52

If I delete my router's history, is it still visible and can my ISP still provide it to my parents? Or is it deleted from existence?

Glorfindel
  • 2,235
  • 6
  • 18
  • 30
madur
  • 537
  • 1
  • 4
  • 4
  • 6
    Are your parents the "owners" of the account or is the internet in your name only? – NathanOliver Feb 27 '19 at 17:23
  • 3
    I actually tried this when I was a kid, although this was a cellular provider. I did use incognito, but my parents noticed the charge on the bill (wasn't that much, just a few $). They phoned the provider, but didn't get anything. Most likely the call center employees don't have access to the data, and the company doesn't care enough that someone would go and retrieve it without a court order. – Jonas Czech Feb 27 '19 at 18:32
  • It's possible that the ISP is simply not logging this information at all. But you cannot rely on that. – Michael Hampton Feb 27 '19 at 19:27
  • @MichaelHampton , Absolutely can't reply on them not logging it. I have yet to hear of *any* ISP that doesn't log their customers' info – Jaskier Feb 27 '19 at 21:07
  • 19
    @NeepNeepNeep "If you're that worried, employ incognito mode, only use DuckDuckGo (or similar) as your search engine and always browse using a VPN"... none of which helps him out. The OP asked at the ISP. The ISP would still have that info... and even the VPN only helps to a point -- because DNS requests are still exposed. – MGoBlue93 Feb 27 '19 at 23:31
  • 66
    @MGoBlue93 **That is incorrect.** A properly configured VPN for privacy from your ISP will _not_ expose DNS requests. Everything, including DNS, goes through the VPN. – forest Feb 28 '19 at 02:12
  • 1
    Note that in several jurisdictions including the EU ISP's are required by law to record internet access to some degree: https://en.wikipedia.org/wiki/Data_retention#European_Union – idmean Feb 28 '19 at 10:11
  • 1
    @idmean but they are likely be forbidden to disclose those logs to anyone than court. Even to the contract owner. Depends on jurisdiction – usr-local-ΕΨΗΕΛΩΝ Feb 28 '19 at 12:29
  • 27
    @MGoBlue93 "A or not A" *are* two binary choices. Forest specified a properly configured VPN for their answer, your comment says a VPN can only help to a point. Sure, there are infinite ways to not properly configure a VPN and thousands of VPNs that don't provide automatic proper configurations, but if the VPN is properly configured, then DNS requests are not exposed. Also, Forest did not attack you, they pointed out an error. Attacking is what you are doing by directing an insult at Forest (calling that person uneducated), and claiming they are attacking you. – Davy M Feb 28 '19 at 18:18
  • 1
    @idmean you did see the part saying: **On 8 April 2014, the Court of Justice of the European Union declared the Directive 2006/24/EC invalid for violating fundamental rights.** – Josef Mar 02 '19 at 18:18
  • Is ISPs logging customer traffic *and handing those logs back to the customer upon request* a thing these days? Long ago both of these would have been unheard of (the first without a lawful wiretap order; the latter at all). – R.. GitHub STOP HELPING ICE Mar 02 '19 at 20:54
  • @R.. in Sweden, they have to keep the logs for two weeks by law. When asked, their protocol is to drag their feet until 15 days have passed and say "oops, too late, they were automatically deleted". – Davidmh Mar 05 '19 at 10:24

8 Answers8

139

If I delete my router's history, is it still visible and can my ISP still provide it to my parents? Or is it deleted from existence?

Your ISP's record of your network usage isn't in any way affected by you doing anything to your router. You could wipe its memory, subject it to an EMP, and crush its chips to dust, and it wouldn't have any effect on them. :-) They maintain their own logs, which you cannot delete.

Whether your ISP will provide that information to your parents is another question, I expect it varies by locale/jurisdiction and possibly ISP.

You can make it (nearly) impossible for your ISP to know what sites you're visiting by using Tor or similar. The project includes Tor Browser, based on Firefox ESR, which makes it really easy to browse over Tor. You can also use the Brave browser (no affiliation), based on the Chromium project, in its "Private window with Tor" mode. This is not user-configuring a browser for Tor (which the Tor project advises against, it's too easy to miss out important things), it's a browser from privacy-obsessed people with a Tor-enabled private browsing mode. Both Tor Browser and Brave have trade-offs, see this tweet thread (in particular the replies from Tom Lowenthal, their Security & Privacy PM). Some people say "You should never browse with Tor with anything but Tor Browser" but it's more nuanced than that.

