Jump to content
Cruise Critic Community
kruisey

How secure is the ship internet?

Recommended Posts

For stuff like personal banking and the such?

Share this post


Link to post
Share on other sites

As secure as using your laptop in a public library.

Always log off and power down when not in use.

Share this post


Link to post
Share on other sites
Posted (edited)

Not secure.

 

I use a SSL VPN.

Edited by Coral

Share this post


Link to post
Share on other sites

I will second the need for the use of a VPN while using any public internet connection. They very cheap added insurance for your internet browsing protection. 

 

“Don’t leave home without it” 

 

Share this post


Link to post
Share on other sites

Not secure at all....I would do my banking BEFORE I left home.

Share this post


Link to post
Share on other sites
Posted (edited)

The connection to a bank is typically encrypted (https). The risk is then a man-in-the-middle attack: Where you connect to the hacker, (via http) and the hacker connects to your bank (via https). They can then see all your traffic. One way to defeat the attack is to make sure you are connected via https, and not http. Note: A hacker could create their own HTTPS connection (you connect to them via HTTPS, so you don't see HTTP), so looking for HTTPS is not 100% reliable.

 

Note: I am guessing that the Apps of the various banks force a specific HTTPS connection, so they should be less susceptible to a man-in-the-middle attack. The trojan hacker HTTPS should be rejected by the App.

 

Note 2: I would suspect that a Crew Member is less likely to try and create an attack. So, you are left with a rouge passenger doing the attack. Not as likely to happen than with a public wifi at a fixed starbucks type location.

 

Maybe roaming the ship while you are connected could defeat it. The spoofed wifi would likely be highly localized (say a pool area). If you start the connection there, and then roam to the buffet area, you would change to the true ship's wifi, and defeat the hacker. Now, if someone managed to hack the ship's system ...

 

 

Edited by richmke

Share this post


Link to post
Share on other sites
1 minute ago, Colo Cruiser said:

This.....

That wasn't the original question.

Share this post


Link to post
Share on other sites
1 minute ago, richmke said:

That wasn't the original question.

Not secure wasn't for the original question?

OK what am I missing?

Share this post


Link to post
Share on other sites
Just now, Colo Cruiser said:

Not secure wasn't for the original question?

OK what am I missing?

The original post was asking if the Ship's Internet is Secure. Not, how to secure an internet connection.

Share this post


Link to post
Share on other sites
Just now, richmke said:

The original post was asking if the Ship's Internet is Secure. Not, how to secure an internet connection.

And I quoted "NOT SECURE".

Share this post


Link to post
Share on other sites
7 hours ago, kruisey said:

For stuff like personal banking and the such?

 

Figure you are in public and everybody is reading everything.

 

The overlooked issue with VPNs (virtual private networks) is that the ship's router issues you a new, different IP address and a compromised router can hijack your VPN session itself as your VPN provider tries to authenticate you at that new IP address.

 

Such calls for more skill than a ship's rogue IT worker is likely to have.  Keyword: "likely".

Share this post


Link to post
Share on other sites

Don’t know how long you’re sailing is, but to be safe, perhaps you should set up your transactions that are necessary prior to boarding, just to keep your mind at ease. Enjoy your cruise!

Share this post


Link to post
Share on other sites
2 hours ago, richmke said:

The connection to a bank is typically encrypted (https). The risk is then a man-in-the-middle attack: Where you connect to the hacker, (via http) and the hacker connects to your bank (via https). They can then see all your traffic. One way to defeat the attack is to make sure you are connected via https, and not http. Note: A hacker could create their own HTTPS connection (you connect to them via HTTPS, so you don't see HTTP), so looking for HTTPS is not 100% reliable.

 

Note: I am guessing that the Apps of the various banks force a specific HTTPS connection, so they should be less susceptible to a man-in-the-middle attack. The trojan hacker HTTPS should be rejected by the App.

