How secure is Voom

[nadinenurse1]

So, I like work, yes I love my job and want to check in read work emails while on the boat. Would the security be the same as on any public system, let’s say like Disney World type of internet Security ?  Thank you😁

[Biker19]

1 hour ago, nadinenurse1 said:

 Would the security be the same as on any public system, let’s say like Disney World type of internet Security ?

Not sure about that comparison, but everyone can connect to the ship's WiFi. Once authenticated, the VOOM connection is handled by the sat operator, Hughes or O3B. If you are concerned with security, a VPN is a must.

[Clarea]

1 hour ago, nadinenurse1 said:

So, I like work, yes I love my job and want to check in read work emails while on the boat. Would the security be the same as on any public system, let’s say like Disney World type of internet Security ?  Thank you😁

 

Not secure at all.  You must make sure that whatever you do is encrypted end to end.

[sxphil]

Security is poor as said above a VPN is a must if you are doing anything more than a bit of social media

 

That being said you are in a closed environment and any hacker would have to be a Passenger or Crew Member unlikely

 

Personally I try and switch off so only bring my Fire Kindle. I guess if you really need the internet I may be trying to teach GranMa to suck eggs

 

[klfrodo]

I work also and there is no security in Public WiFi.

Use a VPN

[Clarea]

45 minutes ago, sxphil said:

 ...

 

That being said you are in a closed environment and any hacker would have to be a Passenger or Crew Member unlikely ...

 

 

Also anyone in the RC Miami network department.

[bobmacliberty]

Ditto the comments on using a VPN.  In fact, use a VPN for ANY public WiFi.  Check out this video about a $100 device called a WiFi Pineapple that can insert itself between you and the Internet (aka a Man in the Middle attack), capturing everything that you send that is not encrypted.

 

General advice...if you are ever in a public place where there are a LOT of wireless networks available, be afraid.  Someone may be using a WiFi Pineapple.  Many more WiFi Pineapple related videos if you want to scare yourself further.

[Sizzlechest]

To everyone recommending a VPN: STOP! It's not supported.

 

Chances are your email server at work is communicating over an encrypted link. Make sure your browser is using the https: versions of the links to your sites like Facebook, etc.

[Clarea]

1 minute ago, Sizzlechest said:

To everyone recommending a VPN: STOP! It's not supported. ...

 

Some are and some aren't.

[Sizzlechest]

guarantee

40 minutes ago, Host Clarea said:

 

Some are and some aren't.

 

Then RCL should provide a list of ones that do. According to the staff on the ship, it's unsupported. Until RCL can guarantee that a particular VPN solution works, you cannot suggest using it.

 

They are definitely doing QOS or some other kind of packet priority. Streaming from one of the major services like Hulu or Netflix works well. Try to stream video at a lower bandwidth from a private IP address and it won't work. The only way a VPN is going to work for sure is if RCL officially supports it. Otherwise, you're going to have to rely on https. There aren't many major services that don't support https, so I'm not sure why a VPN is a must.

[Clarea]

9 minutes ago, Sizzlechest said:

guarantee

 

Then RCL should provide a list of ones that do. According to the staff on the ship, it's unsupported. Until RCL can guarantee that a particular VPN solution works, you cannot suggest using it.

 

They are definitely doing QOS or some other kind of packet priority. Streaming from one of the major services like Hulu or Netflix works well. Try to stream video at a lower bandwidth from a private IP address and it won't work. The only way a VPN is going to work for sure is if RCL officially supports it. Otherwise, you're going to have to rely on https. There aren't many major services that don't support https, so I'm not sure why a VPN is a must.

 

There are VPNs that use port 443 (HTTPS).

[Sizzlechest]

15 minutes ago, Host Clarea said:

 

There are VPNs that use port 443 (HTTPS).

 

Why does the port matter? Anything can use any port. That doesn't make it secure. VPN is not https. In fact, it doesn't use TDP. (If it does, you shouldn't be using it.)

[Clarea]

Just now, Sizzlechest said:

 

Why does the port matter? Anything can use any port. That doesn't make it secure. VPN is not https. In fact, it doesn't use TDP. (If it does, you shouldn't be using it.)

 

The port matters because 443 will not be blocked by anyone, else websites won't work.

[Sizzlechest]

Just because a VPN uses port 443 doesn't mean the packets are going to be sent/received in a timely matter.

[Clarea]

Just now, Sizzlechest said:

Just because a VPN uses port 443 doesn't mean the packets are going to be sent/received in a timely matter.

 

Obviously, but if the VPN uses a blocked port or protocol, then the packets won't be passed at all.  At least they have a shot on 443, which is why I believe the Cisco AnyConnect VPN has been reported to work.

[Sizzlechest]

1 minute ago, Host Clarea said:

 

Obviously, but if the VPN uses a blocked port or protocol, then the packets won't be passed at all.  At least they have a shot on 443, which is why I believe the Cisco AnyConnect VPN has been reported to work.

 

Like I said. Unless RCL wants to come out and say which products will definitely work, you can't recommend them. Second, I still haven't heard a reason why it's necessary.