T.J. Crowder
  • 975
  • 1
  • 5
  • 7
  • Comments are not for extended discussion; this conversation has been [moved to chat](https://chat.stackexchange.com/rooms/90463/discussion-on-answer-by-t-j-crowder-if-i-delete-my-routers-history-can-my-isp). – Rory Alsop Mar 01 '19 at 21:24
  • 1
    Please note that Brave browser has vastly inferior fingerprinting resistance compared to Tor browser. While the mere use of Tor is sufficient to avoid ISP-level sniffing, the use of an alternate browser like Brave makes it possible for the websites you visit to uniquely identify your computer across visits. – forest Mar 03 '19 at 04:14
  • 2
    @forest using a non-common browser opens the user up to fingerprinting, but the product claims to deal with this. Citation needed for your critique. – schroeder Mar 04 '19 at 10:39
  • @schroeder Run an HTML5 feature test on the two browsers and see if they match. – forest Mar 13 '19 at 07:58
38

Routers usually do not store history and ISPs, while they may record such things on internal logs, do not give them out to anyone without a court order. You do not need to worry about your parents finding the naughty sites you visited unless it's in your browser history. Just turn on incognito mode and don't worry.

While it is theoretically possible that some ISPs may have a child-safe mode where they record and even report visited sites to the account holders, I have never heard of this happening. It would also be fraught with legal risks, so it is unlikely to be a realistic threat. If you are worried about that threat, you can use a VPN or Tor to encrypt the connection going through your ISP so they cannot log anything.

forest
  • 64,616
  • 20
  • 206
  • 257
  • 68
    I don’t think that’s a safe assumption. The ISP might turn over records of an account’s activity to the legitimate account holder without a court order. – John Deters Feb 27 '19 at 15:52
  • 16
    If the OP's parents are the account holder it's perfectly reasonable for the ISP to give them log data, since it is their data. – NathanOliver Feb 27 '19 at 17:21
  • 4
    @NathanOliver Wouldn't that depend on jurisdictions pretty heavily? I assume GDPR would cover that; but in other places, is there anything that actually suggests the data they legally collect about you is still "yours"? – JMac Feb 27 '19 at 17:37
  • 1
    I would think it wouldn't matter as it is the account holder asking for the information. That said, [it looks like they probably wont give it to them](https://security.stackexchange.com/questions/71893/will-an-isp-give-out-network-traffic-info-upon-request) – NathanOliver Feb 27 '19 at 17:41
  • 3
    @JMac Why would the GDPR apply here? What websites were visited from an IP doesn't seem "personal data" and would certainly be covered by pseudonymisation no? – Voo Feb 27 '19 at 18:56
  • @Voo I really don't know much about GDPR specifics, beyond that it relates to information that websites are allowed to collect and how they handle it. I don't know exactly what counts as personal, but that is pretty irrelevant to the point I was trying to make anyways. The real point is that outside of GDPR zones, I can't think of much reason to assume that your ISP logs belong to anyone besides the ISP. What you're saying would only make that even worse. – JMac Feb 27 '19 at 19:04
  • 2
    @JMac If GDPR applies, then its data minimization requirements apply. I can't imagine an ISP could make a good case for actually needing to keep browsing logs for, and attributed to, individual customers. Even if they are running a caching transparent proxy, which could perhaps be reasonable from a business point of view, that can be done without storing information on *who* is making each specific request. – user Feb 27 '19 at 21:16
  • 7
    @Voo I'm pretty sure that IP address plus date and time counts as personally identifiable data under the GDPR. Even if it doesn't *actually*, it's certainly borderline enough that any DPO worth their salt should advice strong caution. – user Feb 27 '19 at 21:17
  • 3
    @JohnDeters I am not certain it is entirely lawful for ISPs to give logs to acct holders if there are multiple users of that account. They still might, but it might fall under invasion of privacy. Picture a tenant holder subletting or renting out a room w/ access to internet. In that case it is most certainly invasion of privacy. In these GDPR ages it actually might not be so easy to get your own logs. – Stian Yttervik Feb 27 '19 at 23:03
  • @StianYttervik , my point is that different jurisdictions around the world may have different rules or laws that they would abide. – John Deters Feb 28 '19 at 02:16
  • 1
    This is purely anectodal, but I remember a cellphone company providing me with a list of websites I visited on the phone, broken out to show bytes transmitted. Presumably if my traffic to one website accounted for a large portion of my data plan, I'd ammend my utilization. – Cort Ammon Feb 28 '19 at 03:55
  • 3
    @aCVn "I can't imagine an ISP could make a good case for actually needing to keep browsing logs for, and attributed to, individual customers.".. there's legal requirement to keep all that information at least 6 months and up to 2 years. And if giving your customer access to their own data violated the GDPR, why do phone companies still provide their customers with a list of what numbers were called when and for how long? Seems pretty equivalent. (I'd think that the GDPR's right to access even guarantees that the ISP couldn't deny the request). – Voo Feb 28 '19 at 08:34
  • ISPs in various countries have an established pattern of (illegally) handing out account data without court order. This might be less frequent now but it was frequent almost to the point of epidemic a few years ago. I wouldn’t trust ISPs with data privacy. – Konrad Rudolph Mar 01 '19 at 11:43
  • @Voo in which country does this law to store browsing history exist and what is it called? – Josef Mar 04 '19 at 13:39
  • @Josef I was thinking of the Data Retention Policy, but that was declared unconstitutional in 2014 (missed that somehow). Still in Germany there is the Telecommunications Act which requires ISPs to store certain data, although for not as long. Although some quick research shows that the legal situation is.. complicated, so who knows what's really required now. – Voo Mar 04 '19 at 14:44
12

