Netgear Adds Support For "Collecting Analytics Data" To Popular R7000 Router

An anonymous reader writes: Netgear's latest firmware update for the R7000 includes new support for collecting analytics data. The update release notes include this caution:

NOTE:It is strongly recommended that after the firmware is updated to this version, log back in to the router s web GUI and configure the settings for this feature.

An article on Netgear's KB states updated last week that Netgear collects information including IP addresses, MAC, certain WiFi information, and information about connected devices.

Wow!

[Anonymous Coward]

I guess it is time to switch to a different brand.

Re: Wow!

[Z00L00K]

Same here - I'm using a Linux box with iptables to select which traffic that I allow.

And it even more highlights that using DD-WRT is what you should look into if you want to get some level of security on your wireless.

Re: Wow!

[Anonymous Coward]

There's nil/zero/nada reason for Netgear to be collecting this information. In Europe most of this is flat out illegal.

I think we're reaching the point of negative value now. Devices seem to do everything *but* the thing printed on the box. Most of the Chinese IoT devices are basically badly coded malware in a single. Remind me how the Internet is enriching our lives again?

Re:

[jazzdude00021]

How did an AC get modded insightful with that comment? Especially on this site. Or are there that many people with mod points that don't already know how to switch firmware on their router?

Seriously, most people here know that stock router firmware sucks. It's not a secret. If you read the linked KB, you'll see Netgear might actually be working to make their hardware/firmware better using this and not just collecting advertising data like the tinfoil hats are suggesting. Working to make a better functioning

Re:

[peawormsworth]

If you're paranoid, switch to DD-WRT, Open-WRT, Tomato

This is not paranoid. I have a netgear router and I installed DD-WRT on it. Now I have a router with many features that were not available with the stock software.

Installing your own software on your router is not paranoid, it is what smart people do because it makes their router work better. Relieving paranoia is a side benefit.

I should know, I am paranoid. The real thing that relieves paranoia is NOT using a router supplied by your ISP. Connecting an ISP supplied device to your home network is for happy n

This is supposed to be a security device

[Anonymous Coward]

And it's leaking the owner's personal information over the internet.

Re:

[Svartalf]

Ah, but must will stupidly agree to it.

Yup

[rholtzjr]

Not sure I like the "feature" if it is not configurable to either enable or disable (e.g. opt in/out).

Notgear...

[Svartalf]

I'm unsure I even like this "feature" with it being controllable.

Re:

[rholtzjr]

Good point

Re:

[Z00L00K]

Since most such "services" are opt-out most people wouldn't understand it and are afraid to disable it. Same with this UPnP service which is a security hole the size of Valles Marineris.

Re:

[Anonymous Coward]

Not sure I like the "feature" if it is not configurable to either enable or disable (e.g. opt in/out).

Configurability is nothing to do with this. This feature will now be turned on by default at all your friend's houses. It will be turned on at all internet cafe's. I guess the only thing that can be said for this is that it reminds us that VPNs are not just for bypassing region limitations and that we should all be using one which guarantees user privacy.

Clarification: Netgear collects your data

[the_other_chewey]

It's not made clear at all in TFS, and could be read as if Netgear routers now supported more network stats available to the router's owner.

That's not it: "Analytics Data" collection is done by Netgear, remotely.

Hence my new pet name for them...

[Svartalf]

Notgear.

Re:

[ooloorie]

Now that its legal to share your private internet access details in the US,

It's legal to share your private Internet access details in most countries; in fact, in most countries, it's required when the government asks for them.

Re:Clarification: Netgear collects your data

[GrumpySteen]

If you'd clicked on the link,, or even hovered over it to see the url, you'd have seen "What router analytics data is collected and how is the data being used by NETGEAR?" which makes it pretty obvious that they're talking about data that's sent to the company.

Re:

[Z00L00K]

You may be in for a nasty surprise.

It's a fad!

[Anonymous Coward]

IMHO this shouldn't be more of an outrage than all of the tracking companies involved in collecting user data on various websites, i would dare to say that the biggest online companies make the most of if not all of their revenue selling user data. Not to mention that certain alphabet soup agency affiliate outreach that seems to have had a hand in most of the startup companies from the mid 90's or so.

I try to avoid using that certain operating system that wants to "get to know me" through online telemetry,

Re:It's a fad!

[arth1]

IMHO this shouldn't be more of an outrage than all of the tracking companies involved in collecting user data on various websites,

Well, yes, it should. A web site only tracks users who visit it, using web browsers that cooperate.
A router sees all traffic to and from all addresses for all users.

The collected data from a router would also be of great help to anyone trying to penetrate the network.

Re:It's a fad!

[JaredOfEuropa]

Also, if some desirable but naughty IoT device* sends my data to the mothership, I can block it at the firewall (i.e. in the router), in fact I make sure that's the default. But if the firewall itself decides to phone home, you're SOL.
How about a law: collecting data and sending it off-LAN works strictly opt-in only, unless transmitting that data is critical to the advertised functionality of the device or app.

