Medallion Wi-Fi and VPN Question

[kml246]

3 hours ago, caribill said:

 

That probably will not work as the banks change what they allow.

 

Agreed. More of a push to needing a cell phone, whether wanted or not. 

[kml246]

3 hours ago, BabySarge said:

I/we want the additional security that a VPN may give us when using the internet to access our bank and credit card accounts not only when traveling but also at home.

DH and I have had our PII (personal identifiable information) hacked/compromised twice by Veterans Affairs, once each by the US Army, twice by the Department of Defense for me, and twice by the Office of Personnel Management for me with the latest notification being received two weeks ago.  We both have free credit and identity theft monitoring at all three-credit bureaus for life thanks to said hacking/compromise of our information, but I do everything I can to safeguard it and using a VPN is just another layer.

 

A VPN is an excellent tool to protect your data. I don't use it in my home, whether connected by ethernet or Wi-Fi, as my home network is very secure. I have multiple firewalls, both software and hardware, I don't give out my 45-character Wi-Fi password to anyone, though I do have a separate Guest Network for guests, and I regularly test my network security. You can, however, choose to run a VPN all the time. 

 

The following is not directed at you. It's for the benefit of anyone reading this:

 

Most "hacks" are not hacks, at least not at the start. Those that are truly hacked share some of the blame - weak passwords, no security software, not updating their devices, Many compromises of digital security, however, are from phishing or other attempts at getting the users to voluntarily (most times unknowingly) give up their login credentials by getting them to click on links in emails or texts and entering their data. Sometimes they give up the information by phone. I don't fault the victims in all cases because many of the scammers are very, very good at their deceit.  

 

Here are some links that will help with online security. The first is from Steve Gibson, a well-known internet and computer specialist. He has a free service called ShieldsUP! that will test your computer stealthness, advising you if you are open to hackers. I run these tests monthly, or any time I change hardware or software. I'm happy to say, the tests have always found our devices at home to be 100% hidden from the internet. It can be a little boring to read about this, but it's well worth running all the tests. GRC | ShieldsUP! — Internet Vulnerability Profiling

 

The next links are a couple of websites that have online quizzes for recognizing phishing attempts. They're worthwhile taking to help you to recognize attempts to fraudulently acquire something - data, logins, money, etc. - from you.

5 Phishing Quizzes to Practice at Spotting a Scam (ruralict.com)

Free Phishing Test: Take The Quiz To Test Yourself (intradyn.com)

 

The last bit of advice is for users to stop using one email address for everything. I have several of my own domains and have around 300 email addresses. I use a different email address for each financial institution, online store, forums like Cruise Critic, etc. I'm not saying everyone should go to that extreme, but since you can get free mails from GMail, Outlook, Yahoo, your internet provider, etc., there's no reason to be using just one email. If someone compromises your one email address, you need to change it everywhere, so why risk it? You can set these additional addresses to forward mail to one or two main addresses to make it easier to manage. Along with this advice is password management. Any user that's using the same password in more than one place is seriously compromising their online security. Get a password manager like LastPass, RoboForm, 1Pass, or any of the others and start using it. Our whole financial lives are on the internet, why not invest to make it more secure?

 

Kevin

 

 

[lx200gps]

20 hours ago, Steelers0854 said:

 

Anyone on the ship can very easily conduct a man in the middle attack on you, in fact its probably the easiest place to do it given the lack of connectivity  options (no cellular, no other Wi-Fi networks etc).  Also, anyone connected to the ships network can sniff out unencrypted traffic and can capture your web traffic.  I wouldn’t exactly call it a serious risk, but its a risk nonetheless that can easily be mitigated by using a VPN.

Any chance you've heard of Tails? It's a portable OS that can only be used by booting your PC directly into it via an external USB device. It's very popular with the tin foil hat crowd and it offers a significant upgrade in security over a lowly VPN. I've played with it for a while and like it for its security though perseverance is a bit thin as it doesn't do a good job of "remembering" things like browser bookmarks between sessions.  Still, if you REALLY want to be safe when traveling, it's the way to go.

 

https://tails.boum.org/

[gullgeorge]

Our corporate VPN which runs at a higher security level than a consumer VPN does not work on Princess ships even though I have never had a problem using this VPN at any hotel in the world. 

[Steelers0854]

1 hour ago, lx200gps said:

Any chance you've heard of Tails? It's a portable OS that can only be used by booting your PC directly into it via an external USB device. It's very popular with the tin foil hat crowd and it offers a significant upgrade in security over a lowly VPN. I've played with it for a while and like it for its security though perseverance is a bit thin as it doesn't do a good job of "remembering" things like browser bookmarks between sessions.  Still, if you REALLY want to be safe when traveling, it's the way to go.

 

https://tails.boum.org/

 

This is much more of an apples and oranges discussion.  Tails is really about protecting your physical device, ensuring that if your computer, or in this case thumb drive, is compromised physically the data is unreadable.  Even people that use Tails will use Tor and a VPN to protect their internet traffic like what is being discussed here.  Tails will really not do much for you on a cruise ship as I believe they may block the Tor connection, but I haven’t tested this (edited to add this part i forgot).

Edited July 4, 2022 by Steelers0854

[Steelers0854]

2 minutes ago, gullgeorge said:

Our corporate VPN which runs at a higher security level than a consumer VPN does not work on Princess ships even though I have never had a problem using this VPN at any hotel in the world. 