ISPs can absolutely log traffic upstream from your router.

The easiest way for an ISP to inspect what users are doing is by inspecting logged dns queries. People can get around this by using non ISP dns servers such as 1.1.1.1 (cloudflare dns) or 8.8.8.8 (google dns)

The next easiest is to actually log connections. To get around this, people use VPN or an onion router such as Tor. This causes the traffic to all go out over a single encrypted tunnel (or in the case of tor many encrypted tunnels) till it leaves the network owned by the snoopers. The Opera browser now includes free ephemeral VPN. If you wanted to build your own openvpn server in the cloud there are some setup scripts on github. If you live under a repressive government they will try to block or disrupt VPN traffic (note to representatives of repressive governments, privacy is necessary for information security and basic human dignity). In that case you may wish to explore shadowsocks.

Do be aware that most free VPN services fund their operation by monetizing your traffic data. This means they actively collect and actively sell your connection data. This might be preferable to being watched by people who know you, but do keep it in mind.

Opera VPN + cloudflare DNS should provide privacy ISP from account owners. Do be aware of local cached data (incognito mode is your friend here). Tor works too. Keep in mind that Tor traffic has a distinctive fingerprint. Network administrators who are interested in who might be doing illegal things can watch for that traffic. There was a report recently of a college student who sent a threatening email in order to delay an exam. The network administrators simply checked network logs for who on campus was using Tor during the minute the email was received and then said student received a knock, some new chrome bracelets and didn't have to worry about exams anymore.

jorfus
  • 441
  • 3
  • 6
  • 1
    VPN traffic also has a pretty significant fingerprint, so if someone is logging DPI data they can just as easily look for signs of VPN traffic as for signs of Tor traffic. As for Tor, someone said (I think it was in a DEFCON presentation) that it is designed to *make Tor users look alike, not make Tor users look like non-Tor users*. Tor offers anonymity, not privacy or confidentiality (and if the baseband traffic is unencrypted and/or unauthenticated, it's actually probably easier to track people who are using Tor, and mess with their traffic, due to the relatively small number of exit nodes). – user Feb 27 '19 at 21:22
  • Regarding previous comments. Absolutely, VPN traffic has a distinctive fingerprint. It often uses distinctive TCP or UDP ports (VPN comes in a handful of varieties). Even when it uses a common port such as 443 it has distinctive characteristics. We know this because the great firewall of china is able to block and/or degrade SSL VPN traffic. I'd further suggest though that there are many common and legitimate uses of VPN so most network admins don't flag it for review. I would say Tor traffic is far less likely to fly under the radar. – jorfus Feb 28 '19 at 18:25
  • I'm not sure if it matters enough, you should consider mentioning that an ISP could inspect your DNS traffic to 1.1.1.1 (or others) as well. It requires DPI on their end, but is feasible enough that they may decide to implement it. Also, if you are using a VPN, ideally your DNS will be routed through the tunnel as well, so the choice of which DNS provider you use matters less (in terms of ISP snooping at least). – Vidia Feb 28 '19 at 22:10
  • @Vidia some DNS providers, such as 1.1.1.1 or 8.8.8.8 implement DNS-over-HTTPS. Your ISP may still know which websites you are visiting through other means (eg. TLS-SNI) but your DNS requests should be safe from eavesdroppers. – Droplet Mar 01 '19 at 14:27
  • 2
    @MGoBlue93 This depends on how you configure the VPN. When using it to avoid ISP-level wiretapping, you can configure it to send _all_ network traffic through the VPN tunnel, including DNS. When this process fails due to misconfiguration, it's often termed a "DNS leak". – forest Mar 03 '19 at 04:29
7

Your parents will not normally have the authority to retrieve data from the ISP.

An ISP does not offer this type of information on request. You need some type of government warrant before they're released, and the process is non-trivial.

