If you’re like most people, you probably rely on your router to keep your home network secure. But what if someone else is spying on your traffic? There’s a simple way to protect yourself from router sniffing: use a virtual private network (VPN). A VPN encrypts all of your traffic and sends it through a remote server. This makes it difficult for anyone else to intercept your data. VPNs are especially important if you use public Wi-Fi networks. Anyone with access to the network can spy on your traffic and steal your passwords, credit card numbers, and other confidential information. To make sure you’re getting the best VPN service, be sure to research which providers offer the best security features. And always remember to keep your password safe! ..

The information you send from your computer, be it an email, instant message, or request for a web page, passes through dozens of internet routers. What’s stopping them from sniffing all your traffic?

Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.

The Question

SuperUser reader Naughty.Coder wants to know:

Now, we’re not saying there’s a correlation between his username and his curiosity about people sniffing his packets, but this is definitely our favorite SuperUser username/question combination to date.

The Answer

SuperUser Kwaio offers some insight:

If this question and answer pair has piqued your curiosity about protecting your communications, we’d recommend doing a little introductory reading: VPN vs. SSH Tunnel: Which Is More Secure? and Why Most Web Services Don’t Use End-to-End Encryption.

Either use encrypted protocols (HTTPS, SSH, SMTP/TLS, POP/TLS, etc.) or use encrypted tunnels to encapsulate your unencrypted protocols.

For example, if you use HTTPS instead of HTTP, the content of the webpages you fetch will not be readable from those routers.

But remember that they can still save the encrypted packets and try to decrypt them. Decryption is never about “can or can’t”, it’s about “How much time does it take”. So use ciphers and key lengths suitable for the degree of privacy you need, and the “expiration time” of the data you want to “hide”. (meaning if you don’t care if someone gets it a week after the transmission, use a strong protocol. If it’s an hour, you can lower the key length)

Have something to add to the explanation? Sound off in the the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.