this post was submitted on 17 Feb 2024
25 points (85.7% liked)
Privacy
31974 readers
264 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Where do you live? Whether you can use your own modem or not may differ. What the isp can or must do differs too.
I'll interpret "privacy at risk" as normal user privacy, with responses reasonable for normal citizens in a western/EU region (I can't confidently speak for others).
A modem is usually a "stupid" device or component. It is configured for the adequate transmission settings. It's not a concern.
The router is often rented and managed (and updated) by the isp. Replacing it with your own, a bought product not from the isp, and managing it yourself is a reasonable and relatively simple thing to do. I wouldn't call it necessary. It's the extra with extra effort. Installing your own open firmware is extra extra.
The simplest, most effective thing you can do for privacy is change the dns server of your devices. Instead of using your default routers isp provided one, use a privacy focused/mindful one. You can use one that does not resolve ad hostnames for additional significant benefit.
When you don't use the isp dns and use secure connections the isp already has no open protocol to snoop through. If they or another party at their endpoint wanted to snoop they can only use IP addresses which may vary in usefulness or attempt other more sophisticated tracking and analysis. A VPN would hide even the IP addressing - which is usually not necessary.
This can be the reason to switch router, my ISP delivered router doesn't allow me to change DNS delivered by DHCP or DNS used by the router. If I must setup my own DHCP server I might as well setup an opnsense and add crowdsec/suricata or zenarmor.
Is editing the DNS settings enough or do I need to edit the Netmask and Gateway that were provided by the ISP as well? Also in order for me to change the DNS settings I had to set up a static IP address, is this still a private setup?
When you talk about network setup and IP addresses you have to differentiate between your local network (between your end devices and router) and the "outside". Your devices connect to the internet through the router.
The IP gateway setting is your end device setting of which gateway to send packets through. You set it to your router. Whether this is done automatically (via "DHCP") or not doesn't make a difference in the end.
The netmask defines the network address space size. It's also something you don't need to change to set/change a DNS.
Where did you try to change the DNS setting? On your end devices would be enough. On your router it should also be a simple setting independent of other and of IP settings. (If the router allows configuration of it.)
(Did you set a static IP on your router, facing your local network, or the internet (would have to be provided by the ISP), or your end device within the local network (this is not necessary for DNS)? Either way I don't see why it would be necessary to set a static IP address anywhere.)