Cisco Pushing 'Cloud Connect' Router Firmware, Allows Web History Tracking 351
Myrv writes "Reports have started popping up that Cisco is pushing out and automatically (without permission) installing their new Cloud Connect firmware on consumer routers. The new firmware removes the user's ability to login and administer the router locally. You now must configure the router using Cisco's Cloud connect service. If that wasn't bad enough, the fine print for this new service allows Cisco to track your complete internet history. Currently, it appears the only way to disable the Cloud Connect service is to unplug your router from the internet."
Upgrade Instructions for Cisco Clients (Score:5, Funny)
1. Unplug router
2. Open garbage can lid
3. Insert router
4. Close garbage can lid
5. Purchase new router
That shit? Fuck it.
Re:Upgrade Instructions for Cisco Clients (Score:5, Informative)
Re: (Score:3, Informative)
Not supported (yet). Last time I checked, the original Tomato has not produced any further updates or additional supported routers. It's really about TomatoUSB (which is also somewhat outdated) and all the forks (Vics-a-geek, Shibby, Openlinksys, etc) that came from that tree. I've been running those firmware almost immediately out of the box as soon as the router model was supported.
Re:Upgrade Instructions for Cisco Clients (Score:4, Informative)
Yup. Currently running Shibby's latest (095) All-In-One build on my Cisco E4200v1. It's a good N router and Shibby's firmware is super stable with support for IPv6, USB & VPN among other things.
Check it out:
http://tomato.groov.pl/ [groov.pl]
Re:Upgrade Instructions for Cisco Clients (Score:5, Insightful)
Ideally we shouldn't support companies who do this even if their hardware is reflashable.
Re: (Score:3)
Buy it used.
Re: (Score:3)
Ideally we shouldn't support companies who do this even if their hardware is reflashable.
I'm torn.
We *SHOULD* support them for selling hardware where you can install whatever software you like.
IMHO that's far more important than whatever bad decsisions they make with the bundled software.
Re: (Score:3)
As long as I have an out, if other people don't know or don't care about their security/privacy enough to protect it, I don't feel any special obligation to punish a company that exploits their ignorance.
....aaaand that's why we have Fox News...
Re: (Score:3)
Make sure to get the RT-N build to get working 5GHz band:
http://tomato.groov.pl/download/K26RT-N/build5x-095-EN/Linksys%20E4200/tomato-E4200USB-NVRAM60K-1.28.RT-N5x-MIPSR2-095-AIO.bin [groov.pl]
Re:Upgrade Instructions for Cisco Clients (Score:5, Informative)
The option to install firmware yourself is greyed out on routers after the "upgrade". I have read that if you call Cisco and complain they will allow you to roll back to a previous firmware (without Cloud Connect) at which point you can manually upgrade to non-Cisco firmware.
Re:Upgrade Instructions for Cisco Clients (Score:5, Informative)
Re:Upgrade Instructions for Cisco Clients (Score:5, Informative)
At least 3 of the routers affected (EA3500, EA4500, E4200v2) are using Marvell chipsets. Not sure about the EA2700. Which means that, unless someone decides to add chipset support, DD-WRT doesn't run on these routers.
Re: (Score:3)
The 7204VXR is not only safer and faster, but it functions as a space heater as well!
Barely. At 375W it's not enough to heat my spare bedroom, which is tiny (7x10'). I'd suggest you try a couple of 12K's loaded with STM-64 linecards so you can regulate heat output by enabling or disabling cards. Keep in mind that for maximum power output you need a loopback fiber to keep the lasers on at maximum power.
Upgrade Instructions for STUPID OWNERS (Score:5, Insightful)
So who just plugs in a firewall/router and starts using it out of the box without changing the password and checking over all the settings?
Under the Administration / Management tab, you'll find a radio button clearly marked "Remote Management", and beneath that settings for Remote Upgrade. The day I installed it I discovered remote management was enabled by default, so I immediately set it to disabled. I remember thinking "My god, that's f*ing stupid! Who would ever want to expose router management to the wild side?" Apparently this answers my question.