*) please, no discussions or remarks about how no IoT device could ever be desirable.

Re:

[Khyber]

"unless transmitting that data is critical to the advertised functionality of the device or app. "

In case you haven't paid attention, app makers are already kinda doing that so they can collect data they should not be collecting.

Re:

[JaredOfEuropa]

I'd say blocking core functionality (Netflix and local media) unless you enable data harvesting amounts to the same thing as not allowing customers to opt out.

Re:

[Motherfucking Shit]

The question is. If surveillance sells who's buying?

Your insurance company, who'll discover that your wife searched for "breast lump" and then jack up your monthly premiums accordingly, even though it turned out to be nothing.

Your employer, who wants to clean house of any employees who practice a certain religion, but can't exactly go around asking everyone about it.

Your employer, who might be interested to know that you subscribe to both Netflix and Hulu; you obviously have too much disposable income, and can be passed over for a raise.

Your father-in-law, w

Their answer

[markdavis]

"What router analytics data is collected and how is the data being used by NETGEAR? Technical data about the functioning and use of our routers and their WiFi network can help us to more quickly isolate and debug general technical issues, improve router features and functionality, and improve the performance and usability of our routers. Such data may include information regarding the routerâ(TM)s running status, number of devices connected to the router, types of connections, LAN/WAN status, WiFi bands and channels, IP address, MAC address, serial number, and similar technical data about the use and functioning of the router, as well as its WiFi network."

Re:

[Z00L00K]

And how is the data transferred? If your ISP do a MITM attack on it then they can see a lot about your local network as well.

Re:

[dknj]

can still MITM encrypted connections if the router doesn't do certificate verification

-dk

Re:

[Anonymous Coward]

The key phrase is "improve router features and functionality". This includes legitimate things such as e.g. malware detection and blocking, which they won't actually get round to and anti-customer "features" like advertising targeting, which, since it pays well, they will get done pretty soon.

Good idea

[110010001000]

I had this idea a while back. When you collect analytic data like this and feed it back into a correlation engine you can do analysis and look for things like widespread attacks, malware propagation.

It would be nice to have an open source answer to this.

You can turn that off

[Deadstick]

..and they tell you so in, y'know, the update message.

Re:

[cats-paw]

be sure and check to see if it's really turned off.

also, bug which keeps it on all the time or exposes a vulnerability when enabled in 3 2 1...

Re:

[Neuronwelder]

More than that.. Is it really, really, turned off? After all, they had the guts to do it.

Re:

[Deadstick]

What's the difference between that and any other setting in your router or browser?

Re:

[danomac]

You mean you currently can turn that off. That may not be so true in the future.

Re:

[epyT-R]

That doesn't make it all ok.

Home brew router.

[Rockoon]

I wonder how inexpensive it would be to replace these commercial routers with equivalent home-built ones.

Re-purposing an old desktop isn't equivalent due to both space and power consumption. A Raspberry Pi although both small and low power, would need to be augmented with significant further hardware in order to perform an equivalent task.

Throwing an open-source firmware onto a commercial router is a good idea, but in no way really protects you from a hostile hardware maker (or more accurately, a hostil

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[epyT-R]

Not if you have gigabit service, esp not if you're using QoS and other filtering.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[aXis100]

I would argue that most home/SOHO routers are not specialized for the task. Many of them have quite underwhelming specs and don't even have full bandwidth access to their own network interfaces. A old PC with PCI network cards is an order of magnitude more capable.

Re:

[ledow]

I have run entire schools from a single desktop re-purposed as a router. It easily handled everything necessary, including captive transparent web filter and firewalling.

There are a number of Mini-ITX and Pico-ITX boards that are packaged in router-like or UTM cases , some with several Ethernet ports on board making them perfect. It's what people like Smoothwall and Watchguard sell as commercial products - Linux or equivalent on a UTM.

Trying to cobble them together from RPi makes no sense. Connectivity a

Re:

[spire3661]

You use x86 itx motherboards with dual NICs. Stuff like this https://www.amazon.com/Intel-F... [amazon.com] Actually this isnt equivalent, it destroys any ARM based router in performance and reliability.

Re: Home brew router.

[Lvdata]

Not sure I'd trust the onboard nicks due to Intel management security holes. The primary Intel NIC is now worthless.

Avoid the problem

[FantyMingo]

Advanced Tomato works perfectly on my R7000.

Popular R7000 router bundled with malware

[WaffleMonster]

Love this our product contains malware warning message:

NOTE:It is strongly recommended that after the firmware is updated to this version, log back in to the router's web GUI and configure the settings for this feature.

Nothing screams we're doing something wrong AND WE KNOW IT than cute little notes like these.

How much data is sent to Netgear before this malware can possibly be disabled?

Re:

[sexconker]

None, if you unplug the WAN link.

