Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Networking Wireless Networking Privacy Security

Netgear Adds Support For "Collecting Analytics Data" To Popular R7000 Router 110

An anonymous reader writes: Netgear's latest firmware update for the R7000 includes new support for collecting analytics data. The update release notes include this caution:

NOTE:It is strongly recommended that after the firmware is updated to this version, log back in to the router s web GUI and configure the settings for this feature.

An article on Netgear's KB states updated last week that Netgear collects information including IP addresses, MAC, certain WiFi information, and information about connected devices.

This discussion has been archived. No new comments can be posted.

Netgear Adds Support For "Collecting Analytics Data" To Popular R7000 Router

Comments Filter:
  • Wow! (Score:5, Insightful)

    by Anonymous Coward on Sunday May 21, 2017 @06:33AM (#54458457)

    I guess it is time to switch to a different brand.

    • How did an AC get modded insightful with that comment? Especially on this site. Or are there that many people with mod points that don't already know how to switch firmware on their router?

      Seriously, most people here know that stock router firmware sucks. It's not a secret. If you read the linked KB, you'll see Netgear might actually be working to make their hardware/firmware better using this and not just collecting advertising data like the tinfoil hats are suggesting. Working to make a better functioning

      • If you're paranoid, switch to DD-WRT, Open-WRT, Tomato

        This is not paranoid. I have a netgear router and I installed DD-WRT on it. Now I have a router with many features that were not available with the stock software.

        Installing your own software on your router is not paranoid, it is what smart people do because it makes their router work better. Relieving paranoia is a side benefit.

        I should know, I am paranoid. The real thing that relieves paranoia is NOT using a router supplied by your ISP. Connecting an ISP supplied device to your home network is for happy n

  • by Anonymous Coward

    And it's leaking the owner's personal information over the internet.

  • Yup (Score:5, Insightful)

    by rholtzjr ( 928771 ) on Sunday May 21, 2017 @06:37AM (#54458465) Journal

    Not sure I like the "feature" if it is not configurable to either enable or disable (e.g. opt in/out).

    • Notgear... (Score:5, Insightful)

      by Svartalf ( 2997 ) on Sunday May 21, 2017 @06:40AM (#54458475) Homepage

      I'm unsure I even like this "feature" with it being controllable.

    • by Z00L00K ( 682162 )

      Since most such "services" are opt-out most people wouldn't understand it and are afraid to disable it. Same with this UPnP service which is a security hole the size of Valles Marineris.

    • by Anonymous Coward

      Not sure I like the "feature" if it is not configurable to either enable or disable (e.g. opt in/out).

      Configurability is nothing to do with this. This feature will now be turned on by default at all your friend's houses. It will be turned on at all internet cafe's. I guess the only thing that can be said for this is that it reminds us that VPNs are not just for bypassing region limitations and that we should all be using one which guarantees user privacy.

  • by the_other_chewey ( 1119125 ) on Sunday May 21, 2017 @06:43AM (#54458487)
    It's not made clear at all in TFS, and could be read as if Netgear routers now supported more network stats available to the router's owner.

    That's not it: "Analytics Data" collection is done by Netgear, remotely.
  • It's a fad! (Score:2, Insightful)

    by Anonymous Coward

    IMHO this shouldn't be more of an outrage than all of the tracking companies involved in collecting user data on various websites, i would dare to say that the biggest online companies make the most of if not all of their revenue selling user data. Not to mention that certain alphabet soup agency affiliate outreach that seems to have had a hand in most of the startup companies from the mid 90's or so.

    I try to avoid using that certain operating system that wants to "get to know me" through online telemetry,

    • Re:It's a fad! (Score:5, Insightful)

      by arth1 ( 260657 ) on Sunday May 21, 2017 @07:15AM (#54458563) Homepage Journal

      IMHO this shouldn't be more of an outrage than all of the tracking companies involved in collecting user data on various websites,

      Well, yes, it should. A web site only tracks users who visit it, using web browsers that cooperate.
      A router sees all traffic to and from all addresses for all users.

      The collected data from a router would also be of great help to anyone trying to penetrate the network.