 

It really doesn’t have anything to do with security level, its more of the the specific VPN protocol that your company uses that is the issue, I can all but guarantee you my VPN has as high of an encryption than your corporate VPN.  Princess blocks particular ports, if your company runs on a specific type of VPN protocol that uses that port it will get blocked.  I believe they do this for network speed/bandwidth protection.  They usually block ports like the ones that you stream on, if you use a VPN in theory you can bypass these restrictions and stream away causing network congestion for your fellow passengers.  

[BabySarge]

On 7/3/2022 at 9:36 AM, Steelers0854 said:

 

I’m sorry but this is incorrect.  Using a VPN on the ship has a significant impact on the Medallion app.  As have been mentioned previously if you have the internet package and turn a VPN on then you will break the majority of the functionality of the Medallion app.  I don’t know the specifics about the app but my guess is that it uses an internal DNS system which the VPN bypasses therefore you cannot get any ship specific content like menus, in app chat, and anything that’s requires you to “be on board” to use.  One of the previous posters mentioned it will show you as off the ship if you turn on the VPN.  So the way I use it is I turn on the VPN only when accessing something sensitive, then turn it back off.

 

Also of note, certain VPN protocols are blocked by Princess.  I don’t remember which ones in particular but if you try and connect using your VPN and it will not connect then try switching the protocols to a different one.  I use NordVPN just like others have said, I very much like it and they have an excellent reputation, but I leave the setting for Nord to select the protocol automatically for me when I get onboard a ship and it always works just fine.  

@Steelers0854 I'm so sorry to be a bother but I wonder if I could trouble you to answer another question for me please regarding your statement I have highlighted in red above.  When you say leave the setting for Nord to select the protocol automatically is that the same things as using "Quick Connect" and letting Nord select which VPN or location it connects to?  I have purchased the Nord VPN and downloaded it and during set up did not see anything for a selection titled "select protocol automatically", just the one about Quick Connect.

[kml246]

11 hours ago, BabySarge said:

@Steelers0854 I'm so sorry to be a bother but I wonder if I could trouble you to answer another question for me please regarding your statement I have highlighted in red above.  When you say leave the setting for Nord to select the protocol automatically is that the same things as using "Quick Connect" and letting Nord select which VPN or location it connects to?  I have purchased the Nord VPN and downloaded it and during set up did not see anything for a selection titled "select protocol automatically", just the one about Quick Connect.

Choosing Quick Connect should be fine. You can choose a country. I usually use United States. 

 

Kevin 

[BabySarge]

6 hours ago, kml246 said:

Choosing Quick Connect should be fine. You can choose a country. I usually use United States. 

 

Kevin 

Thanks Kevin - appreciate all the help and patience.

[kml246]

1 hour ago, BabySarge said:

Thanks Kevin - appreciate all the help and patience.

 

Glad to help, Sarge! 

[Steelers0854]

15 hours ago, kml246 said:

Choosing Quick Connect should be fine. You can choose a country. I usually use United States. 

 

Kevin 

 

This could still cause problems if the setting in the app is wrong.  If you go to your profile by clicking the bottom right had corner of your app with a little person in a circle, then click the settings wheel in the upper right hand corner, then click Protocol and make sure “Use Recommended” is selected.  

 

On 7/20/2022 at 3:57 PM, BabySarge said:

@Steelers0854 I'm so sorry to be a bother but I wonder if I could trouble you to answer another question for me please regarding your statement I have highlighted in red above.  When you say leave the setting for Nord to select the protocol automatically is that the same things as using "Quick Connect" and letting Nord select which VPN or location it connects to?  I have purchased the Nord VPN and downloaded it and during set up did not see anything for a selection titled "select protocol automatically", just the one about Quick Connect.

 

[kml246]

9 hours ago, Steelers0854 said:

 

This could still cause problems if the setting in the app is wrong.  If you go to your profile by clicking the bottom right had corner of your app with a little person in a circle, then click the settings wheel in the upper right hand corner, then click Protocol and make sure “Use Recommended” is selected.  

 

 

 

Correct, but "Use Recommended" is the default setting. I do go into settings and change the recommended server to use United States.

[BuffpilCruising]

On 7/1/2022 at 2:47 PM, Rick&Jeannie said:

I think maybe you are confused about what the Medallion app actually does.  It has NO interaction with the internet once you are on board.  The only time that the app uses the internet is pre-cruise where you can do the majority of your cruise check in.  So...speaking of the app and a VPN is talking apples and oranges.

Personal experience..."no interaction with the internet once you are onboard" *might* depend on how you've logged into the App.  It appears that if you log in using your booking number, app responsiveness is much faster, implying there really is "no interaction...".  However, the app runs MUCH SLOWER if you log in using your e-mail address.  Haven't confirmed the differences with Princess IT , but it seems like using e-mail login involves communicating across the satellite internet link to shore-side networks.  YMMV, but our five-person travel party all got similar speed-ups when switching app login to Booking #.

[kml246]

19 hours ago, BuffpilCruising said:

Personal experience..."no interaction with the internet once you are onboard" *might* depend on how you've logged into the App.  It appears that if you log in using your booking number, app responsiveness is much faster, implying there really is "no interaction...".  However, the app runs MUCH SLOWER if you log in using your e-mail address.  Haven't confirmed the differences with Princess IT , but it seems like using e-mail login involves communicating across the satellite internet link to shore-side networks.  YMMV, but our five-person travel party all got similar speed-ups when switching app login to Booking #.

 

Agreed. I always log in with Cabin Number or Booking Number once on board.