Does the method of Internet connection affect the security of your the network?

For attackers who are "far away", the medium is irrelevant: such attackers act at the logical level, sending IP packets which must go through the facilities of your ISP. What could protect you at that point is a competent ISP, which is unrelated to the medium used to move the packets between the ISP and your home (and that's an oxymoron, too).

Medium matters only for attackers who are physically close. A motivated attacker with physical access to the premises could "work around" the medium by attacking either end. With an ill-tempered hound and a shotgun, you can take care of the physical security of your home, but there is little you can do for the other end, which is under the responsibility of the ISP. Radio-based links may be a bit more at risk here, because the ISP end of it must have an aerial antenna, thus exposed to the elements at large, and attackers with climbing skills.

If we consider only attackers with low motivation and unwilling to act physically, and yet for which the physical medium has any importance, then the question becomes "how can I prevent my neighbours from spying on my connections and leeching my bandwidth ?". There, the medium can make quite a lot of difference, because of the availability of the required tools. For instance, I would rate 3G connections as "quite secure" (in that context) because 3G includes encryption, and in any case 3G protocol analysis apparatus is neither cheap or off-the-shelf at any Best Buy-like franchise. At the other end of the scale, one may find WiFi-based ISP: WiFi has a long history of botching encryption and security, and all laptops have an on-board WiFi component which is easily amenable to protocol analysis (e.g. changing your MAC is standard issue and supported by any decent OS out-of-the-box).

In the "neighbour is the attacker" scenario, point-to-point mediums are also somewhat better than broadcast mediums; I know of some Cable providers where the cable is a thinly disguised carrier for ethernet frames, which are broadcasted throughout the building, the ISP "box" acting as a filter. On the other hand, DSL is normally point-to-point.

Some ISP use cryptography; at least, some DSL providers implement (or used to implement -- I saw that in France about 10 uears ago) PPTP or L2TP with encryption and strong authentication. Done correctly, this provides a high level of protection against neighbours, which abstracts away the details of the physical medium. This brings us back to the question of ISP competence...

Most of the security issues you will have will be with the router provided by the ISP, which can have backdoors and security holes; and, in the second place, security holes in the ISP network itself. As for the medium, in your list, I would rate 3G networks with the highest level of security because the protocol includes by default some decent protection, so a medium-related issue would need the ISP to be creatively incompetent; whereas for Cable, DSL or Fiber, basic crassness is sufficient to be vulnerable.

The level of risk in this particular case falls on a couple different things I think:

  • Can someone eavesdrop on the line and read or modify your data in transit?
  • Can someone impersonate your identity while connecting to the ISP?

The first question is kind of difficult to answer because it sometimes depends on the system you are accessing. Point to Point connections are more difficult to intercept than shared connections, so fiber or dial-up or T1 etc, are a harder (relatively) to attack. However, you could make the attack past the ISP where everything is on a shared medium and you bypass the line entirely.

Impersonating the user connecting to the ISP could be an interesting attack because it could show evidence of illegal actions and it might get you in trouble. It's relatively easy to do this on shared lines because then all you need is the credential. Any type of connection that requires special hardware like Fiber or Satelite is going to be relatively harder to attack because you need the credentials and the hardware.

When cable internet first came out in our area, it was possible to see my neighbour's computers from my 'network neighbourhood' if I configured my network a certain way. It was corrected some time afterwards, but it does indicate that there is at least some concern about a 'shared' connection pool.

At lower layers of the stack, the connection type would affect the ability of someone to physically access your network, which brings up all the normal physical network access issues (man-in-the-middle, et al.).

As you move up the stack, the type of connection matters less.