      • by JaredOfEuropa ( 526365 ) on Sunday May 21, 2017 @07:41AM (#54458645) Journal
        Also, if some desirable but naughty IoT device* sends my data to the mothership, I can block it at the firewall (i.e. in the router), in fact I make sure that's the default. But if the firewall itself decides to phone home, you're SOL.
        How about a law: collecting data and sending it off-LAN works strictly opt-in only, unless transmitting that data is critical to the advertised functionality of the device or app.

        *) please, no discussions or remarks about how no IoT device could ever be desirable.
        • by Khyber ( 864651 )

          "unless transmitting that data is critical to the advertised functionality of the device or app. "

          In case you haven't paid attention, app makers are already kinda doing that so they can collect data they should not be collecting.

    • The question is. If surveillance sells who's buying?

      Your insurance company, who'll discover that your wife searched for "breast lump" and then jack up your monthly premiums accordingly, even though it turned out to be nothing.

      Your employer, who wants to clean house of any employees who practice a certain religion, but can't exactly go around asking everyone about it.

      Your employer, who might be interested to know that you subscribe to both Netflix and Hulu; you obviously have too much disposable income, and can be passed over for a raise.

      Your father-in-law, w

  • Their answer (Score:4, Informative)

    by markdavis ( 642305 ) on Sunday May 21, 2017 @07:06AM (#54458533)

    "What router analytics data is collected and how is the data being used by NETGEAR? Technical data about the functioning and use of our routers and their WiFi network can help us to more quickly isolate and debug general technical issues, improve router features and functionality, and improve the performance and usability of our routers. Such data may include information regarding the routerâ(TM)s running status, number of devices connected to the router, types of connections, LAN/WAN status, WiFi bands and channels, IP address, MAC address, serial number, and similar technical data about the use and functioning of the router, as well as its WiFi network."

    • by Z00L00K ( 682162 )

      And how is the data transferred? If your ISP do a MITM attack on it then they can see a lot about your local network as well.

    • by Anonymous Coward

      The key phrase is "improve router features and functionality". This includes legitimate things such as e.g. malware detection and blocking, which they won't actually get round to and anti-customer "features" like advertising targeting, which, since it pays well, they will get done pretty soon.

  • Good idea (Score:5, Interesting)

    by 110010001000 ( 697113 ) on Sunday May 21, 2017 @07:37AM (#54458631) Homepage Journal
    I had this idea a while back. When you collect analytic data like this and feed it back into a correlation engine you can do analysis and look for things like widespread attacks, malware propagation.

    It would be nice to have an open source answer to this.
  • ..and they tell you so in, y'know, the update message.

  • I wonder how inexpensive it would be to replace these commercial routers with equivalent home-built ones.

    Re-purposing an old desktop isn't equivalent due to both space and power consumption. A Raspberry Pi although both small and low power, would need to be augmented with significant further hardware in order to perform an equivalent task.

    Throwing an open-source firmware onto a commercial router is a good idea, but in no way really protects you from a hostile hardware maker (or more accurately, a hostil
    • by ledow ( 319597 )

      I have run entire schools from a single desktop re-purposed as a router. It easily handled everything necessary, including captive transparent web filter and firewalling.

      There are a number of Mini-ITX and Pico-ITX boards that are packaged in router-like or UTM cases , some with several Ethernet ports on board making them perfect. It's what people like Smoothwall and Watchguard sell as commercial products - Linux or equivalent on a UTM.

      Trying to cobble them together from RPi makes no sense. Connectivity a

    • You use x86 itx motherboards with dual NICs. Stuff like this https://www.amazon.com/Intel-F... [amazon.com] Actually this isnt equivalent, it destroys any ARM based router in performance and reliability.
  • Advanced Tomato works perfectly on my R7000.
  • Love this our product contains malware warning message:

    NOTE:It is strongly recommended that after the firmware is updated to this version, log back in to the router's web GUI and configure the settings for this feature.

    Nothing screams we're doing something wrong AND WE KNOW IT than cute little notes like these.

    How much data is sent to Netgear before this malware can possibly be disabled?

  • Where is this traffic being sent, DNS and IP-wise? How is the data configured for their systems?

    Figure these out, and then you could just flood the shit out of their systems with legit-looking bogus data that appears to come from their routers with whatever data you want.

    Bonus points if you use this to gain yourself escalated access inside their own network (which wouldn't surprise me given Netgear's security track record.)

