Re: BBC - Security failings in home routers exposed
Originally Posted by
Edward_B
Could anyone help explain to me whether the type of data and encryption through Ubuntu/Mint will vary to Windows when sending it through a router?
I suspect the answer is no. I'm guessing that servers hosted elsewhere need to understand a universal language when it comes to data requests from internet users such as you and I.
The reason why I ask this is because one of the main attractions to me for using Ubuntu/Mint was the security it offers us users. This article suggests to me that this could be rendered useless if one were to have a buggy or inadequete
The security risk you would have if someone hacked your router is that they would be a "man in the middle" (MITM) and could read all the traffic you send over the internet and to other computers in your private network. Your operating system is irrelevant, Mac, linux, windows, solaris, etc. all are equally vulnerable to this.
Generally the encrypted traffic won't be readable by a MITM- it will be gibberish to him. What you would be concerned about would be the unencrypted traffic, which is normal HTTP traffic. A MITM would be able to read all your HTTP traffic. MITM could also inject malicious packets into your traffic, or redirect you where ever he wanted. To defend against that you can use a VPN- there are free and cheap services all over. An easier, less effective solution is to force all traffic over HTTPS (browsers have add-ons that do this).
Now I'll ramble on about encryption, as your question demonstrates that you don't have an understanding of it.
There are various types of encryption. For instance you can encrypt your linux home directory or drive. You can also encrypt a Windows drive using the same general concepts. You can encrypt files like zips and MS Office documents. There are a ton of encryption methods with varying degrees of security. Regardless, these are completely unrelated to and unaffected by your router.
I think the encryption you're concerned about is related to sending and receiving traffic over the internet. And yes, there are universal protocols used to accomplish this.
When you log into your bank website, then the encryption is initiated by the web page using a certificate over HTTPS. Your browser, regardless of your operating system, checks that the website is using a valid certificate. Then all the traffic between your computer and your bank is encrypted as it travels, then decrypted on either end. If someone hacks your router then they would have to trick a certificate authority into giving them a valid certificate in order to see your traffic. It's possible but quite unlikely. It is irrelevant whether you're using windows or linux, the likelihood is the same.
Then there's ssh encryption. It uses private and public keys to create an encrypted tunnel between you and the ssh server. An attacker would have to steal the private & public keys in order to see your ssh traffic, and he'd either need to break into your computer or solve an unsolvable mathematical equation to do it. This is also independent of operating system.
Then you have VPN encryption. There are a variety of implementations, but they all create a secure tunnel between you and the server similar to ssh. VPNs use additional protocols to maintain the encrypted traffic. Someone that hacks your router has a ton of work to do if they want to see inside a VPN tunnel, both on Windows and linux, making it extraordinarily unlikely.
Knock knock.
Race condition.
Who's there?
Bookmarks