@Steve - Regarding SN 973 and DHCP Option 121 / CVE-2024-3661
When using public or otherwise untrustworthy WiFi using a travel router should protect you.
If you have the travel router connect to the public / untrustworthy WiFi and then have your device connect to the travel router - your device will only see DHCP responses from the LAN side of the travel router. A malicious actor can publish whatever routes they want with Option 121 - those routes will not leak past the NAT of the travel router and thus protect you.
It's more friction to power up a travel router and connect to it and then login to the routers web interface and get it to connect to the public WiFi but making yourself more secure usually is more painful than not. When in a hotel I always have my travel router with me and it works like a charm.
When using public or otherwise untrustworthy WiFi using a travel router should protect you.
If you have the travel router connect to the public / untrustworthy WiFi and then have your device connect to the travel router - your device will only see DHCP responses from the LAN side of the travel router. A malicious actor can publish whatever routes they want with Option 121 - those routes will not leak past the NAT of the travel router and thus protect you.
It's more friction to power up a travel router and connect to it and then login to the routers web interface and get it to connect to the public WiFi but making yourself more secure usually is more painful than not. When in a hotel I always have my travel router with me and it works like a charm.