Chewagirl,
"Question: does the printer use data? It is not wireless; when I need it, I plug it into my computer."
Answer: Most likely not. Where is gets tricky is that there are printer drivers and then there are printer programs and software packages.
On the typical small USB printer, you plug it into the computer, the computer "sees" the printer and load a set of basic printer drivers to enable operation and that's it.
In other cases, HP is famous for this, plugging in the printer will load the basic drivers AND awaken what can be a very comprehensive set of software programs that can be used to not only manipulate pictures and text for printing but also for "sharing". The "sharing" of the pictures and documents with others is obviously going to use data but ..... what about that nice software package that allows all this to happen.
It has been my personal experience that you simply cannot trust software to follow its settings.
On instance that I have screenshots of the software settings for is a program called Garmin Express. It is (or is supposed to be) an on demand software and map update utility for my Garmin GPS nav unit.
Originally it was set to only do updates between 2am and 8am. It has taken it upon itself to do otherwise on more than one occasion as evidenced by this repost of a topic of mine:
I checked my remaining allowance this morning and seen another large chunk of data gone !
This would have fallen somewhere between a Mystery and one of those Conundrums we hear about.
A peek at Glasswire shows that despite settings to the contrary Garmin Express (GPS updater) hit me twice in the last 30 days.
Moral of the story: If you are missing data don't depend on program settings and have some type of monitoring program installed.
Settings set to 2am to 8am:
Glasswire shows two Garmin Express hits in the past 30 days:
I guess my point here is: Software is a lot like Dogs and Children. Just because you tell them to do something doesn't mean they are going to do it.
All of the above is software related but we really have to consider some router related aspects.
Having a router really multiplies the potential for "leaks" and in ways many users will not have considered.
I have posted this before but it bears repeating ..
Lets look at a block diagram of a typical home router ...
There are three areas of potential data use;
Area #1 consists of the routers "hardware", its internal settings and permissions and securing access to area.
This is an area that is easily overlooked.
First is securing the area. When you enter the Routers LAN IP you will be taken to the Routers "Log On" screen.
Here is the manufactures default settings from my old Netgear:
It is imperative that that a user change both the username and password to something unique and known to only a single person. There should only be one network administrator.
This is the interface that protects integrity of your networks settings and permissions.
One area of vulnerability and unseen potential data use is at the core of the Routers "firmware" chip.
Usually this chip is given the right to access the internet, connect to the manufacture of the router and check for newer firmware updates (read as "instruction rules") and install them.
I suggest that this be disabled. YOU need to be in control of when data is used and hardware is updated.
Updating firmware can be a tricky thing. One rule of thumb is "if its not broke, leave it alone".
I guess I fall into this category. If it (the firmware update) does not add a new function or address a vulnerability, leave it alone.
The above, if enabled, is a potential leak source but a manual check for updates should be periodically done and the "change log" read to see if the update is needed.
There is currently some newly discovered vulnerabilities in the Dlink- 822 family of Routers that should have their firmware updated.
That addresses the GUI access security and the "guts", now on too "permissions".
> The Routers LAN IP should be set to 192.168.1.1 so as to not conflict with the Hughes Modem at 192.168.0.1 <
> All "Guest Accounts" should be disabled <
> The WPS function should be disabled <
> Remote Access should be disabled and any existing R/A accounts closed <
> The QoS function should be disabled <
Area #2: wireless.
This is the hardest area to address because there are so many levels of "wireless encryption" (or the complete lack of) that SHOULD limit access to only authorized computers and devices and their many Apps, Program Packages AND unseen background PROCESSES and these will be PER DEVICE. The leak potential adds up quickly.
The first thing is KNOW YOUR DEVICES by their MAC addresses.
Every device is going to have a unique MAC address and every router is going to have a area in the routers GUI to see what devices are currently connected.
Usually this will be under the heading of "Attached Devices" or similar:
This can be helpful in finding things like weak wireless encryption levels (none or WEP for example) or if a Guest Account has been overlook.
Know your devices.
Wireless Connectivity and Security:
I wish a had a nickel for every time I seen someone post: "I live out in the Boonies and my Router is "password" protected".
The strength and "radiation pattern" is different for each router, some circular, some in the form of a figure 8, some better in the vertical plane (good with two story house) other in the horizontal (better with a ranch style) some are in the 2.4 GHZ frequency range with others in the 5 GHZ range. All will behave differently and all will have amazing range with the right conditions of weather, building construction, obstructions, reflections and interference. Don't always count on the range, distance and radiation pattern being the same. It isn't.
Wireless security can range from "none" (open network) to increasing levels. Here is a list .. weakest to strongest:
None
WEP
WPA-PSK [TKIP]
WPA2-PSK [AES]
WPA-PSK [TKIP] + WPA2-PSK [AES]
With no encryption enabled, any device that comes within range is free to latch on to your Hughes connection and use data. No "authorization" needed.
If a visitor comes over and they have a cell phone in their pocket ... BAMM GOTCHA !, Cell phones love to connect for updates and other "stuff". The same applies to a tablet in a visitors purse or pocket.
Next up we have the WEP encryption standard.
WEP is so easily cracked that you might just as well be running a totally unprotected network but at least it requires "authorization" in the form of a password or passkey that is generated inside the router, is visible from inside the routers GUI (That SHOULD be protected by its own username and password).
WEP is good enough to prevent casual "drive by" connections but that is about it.
It does however point out that there are (or should be) TWO levels of "passwords" in use:
One protects access to the routers settings (INCLUDING the wireless channels passkey) and the second being the wireless password itself.
The further down the list posted above, the more secure it becomes. Some older devices may not be able to connected with some of the later more secure levels. It all depends on what you are using.
Leaks however are multiplied by the number of wireless devices connected, their software "load", the software settings ... and if the software chooses to follow those settings (see my Garmin Express example).
On a Windows laptop you could install Glasswire on that machine and see in detail what IT is doing but that still leaves phones, tablets, network printers, chromcast dongles and who knows how many other devices and wireless connection paths that aren't being monitored.
If you network, at the core of that network is your router ... everything that is connected, all data that is used, will run through that central point.
Some higher end routers can monitor and report use per device. They are worth the money if you have a data capped service and have questions or doubts as to what is using your data.
The 3rd area of course are the wired devices.
These can be computers, printers and scanners, network servers .. the list goes on.
Each will have unfettered access to your wired connection. The only limits being if the machine is "on", "hibernating" or truly power off.
Glasswire can be installed on EACH of the Windows machines and the results totaled. I don't have enough experience with other OS's to recommend or comment in detail but their should be a utility for each.
Again, a high end router can pinpoint be device so that that device can be singled out for closer scrutiny.
In the end tracking data usage requires at least an overview of the "shape" of your network and its component parts.
Its not intuitive, its not easy in the beginning for a novice user.
That is why companies large and small have IT Departments.
If a user chooses to "network" their connection they must learn to some degree to become their own IT Department.
You don't need to become and expert. With a little guidance you can learn enough to understand some key points and areas to monitor and that will get the job done.
FAP stands for Fair Access Policy.
When you use all of your data your speeds will be "throttled" to ABOUT 150 Kbps or about three times dial-up speed.
There are some changes however. I think all Gen4 plans (HT1000/1100 modems)have "SmartBrowse" that will kick in when your data is depleted and that will allow "basic" web browsing and email retrieval at normal speeds as long as the "data demand" remains ... low ... no streaming, no videos, no large attachments.
Having said that, you can of course purchase Tokens but that is another story.