  • I have a R7000 and had DDWRT on it back during the security hole thing. Max speed was 150-160 ish down on lan and Wi-Fi. I have 300/30 net BTW and got only half speed. DDWRT also kills the WAP button on the router. I have a cheap canon all in one printer. That can only connect to a wireless network by WAP. So DDWRT killed my remote network printer. Also DDWRT kills the R7000s USB3 port. The Dev said it is a custom USB3 implementation that DDWRT will never support. So DDWRT will "work" on a R7000. But severe

    • by Guyle ( 79593 )

      I think you meant WPA - Wi-Fi Protected Access. It's insecure as hell and should never be used - just Google around and you'll learn why. If that's the only way your printer will connect, get a new printer, or plug it into a cheap PC and share it on your network. You won't get WPA using PFSense anyway. I also don't understand why it's important to have USB 3.0 in a router. If you're wanting to plug in an external hard drive and serve it up as a NAS, the little chip in a router isn't going to be very eff

      • by Guyle ( 79593 )

        ... WPA - Wi-Fi Protected Access.

        Dammit, I meant WPS - Wi-Fi Protected Setup.

        • Yea WPS my bad. Don't make excuses for DDWRT. I have used it from the beginning on a 54WRT then a Buffalo Networks N. Also use OpenWRT at work. Fact is DDWRT kills a lot of the functionally of the hardware. I did set the printer up as a TCP/IP network printer using the R7000s USB2. But Win7 and Win10 only will allow generic Canon drivers. Which only prints. It kills the network scanning and most importantly Air Print. It also forces me to move the printer into cable distance of the R7000. With the USB3 it k

    • by zOper ( 1329465 )
      Sadly, that's the problem with Netgear; the only thing good about the R7000 is (was?) the hardware. Security holes asside, I experienced wifi stability problems with FW 1.05 and 1.06 (I had to downgrade to 1.04 each time). And I was only using it as a WIFI bridge! Ok, I was running stuff that was super sensitive to packet drops but still... I can't imagine how many bugs there was with all the features turned on. The fact that they are now collecting analytics does not surprise me; it is likely that they
  • I always found their stuff cheaply made but expensive to buy. But a couple times I've seen something for a really good price and been tempted. Thanks Netgear, for ensuring I'm never tempted to buy anything again.
  • Time to build that Pfsense box i have been talking about for years.
  • ... apply the firmware upgrade?

    I checked my Netgear 7000 and it does have an update.

    As far as I can determine, there's nothing there for ME.

    Also, I don't see any security updates.

    So, maybe I just opt to leave it as-is?

    • Also, my 7000 is behind my new Spectrum (old TWC) Internet modem. Does that layer of imsulation protect me t all if I were to allow the firmware upgrade?

      Common sense tells me, "No."

      Thanks.

    • Never upgrade something that is working.

      (Unless it is a worthwhile security update, obviously)

      • Thanks.

        I'm a retired IT guy and I knew to check each server (3Com, Novell, Windows NT, Windows 2xxx) and desktop update before application, but I'm weak in router stuff.

        Think I'll pass.

        Again, thanks.

  • I won't use any router which I can't load third party firmware on. If this router requires the use of stock firmware, then I would not consider purchasing it. There's too many conflicting interests (i.e. ways to please shareholders) getting in the way of privacy these days. If I pay for something, this I want options to retain my privacy.

    • Please someone mod this up to the top comment and leave it there. You've always had 2 choices: 1) Learn to install your own firmware. 2) Take whatever the manufacturer provides. We've known #2 is crap for years, but maybe this time someone is trying to fix that with a little analytics. If you don't like it, see #1. If you can't do #1, buy from someone who can.

  • Actually just updated today as the newest firmware was release this week.
    1.28.0000 -3.4-140 K26ARM USB AIO-64K, While there is an option (and has been) to turn on statistics, I have never had it turned on.

    https://advancedtomato.com/dow... [advancedtomato.com]

    Works better than stock firmware and dealt with vulnerabilities that the router had with stock firmware long before Netgear caught up.

  • It's surely no accident that Netgear is releasing this "feature" just 2 months after Congress voted to allow ISPs to sell users' browsing history. [slashdot.org]

System checkpoint complete.

Working...