How does a Hardware Router help protect your privacy and outgoing data when you cant configure it?

I'm learning to use Tinywall. They have a tips page that suggest you get a router. --> "
Get a router, it is kind of a hardware firewall" and "Better routers have very good firewalls with sophisticated features, but even cheap ones provide good inbound protection due to the fact they do their NAT."

I seem to already have one, a Motorola NVG510 combo modem and router. So, am I to take from this that a router is Only firewalled for Inbound data, not Outbound data? (sorry about the Bold font, copying and pasting did it - I don't know how to fix that.)

How can this provide protection when I have no access to it's software to see what that built in firewall blocks or allows? To, me, it could be hardcoded to allow unwanted things like stuff from Microsoft to get in and I won't ever know about it. - Is this correct? What good is having one I can't configure or even examine? Someone straighten me out please. Thanks.

 

From http://setuprouter.com/router/motorola/nvg510/login.htm it looks like the NVG510 has at least some Firewall options. But more generally, you want a router that can be flashed with an open-source OS. Several on Wilders are into that, and will hopefully comment here.

 

A router connects or isolates two networks. In the case of a home router, the router creates your LAN (local area network) and connects your LAN to that other network called the Internet. The router adds one of the best security "layers" between you and the bad guys because the router assumes the IP address assigned by your ISP (the "external" IP address), then assigns a new and unique IP address to each of your connected devices ("internal" IP address). This means a bad guy "sniffing" around cannot see your actual connected computer or its IP address. He can only see your router and the external IP address but cannot get past your router because of the router's built in firewall features.

It does not really "protect" your outgoing data - nor does it really need to. The firewall on your computer already does that. But the reality is, if you have your computer's security properly configured, you don't even need outbound protection on your computers. Why? Because any malicious data should already have been blocked on the incoming side. For there to be outgoing malicious data, it would have had to make it past your router, past your computer's firewall and past your computer's anti-malware solution on the way in, then saved to your hard drive. Then the malicious data would have to be deployed and then exploit some unpatched vulnerability. Those are many and HUGE obstacles.

Of course, YOU, the user are ALWAYS weakest link in security. If you have FAILED at your user responsibility to keep Windows and your security updated, you could have unpatched vulnerabilities on your computer (which is exactly what the bad guys are hoping for). And you could let some malicious code in past your router and firewall by being what I call "click-happy" on unsolicited links, downloads, attachments or popups. But if you have kept your anti-malware scanner current, it hopefully will recognize the malicious code and stop it in its tracks before it could deploy its payload. But then still, if you have properly kept Windows fully updated, any vulnerability the malicious code was designed to exploit will be patched and protected.

No. That's tin-foil hat paranoia talk!

A totally basic router is really all the vast majority of users need. Advanced routers have extra features that are nice to have, but are not essential. These include MAC address filtering, VPN, scheduled access (parental controls), DNS editing, static IP assignments, and more).

As far as Microsoft getting in, that's just nonsense! You have MUCH greater and REAL threats out there to worry about. Microsoft is NOT trying to hack your router or your computer! Microsoft is NOT trying steal your passwords, access your contacts, read your emails, hack your bank accounts, or steal your identity. There is a HUGE difference between "security" and "privacy" and keeping your Microsoft products (especially Windows) fully updated is one of the most effective security measures you can take - BY FAR! Microsoft wants to protect your security, not thwart it!

Unless your user name is your real name, Microsoft does not even know your name!!!! Nor are they seeking it!!!!

Understand if you connect to your network via Ethernet, the closest Microsoft knows of your physical location is the physical location of your "POP" (point of presence). This is where your ISP connects your computer to the Internet backbone. In my case, that is 10 miles away in the next town over!!!!

If you are paranoid about someone reading your data, you need to be MUCH MORE worried about your ISP or even Google! Understand your ISP not only knows your real name, they have your billing information including SSN (IN in other countries), your actual home address, phone number, plus they know EVERYWHERE you go on the Internet.