If you're worried about pr0n and simply silly stuff, then don't worry about it.

If you're Dread Pirate Roberts v2.0, and am asking on Stack Exchange for answers... this is a VERY ironic turn of events... since v1.0 was busted via Stack Exchange!

Nelson
  • 339
  • 2
  • 10
  • 4
    Thanks to the current FCC, ISPs are legally able to sell anyone's browser history--they just won't sell to commonfolk. – Alkanshel Mar 01 '19 at 23:44
1

In answer to the OP's actual questions.

Yes, it is still visible and not deleted from existence.

So anything you have looked at will be available for your ISP to deliver to the account holder or law enforcement/government agencies etc.

Now if you want to stop the data being so easy to gather, (not impossible but shall we say financially restrictive) look at the other answers which show you some good ways of providing deniability, note I do not say you could hide you were up to something. If your parents say you've been using Tor or a VPN you can always say it was to look at TV shows that were restricted in your country rather then searching for well whatever triggered your original question.
Also don't use incognito mode it hides nothing from your ISP it only stops the local browser from storing your browser history.

forest
  • 64,616
  • 20
  • 206
  • 257
Gawainuk
  • 316
  • 1
  • 4
  • 1
    "Also don't use incognito mode it hides nothing from your ISP" But then doesn't the browser history defeat the need to contact the ISP? Should probably say "don't use only" – Tezra Mar 04 '19 at 13:21
  • @Tesra Some of the other people appeared to be suggesting that using incognito mode would help the O/P. I just wanted them to know that it wouldn't :) – Gawainuk Mar 05 '19 at 10:41
1

Any website you browsed will be saved in ISP software (ex: MikroTik) which shows IP address, time and browsed url. If you have multiple devices running on same internet connection, even then information is going to be saved in ISP logs.

Only way to hide websites you are using is by securing.

  1. VPN: When something is browsed using any browser, first it goes through your internet connection to website which you are looking for but using VPN, first it goes from your internet connection to VPN IP address, then the website you are browsing. At this time your ISP will not be able to log whatever you are browsing, neither google nor any search engine will be able to log your data as they see VPN's IP address than yours.
  2. Firefox Private Browsing or Chrome Incognito prevent history and browsing data from being saved on the computer you’re using, but if there is in fact a piece of network hardware monitoring connections, using these browser features will not help.
  3. Browsec: Its a plugin/extension in firefox & chrome which works as VPN. You can use this if you want only your browser data to be hidden or secured.
Robotic Extremeties
  • 148
  • 1
  • 5
Akram
  • 11
  • 2
0

When you erase the router history, you are hiding which device connected to your router stablished the communication.

The ISP still knows and stores the traffic that outcomes from your router to internet.

To hide traffic to your parents, any secured VPN should be enough: Your ISP will know your are connected to a VPN but not the real traffic. On the other hand, the VPN provider will know the traffic, but in most cases not the origin

So, your parents will need both pieces (ISP & VPN provider) to solve the puzzle. In this way, unless they are federal I think your privacy should be safe.

If you want to play next level, as suggested in previous answers use Tor.

DrJuzo
  • 119
  • 3
  • 1
    This answer is difficult to read and doesn't seem to provide any new / useful information. – Qwertie Feb 27 '19 at 22:53
  • 2
    1. using TOR is not forensics-proof... I know you're using TOR by looking at logs and 2. TOR exposes the OP to a whole different level of abuse. – MGoBlue93 Feb 27 '19 at 23:45
  • @MGoBlue93 It's Tor, not TOR. And if you want to make it difficult to discover the use of Tor, you can use a bridge relay with pluggable transports. That obfuscates the protocol to prevent an ISP from realizing you are using Tor. It is especially useful if your ISP or government tries to censor the Tor network. – forest Mar 03 '19 at 04:26
0

Regular consumer routers save basic identifiers of devices that have been connected to it. Some routers, especially many of the newer ones, do allow basic logging of hostnames or sites visited based on DNS lookups, but usually not full URLs. Some can be configured to send periodic emails of the log. Depending on the router, it may be possible to unplug it to clear the log. If you know how big your router's log is, and you know that email is turned off, you could try to get rid of the old log data by visiting lots of random websites. ISPs generally do not keep logs, at least not logs that they share. Their main concern is with spam being generated from infected customer hosts within their network.

The NSA does log everything that they can, and this might be used against you in the future.

If you do know that logs were kept, then you better act fast and invite some friends over so that they can be blamed for the naughty sites, and set up a temporary Tor exit node or other public proxy on your computer so that you can blame it on that. This is only if the situation is serious.

forest
  • 64,616
  • 20
  • 206
  • 257
Alex Cannon
  • 402
  • 2
  • 7