Sounds like a good way to fuck yourself Netgear

[Khyber]

Where is this traffic being sent, DNS and IP-wise? How is the data configured for their systems?

Figure these out, and then you could just flood the shit out of their systems with legit-looking bogus data that appears to come from their routers with whatever data you want.

Bonus points if you use this to gain yourself escalated access inside their own network (which wouldn't surprise me given Netgear's security track record.)

I have a R7000

[Woldscum]

I have a R7000 and had DDWRT on it back during the security hole thing. Max speed was 150-160 ish down on lan and Wi-Fi. I have 300/30 net BTW and got only half speed. DDWRT also kills the WAP button on the router. I have a cheap canon all in one printer. That can only connect to a wireless network by WAP. So DDWRT killed my remote network printer. Also DDWRT kills the R7000s USB3 port. The Dev said it is a custom USB3 implementation that DDWRT will never support. So DDWRT will "work" on a R7000. But severe

Re:

[Guyle]

I think you meant WPA - Wi-Fi Protected Access. It's insecure as hell and should never be used - just Google around and you'll learn why. If that's the only way your printer will connect, get a new printer, or plug it into a cheap PC and share it on your network. You won't get WPA using PFSense anyway. I also don't understand why it's important to have USB 3.0 in a router. If you're wanting to plug in an external hard drive and serve it up as a NAS, the little chip in a router isn't going to be very eff

Re:

[Guyle]

... WPA - Wi-Fi Protected Access.

Dammit, I meant WPS - Wi-Fi Protected Setup.

Re:

[Woldscum]

Yea WPS my bad. Don't make excuses for DDWRT. I have used it from the beginning on a 54WRT then a Buffalo Networks N. Also use OpenWRT at work. Fact is DDWRT kills a lot of the functionally of the hardware. I did set the printer up as a TCP/IP network printer using the R7000s USB2. But Win7 and Win10 only will allow generic Canon drivers. Which only prints. It kills the network scanning and most importantly Air Print. It also forces me to move the printer into cable distance of the R7000. With the USB3 it k

Re:

[zOper]

Sadly, that's the problem with Netgear; the only thing good about the R7000 is (was?) the hardware. Security holes asside, I experienced wifi stability problems with FW 1.05 and 1.06 (I had to downgrade to 1.04 each time). And I was only using it as a WIFI bridge! Ok, I was running stuff that was super sensitive to packet drops but still... I can't imagine how many bugs there was with all the features turned on. The fact that they are now collecting analytics does not surprise me; it is likely that they

Never did much care for Netgear

[rsilvergun]

I always found their stuff cheaply made but expensive to buy. But a couple times I've seen something for a really good price and been tempted. Thanks Netgear, for ensuring I'm never tempted to buy anything again.

PfSense

[spire3661]

Time to build that Pfsense box i have been talking about for years.

What if I don't ...

[CaptainDork]

... apply the firmware upgrade?

I checked my Netgear 7000 and it does have an update.

As far as I can determine, there's nothing there for ME.

Also, I don't see any security updates.

So, maybe I just opt to leave it as-is?

Re:

[CaptainDork]

Also, my 7000 is behind my new Spectrum (old TWC) Internet modem. Does that layer of imsulation protect me t all if I were to allow the firmware upgrade?

Common sense tells me, "No."

Thanks.

Re:

[SirAdelaide]

Never upgrade something that is working.

(Unless it is a worthwhile security update, obviously)

Re:

[CaptainDork]

Thanks.

I'm a retired IT guy and I knew to check each server (3Com, Novell, Windows NT, Windows 2xxx) and desktop update before application, but I'm weak in router stuff.

Think I'll pass.

Again, thanks.

Take it to Anchorhead and get its memory erased

[hwstar]

I won't use any router which I can't load third party firmware on. If this router requires the use of stock firmware, then I would not consider purchasing it. There's too many conflicting interests (i.e. ways to please shareholders) getting in the way of privacy these days. If I pay for something, this I want options to retain my privacy.

Re:

[jazzdude00021]

Please someone mod this up to the top comment and leave it there. You've always had 2 choices: 1) Learn to install your own firmware. 2) Take whatever the manufacturer provides. We've known #2 is crap for years, but maybe this time someone is trying to fix that with a little analytics. If you don't like it, see #1. If you can't do #1, buy from someone who can.

I use Tomato firmware, not stock Netgear

[krelvin]

Actually just updated today as the newest firmware was release this week.
1.28.0000 -3.4-140 K26ARM USB AIO-64K, While there is an option (and has been) to turn on statistics, I have never had it turned on.

https://advancedtomato.com/dow... [advancedtomato.com]

Works better than stock firmware and dealt with vulnerabilities that the router had with stock firmware long before Netgear caught up.

New business model

[volt4ire]

It's surely no accident that Netgear is releasing this "feature" just 2 months after Congress voted to allow ISPs to sell users' browsing history. [slashdot.org]