If you are REALLY paranoid, be scared of your cell phone carrier. Not only do they know your real name, billing information, home address, etc., but they know exactly where you are currently standing (within just a couple yards) to include the aisle of the store you are in , they know where you came from, the direction you are moving and how fast you are traveling. They know who you've talked to and who you have texted!

Microsoft are NOT the bad guys. They have every incentive in the world to protect your security, not threaten it. And with Windows 10, they do a great job of it too. Again, privacy and security two totally different things. And even then, it is not hard to protect your privacy from Microsoft either. But you cannot say the same thing with Google, your ISP, or your cell phone carrier.

 

Thanks for the info guys. I much appreciate your detailed info Bill. I do however think you "protest a little too much" and seem to be an apologist for microsoft. I simply ignored everything you said about microsoft not spying or wanting to steal your data - you are dead wrong. I do remember the Prism Scandal that microsoft was involved in to illegally spy on citizens for the NSA. This is a proven fact. I remember the back doors the phoning home ect thats been in every Windows product since Windows 3.1 which I used back in the day. Keep yourself deluded if you like, but if I want to protect myself from Microsoft and shut them out of my PC for good, thats perfectly reasonable and my right to do with my operating system I paid for.

BTW, I don't own a cell phone, wont either. I have a house thats paid for, i'm retired. I don't use banks or credit or debit cards either. Yes, I use a VPN, and privacy minded browsers like Epic browser as well as StartPage and other technologies to hide myself on the web, even from my ISP and Google. In short, I trust no one. To me, an operating system has One job, and thats to run the programs I tell it to run. Everything else goes out the window (pun intended) I don't need any built in apps, or any part of the OS to connect for any reason including updates. My OS should act as if it is not connected to the net except for the things I expressly allow to go through.

Again, Thanks for the router info. Have a Great Day.

 

Not even. Bash where due is all I am saying. Microsoft has done plenty to receive my wrath and I have given it to them. I do not, and will not apologize for them when they don't deserve it.

But I do and will defend, with vigor, anyone including Microsoft when wrongly and falsely accused. And I will point fingers at those doing it and those rumormongers who blindly repeat it without verifying their facts first. Especially if it is to seek attention as is typically the case with wannabe journalists and bloggers who create false, exaggerated, and sensationalized headlines just to get attention.

Then make sure there are no holes in your tin foil hat!

And if you are going to cite examples to make your case, do your homework first and learn what you are talking about instead of being part of the dissemination of falsehoods problem!

It is clear you know nothing about PRISM. For one, it was the NSA, not the CIA and it was via court orders that Microsoft and others were forced to turn over data stored on US based servers. With just a little homework on your part, instead of rumormongering, you could have easily learned that Microsoft and others have been fighting tooth and nail to protect our data! Microsoft Files Appeal in Ireland Email Case,

If you want to bash Microsoft, I say go for it. There are plenty of things they have done over the years deserving of bashing. But don't spread falsehoods and rumors that just are not true because of biases against another. That does no one a service.

I assure you, there's no delusion on my part. In fact, because of my position in this industry, I undoubtedly have a better understanding of Microsoft's "privacy" and "security" policies and practices than you do.

It is clear you do not even understand Microsoft access. "Shut them out"? They are already in! They have no need to try to come in from the outside. That said, I agree and will defend your right to block them. But I note Microsoft already makes it easy to disable most of their telemetry and data collection via Settings, and there are plenty of tutorials out their to disable the rest. But again, the best they have is your IP, username, and POP location. If you are using wifi to connect to your network (and for you in particular, I hope not) then anyone sniffing your data packets has your geo-coordinates so you better really watch out!!!!

Lastly, if you truly believe Microsoft is the bad guy you claim them to be, then you are a fool to buy their products. Except for playing games, there is almost nothing you cannot do using Linux and open source alternatives to Microsoft products that run just fine on Linux.