations I mentioned.

[–] SitD@lemy.lol 4 points 1 day ago* (last edited 1 day ago)

yes
the same, but probably to an even more unknown IP that is also changing frequently. the content itself should look equally random