[Clarea]

1 minute ago, Sizzlechest said:

 

Like I said. Unless RCL wants to come out and say which products will definitely work, you can't recommend them. Second, I still haven't heard a reason why it's necessary.

 

We will just have to disagree on this.

[Aduntu]

20 minutes ago, Sizzlechest said:

 

Like I said. Unless RCL wants to come out and say which products will definitely work, you can't recommend them. Second, I still haven't heard a reason why it's necessary.

 

VPNs can obfuscate everything, including DNS, which is not done when relying on individual connections via HTTPS. When you have low confidence in the provider, a VPN is always superior. That said, risk is still low without it, but there's no harm in trying.

Edited July 30, 2019 by Aduntu

[Sizzlechest]

11 minutes ago, Aduntu said:

 

VPNs obfuscate everything, including DNS, which is not done when relying on individual connections via HTTPS. When you have low confidence in the provider, a VPN is always superior. That said, risk is still low without it, but there's no harm in trying.

 

I would rather tell people to use something that WILL work like HTTPS Everywhere with no performance hit than set up a VPN and hope for the best. If you knew how to set up a VPN, it's something to try. For the average user, it is not.

 

The average user doesn't want to leak their personal info while connecting to Facebook. The average user isn't concerned if RCL or anyone else finds out they're connecting to Facebook. If you plan on going to seedy areas of the Internet, then yeah, you might want that to be kept a secret.

 

BTW, Teamviewer wasn't usable. It could connect and I got it to mouse click some things with extreme lag once or twice, but it was unusable. It's not a port thing. It's what RCL allows and/or optimizes their network for.

[Aduntu]

4 minutes ago, Sizzlechest said:

 

I would rather tell people to use something that WILL work like HTTPS Everywhere with no performance hit than set up a VPN and hope for the best. If you knew how to set up a VPN, it's something to try. For the average user, it is not.

 

The average user doesn't want to leak their personal info while connecting to Facebook. The average user isn't concerned if RCL or anyone else finds out they're connecting to Facebook. If you plan on going to seedy areas of the Internet, then yeah, you might want that to be kept a secret.

 

BTW, Teamviewer wasn't usable. It could connect and I got it to mouse click some things with extreme lag once or twice, but it was unusable. It's not a port thing. It's what RCL allows and/or optimizes their network for.

 

I don't think anyone is suggesting the average person try setting up their own VPN ahead of time. But a lot of folks, especially on their work devices, already have it. In those cases there's no harm in trying.

[AlanF65]

Well our work uses a ssl vpn that worked fine on Ovation.

I use a VPN on my phone and it worked fine.

Our MSP send us the vpn  links to download and they support it. I guess it depends on what level of support the OP's work has. I used my MSP support on the ship.

[Clarea]

19 minutes ago, Sizzlechest said:

 

I would rather tell people to use something that WILL work like HTTPS Everywhere with no performance hit than set up a VPN and hope for the best. If you knew how to set up a VPN, it's something to try. For the average user, it is not.

 

The average user doesn't want to leak their personal info while connecting to Facebook. The average user isn't concerned if RCL or anyone else finds out they're connecting to Facebook. If you plan on going to seedy areas of the Internet, then yeah, you might want that to be kept a secret.

 

BTW, Teamviewer wasn't usable. It could connect and I got it to mouse click some things with extreme lag once or twice, but it was unusable. It's not a port thing. It's what RCL allows and/or optimizes their network for.

 

I think I may see one reason why we don't agree.  I think we are talking about two different things.  You are talking about what the industry has historically called a proxy server, but the media/advertisers are now confusingly calling a VPN.  I use a VPN to securely tunnel into another network.  I'm not using the VPN for web browsing.

[Sizzlechest]

1 minute ago, Host Clarea said:

 

I think I may see one reason why we don't agree.  I think we are talking about two different things.  You are talking about what the industry has historically called a proxy server, but the media/advertisers are now incorrectly calling a VPN.  I use a VPN to securely tunnel into another network.  I'm not using the VPN for web browsing.

 

Nope, not talking about a proxy server. You keep missing the fact that RCL is optimizing their network for streaming from large providers like Hulu, Amazon, and Netflix. Packets from those server IP ranges get priority. Your company's IP address for its VPN server doesn't. Your Slingbox streaming low bandwidth video from your home doesn't work. A Teamviewer connection doesn't work even though it's practically a series of still images. Don't obsess over the ports or encryption. VOOM is not going to treat your packets the same as the ones coming from the major services.

[Clarea]

3 minutes ago, Sizzlechest said:

 

Nope, not talking about a proxy server. You keep missing the fact that RCL is optimizing their network for streaming from large providers like Hulu, Amazon, and Netflix. Packets from those server IP ranges get priority. Your company's IP address for its VPN server doesn't. Your Slingbox streaming low bandwidth video from your home doesn't work. A Teamviewer connection doesn't work even though it's practically a series of still images. Don't obsess over the ports or encryption. VOOM is not going to treat your packets the same as the ones coming from the major services.

 

Now you've changed the subject to Quality of Service.  My head hurts, I've had enough.

[Sizzlechest]

1 minute ago, Host Clarea said:

 

Now you've changed the subject to Quality of Service.  My head hurts, I've had enough.

 

I never changed the subject.