You've been hearing a lot about hackers stealing your personal information, but what's more prevalent is big tech collecting and scraping your personal data sneakily and unilaterally. Sometimes with your "consent", buried in the terms and conditions, sometimes without asking for your consent at all. Harvard Business School professor Shoshana Zuboff called this "Surveillance Capitalism".
Your personal data is collected when you surf the web, use apps, stream video on your Smart TV, even when you exercise and sleep. The “Internet of things” will connect and surveil just about anything imaginable.
It's harder and harder to find a router that doesn't ask you to sign up for an online account and use their app for management. Why? The router vendors are joining the surveillance army.
However, you should not need an Internet connection to manage your router. After all, you should still be able to stream a movie from your local network and print to a local printer when the Internet is down.
Don't make your router part of a spying apparatus. Make it your first line of defense against Surveillance Capitalism.
The answer is VLAN. VLAN (short for Virtual LAN) divides your network into multiple segments for better performance and security. You can use a VLAN to separate your WiFi connected webcams and doorbells from the rest of your network. In case there is a security vulnerability on the webcam or doorbell, it cannot be exploited to attack your computers, NAS, etc.
However, most routers do not offer VLAN functionality. And on the few that do support VLAN, it's hard for the average user to set up.
On the pcWRT, we try to make it as easy as possible. We think we've done a pretty good job at it. But please take a look at our demo and let us know!
No security focused router is complete without support for VPN. The pcWRT router comes with plenty of options to cover a wide range of VPN usage scenarios.
It supports three VPN protocols: WireGuard, IPsec IKEv2 and OpenVPN. Runs both as VPN client and VPN server.
In VPN client mode, you can choose to tunnel everything through the VPN connection or selected networks through the VPN connection. With the latter, you can split your traffic between the VPN connection and your ISP connection, and switching VPN on and off is as simple as connecting to a different WiFi SSID. Router configuration guarantees that there's no DNS leak or WebRTC leak. Kill switch is no longer needed because connectivity will be automatically cutoff when the VPN connection is down.
In VPN server mode, you can mark selected users as guests. These users will have access to the Internet through your VPN server but no access to your internal network. If you have VLAN configured on the router, you can also select which VLANs your VPN users will have access to.
With the pcWRT router builtin VPN functionalities, it is easy to achieve advanced configurations such as site-to-site VPN and sharing streaming accounts between two houses.
Create different filtering profiles for different groups of devices. Set flexible filtering policies with your choice of DNS filters (OpenDNS, CleanBrowsing, Cloudflare, NextDNS etc.) and local black/white lists. And, just a notch above your ordinary DNS filters, pcWRT Access Control cannot be bypassed with Private DNS (e.g., DNS over HTTPS or DNS over TLS).
Pause the Internet, enable safe search for multiple search engines with a single click. Enforce YouTube Restricted or Moderate Restricted mode for selected profiles.
Block your Smart TV (or any other IoT device) from spying on you with a profile in white listing filtering mode.
Schedule Internet access with one or multiple calendars by profile and domains.
Highly configurable local black and white lists. You can block by domain names or partial domain names, protocols, ports or port ranges, IP addresses or IP address ranges. You can even enter regular expressions if you so prefer.
Your computers, smart phones, Smart TVs, security cameras, thermostats, digital assistants, baby monitors and other connected devices all send and receive data from the Internet. But do you know where the data is going? How much data is sent and received?
The pcWRT router provides insights to these questions through the Internet access logs and the Bandwidth Monitor.
If you're worried about children getting on wrong websites or spending too much time on YouTube or social media, Internet logs and Bandwidth Monitor are your friends. These logs cannot be wiped out by deleting browsing history and cannot be hidden by using incognito mode.
There are two sides to ad blocking. On the visible side, you block annoying and intrusive ads from displaying. On the invisible side, you stop the trackers from following you around. Ever wonder how some adverts follow you from Ebay to Amazon to Facebook? That's the trackers at work. As you'd expect, trackers, while invisible, are more detrimental to your privacy.
Browser plugins can block ads while you are using a browser, but they can't block ads in your apps. Nor can they stop your Smart TV from spying on you.
Tech savvy users set up a pi-hole box on their home networks for network-wide ad and tracker blocking. But such a setup is out of reach for the average home user.
On the pcWRT router, you can enable network-wide ad and tracker blocking with a single click.
What's unique about pcWRT is, you can also pause ad blocking with a single click. So when you see a good deal and want to follow up, just click the Pause button.
DNS over HTTPS encrypts your DNS queries, therefore, provides another layer of protection for your security and privacy. It prevents man-in-the-middle attacks and hides your DNS queries from ISPs and mobile carriers. Since Internet providers collect "staggering" amounts of data, enabling DNS over HTTPS on your router will go a long way in protecting your privacy.
The pcWRT router is integrated with all major DNS over HTTPS services. You simply enable DNS over HTTPS and select the service you want to use.
To provide ultimate configurability, the router also allows you to enter your own custom DNS over HTTPS service. For example, you can configure the router to use your personal DNS over HTTPS URLs for NextDNS.
WireGuard® is a registered trademark of Jason A.Donenfeld.