Overclock.net banner

1 - 13 of 13 Posts

·
Banned
Joined
·
2,893 Posts
Discussion Starter #1
Will my ISP or router company be able to see my encrypted pages going back and forth from my computer? I think they won't but still I'm doubtful.

Like for example, my login page and inbox for web email is encrypted, but the page title has my full email address, will this be visible to ISP? If router company wants to will it be able to see it to?
 

·
Premium Member
Joined
·
8,165 Posts
No. The page title (header) and all content within the site is encrypted. All your ISP can see is the URL you are visiting, nothing else.
 

·
Premium Member
Joined
·
8,165 Posts
Quote:
Originally Posted by sepiashimmer View Post

Thanks for your reply. Even an HTTPS URL like on Twitch, which contains the user ID.
Sorry, to clarify. Your ISP can see the DNS request, i.e. "www.twitch.tv" but they cannot see anything else.

The contents of the URL are encrypted, query strings and anything after the https://www.domain.com cannot be seen.
 

·
New001
Joined
·
2,668 Posts
your isp can see every URL you request.
If you are using a VPN they most likely know it (they'd know all the ip ranges of the popular vpn's)

your isp has a good idea of what you do on the net but they can't see the data protected by private services.
 

·
 
Joined
·
29,532 Posts
Quote:
Originally Posted by spinFX View Post

your isp can see every URL you request.
If you are using a VPN they most likely know it (they'd know all the ip ranges of the popular vpn's)

your isp has a good idea of what you do on the net but they can't see the data protected by private services.
The top bolded part is misleading.
If you're requesting an URL over SSL (e.g. HTTPS), they definitely can not see which URL you're going to, only the hostname because of SNI.

Before SNI, the domain name wouldn't even be visible in plaintext.
Only the DNS query would be obvious for your ISP. This can be solved using DNSCrypt or similar.

As long as you're using an up-to-date and relevant browser (like Chrome or Firefox), you can be sure that whenever you're connected via HTTPS that it's using state of the art encryption that your ISP won't be able to crack - unless you somehow installed a root certificate from your ISP.
 

·
Banned
Joined
·
2,893 Posts
Discussion Starter #7
What about the router company? Where does the encryption happen at the client end or server end? Will the router company be able to see it?
 

·
Premium Member
Joined
·
8,165 Posts
Quote:
Originally Posted by sepiashimmer View Post

What about the router company? Where does the encryption happen at the client end or server end? Will the router company be able to see it?
What do you mean "router company"? If you mean your personal router then no, the encryption happens between the web browser and the end server. So the router just sees encrypted traffic.
 

·
Banned
Joined
·
2,893 Posts
Discussion Starter #9
Quote:
Originally Posted by twerk View Post

What do you mean "router company"? If you mean your personal router then no, the encryption happens between the web browser and the end server. So the router just sees encrypted traffic.
Yes the router we use to connect to the ISP. Thanks for clarifying.
 

·
Banned
Joined
·
2,893 Posts
Discussion Starter #10
I have a Totolink router and I read a report that it had a back door, so I was worried typing login credentials on a network connected through it. Is this something common with all routers? How can I safe guard against it?
 

·
Premium Member
Joined
·
8,165 Posts
Quote:
Originally Posted by sepiashimmer View Post

I have a Totolink router and I read a report that it had a back door, so I was worried typing login credentials on a network connected through it. Is this something common with all routers? How can I safe guard against it?
It doesn't matter if they have a backdoor, they still can't see encrypted traffic.
 

·
 
Joined
·
29,532 Posts
twerk is correct, the idea with encryption is that nobody but the receiver and sender can read it.

The backdoor is most likely something that allows hackers to put custom software on your router. But they still won't be able to decode encrypted data - at best, they'll be able to get your raw encrypted data and then spend centuries trying to crack a couple thousand bytes.
 

·
Premium Member
Joined
·
8,165 Posts
Quote:
Originally Posted by gonX View Post

twerk is correct, the idea with encryption is that nobody but the receiver and sender can read it.

The backdoor is most likely something that allows hackers to put custom software on your router. But they still won't be able to decode encrypted data - at best, they'll be able to get your raw encrypted data and then spend centuries trying to crack a couple thousand bytes.
The most common outcome of backdoors in stuff like routers is they normally get hacked and become part of a botnet, used for DDOSing etc.
 
1 - 13 of 13 Posts
Top