Security thread on maintaining privacy online: I have been considering using my own home built pfsense router. After playing with this software for a week or so I am impressed as hell with it. I have to confess that I have been reading around on "dark" issues with respect to the NSA and their over reach. In addition to missing cool control features, I am somewhat convinced that retail home routers have "weaknesses" built into them to facilitate exploit. That hopefully won't be the debate of this thread. This project is also important as throughput can be exceptional on pfsense router systems. Spring boarding on the assumption of the above being correct, another question comes to mind: My commercial ISP requires everyone in the area to use their supplied modem, which is a Motorola, and they don't charge for it (publicly anyway). Its fast and can easily supply 75 meg all day long. If I were to construct a solid pfsense router with flawless security, but the modem itself is compromised, how would you recommend dealing with that? First off, I sleep well at night this is not some tin foil hat lose sleep thing. If I use pfsense and configure it to lock down 100% to a specific VPN and only their dns, wouldn't that cover me even if the modem attempted to "sell me out"? If the answer to that question is YES, then how is pfsense better than my current setup? - My wireless laptop is currently locked down to only one starting VPN connection and its exclusive dns. Anything else is totally blocked. How could a compromised router do anything with a 100% encrypted wireless payload? Strictly from a security standpoint, based upon your knowledge of my wireless protocol, what would a pfsense router benefit me over an every day retail home router? I do know how to secure and lockdown the router. My limits are based upon the software they use and of course any "unknown" weaknesses. One concern I have is that should someone come into my home, a well constructed pfsense router clearly makes a person stand out as something other than a "normal" user. Whereas my current scenario is all stealth from a physical hardware standpoint. I know pfsense is completely legal and makes perfect sense to use. The fact is that normal home systems just don't really use such a setup.