 

Note 2: I would suspect that a Crew Member is less likely to try and create an attack. So, you are left with a rouge passenger doing the attack. Not as likely to happen than with a public wifi at a fixed starbucks type location.

 

Maybe roaming the ship while you are connected could defeat it. The spoofed wifi would likely be highly localized (say a pool area). If you start the connection there, and then roam to the buffet area, you would change to the true ship's wifi, and defeat the hacker. Now, if someone managed to hack the ship's system ...

 

 

I agree with your arguments.  The most likely threat to a secure connection would be a compromise of the ship's comm infrastructure, such as their routers snd switches by rogue parties including an inside job.

Share this post


Link to post
Share on other sites

Will be away on long trip.Guess I will pay double in advance .You have put the wind up my sail's.😮😨😮.

Share this post


Link to post
Share on other sites

I use ExpressVPN but I'm still not casual about any sort of financial transactions when traveling. It's best to avoid doing anything of the sort onboard a ship.

Share this post


Link to post
Share on other sites

The ship internet is fairly secure in that the crew is much too busy to monitor the internet.  Continual monitoring the internet is expensive as we all know.  Remember you are on a vessel so local monitoring is minimal.  I do access certain financial accounts that I need to use on longer cruises but change the passwords before leaving home and immediately after returning.  Not a fool proof method but one more block to the bad guy.  Always use longer passwords (12 characters+) with numbers, capital and small letters and special characters like ! and change them often.

Share this post


Link to post
Share on other sites
20 hours ago, kruisey said:

Will be away on long trip.Guess I will pay double in advance .You have put the wind up my sail's.😮😨😮.

That's what I do.  I don't trust any public system.

Share this post


Link to post
Share on other sites

How many people have had a problem connecting to a bank from a cruise ship?  Do you know of anyone? Ever heard of anyone ?

Share this post


Link to post
Share on other sites
Posted (edited)
4 minutes ago, Bootman4U said:

How many people have had a problem connecting to a bank from a cruise ship?  Do you know of anyone? Ever heard of anyone ?

 

The main problem with connecting to a site with high security (bank) is that they will see a new location, and may subject you to extra verification steps. A typical one is calling or texting you. That can be a problem when you are on the high seas, or foreign location.

 

Typically, the App is a better way to minimize the verification problem. Assuming you have accessed the bank from an App, the bank has some comfort that it is you (when you access again from the same app), especially if you have password/finger print enabled on the app.

Edited by richmke

Share this post


Link to post
Share on other sites

Most likely secure, as posted make sure you use a modern browser, and verify that you connect via https.  Click on the lock in the URL bar at the top of your browser, it will tell you if their SSL certificate is valid. If it isn't disconnect immediately. The SSL certificate is hard to explain, but, it verifies the identity of the site you are connecting to.

The one issue I had using a VPN last spring was that you can't just go to logout.com to logout. You have to disconnect form teh VPN to do that. I use a Google Pixel, which by default uses Google's VPN service.

Share this post


Link to post
Share on other sites

If I'm dealing with my credit card company at sea I not only use a VPN but also use their app. I actually get a notification every time my credit card is used. Usually within about 30 seconds of the transaction. When I've purchased multiple FCD while on the ship I get a notice saying something like, "It looks like you were charged twice" and asking if I made the transactions.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Forum Jump
    • Categories
      • Q&A: Cruise Insurance with Steve Dasseos of TripInsuranceStore.com
      • Forum Assistance
      • New Cruisers
      • Cruise Lines “A – O”
      • Cruise Lines “P – Z”
      • River Cruising
      • ROLL CALLS
      • Digital Photography & Cruise Technology
      • Member Cruise Reviews
      • Special Interest Cruising
      • Cruise Discussion Topics
      • UK Cruising
      • Australia & New Zealand Cruisers
      • North American Homeports
      • Ports of Call
      • Cruise Conversations
×
×
  • Create New...