Anyway, for anyone here who is outraged that their router has been pwnd by Cisco, SHAME ON YOU for not securing your own damn router yourself before hanging it on the intarwebs!
Re:Upgrade Instructions for STUPID OWNERS (Score:5, Insightful)
Re:Upgrade Instructions for STUPID OWNERS (Score:5, Insightful)
So who just plugs in a firewall/router and starts using it out of the box without changing the password and checking over all the settings?
Average users.
Under the Administration / Management tab, you'll find a radio button clearly marked "Remote Management", and beneath that settings for Remote Upgrade. The day I installed it I discovered remote management was enabled by default, so I immediately set it to disabled. I remember thinking "My god, that's f*ing stupid! Who would ever want to expose router management to the wild side?" Apparently this answers my question.
This should never have been enabled by default. It's terrible security practice: the default settings should be as secure as is reasonably possible, and any loosening of those settings should have to be explicitly approved by the user/administrator. This is especially true on a consumer focused product that many users aren't going to be configuring at all.
Re:Upgrade Instructions for STUPID OWNERS (Score:4, Insightful)
I know exactly why Cisco did it, so they could remotely administer routers for "average users". That's not necessarily a terrible thing.
My complaint is with technical people, such as the fine folks lurking here on slashdot, accepting any security device's defaults without checking them over. It's not like it requires arcane knowledge to look at the configuration screens; it just takes a mouse. You don't have to find a bunch of settings in a README.TXT file from some random website to know what you're looking for, or pull up a wiki page to explain what you're seeing. It's a button on a GUI screen that's clearly screaming out "LET SOMEONE ELSE RANDOMLY MESS AROUND WITH YOUR SECURITY", and these supposedly technical people left it checked. I clearly have no sympathy for them.
Re:Upgrade Instructions for STUPID OWNERS (Score:5, Interesting)
I know exactly why Cisco did it, so they could remotely administer routers for "average users". That's not necessarily a terrible thing.
But why do they need browsing history?
Re: (Score:3)
How else will they find the good porn?
Re:Upgrade Instructions for STUPID OWNERS (Score:4, Interesting)
Marketing Marketing Marketing
Doesn't matter if it is useful data since Marketing believes that if they have enough data about you that they will be able to create the perfect ad to make you buy a product that you really are not interested in buying.
Re: (Score:3)
But why do they need browsing history?
I don't know that they are planning on scraping everyone's browser history. However, because the software can serve as a web proxy, and as such it would have URLs flow through its memory. Technically, someone who saw that information in memory (say in a swap file) would have access to at least some of your "internet history", which this disclaimer would cover.
However, because the disclaimer is so broad, it gives them license to stuff every URL you surf to into their corporate databases, and hold onto it f
Re:Upgrade Instructions for STUPID OWNERS (Score:5, Funny)
I told my parents they should be ashamed. They first wanted to know what pwnd meant and if it involved urination. Then then wanted to know what Remote Management meant and how they get it. They looked for a radio button on the router, but couldn't find any stations they liked to listen to, and when they tried to dial the radio button, the antenna fell off.
They weren't worried about the interwebs though, as they were sure they had a floppy for it in their desk drawer...
Re: (Score:2)
Re: (Score:2)
Actually, I'm seriously considering upgrading it. I want to make sure that any needed security patches are in place. But before I do, I will confirm that's it's not the case that remote management is mandatory.
On the brighter side, mine is an E4200.V1, which is supported by dd-wrt. Should someone discover a bug that they will not provide a secure remote-less upgrade for, I will simply replace the firmware.
Re: (Score:2)
Re:Upgrade Instructions for STUPID OWNERS (Score:4, Interesting)
So who just plugs in a firewall/router and starts using it out of the box without changing the password and checking over all the settings?
You presume that disabling remote management and automatic updates actually proevents the vendor from remote access to your router.
I did disable automatic updates and remote management. Having just found out about this, I will find out this evening whether they pwned my E3000
Re:Upgrade Instructions for STUPID OWNERS (Score:5, Informative)
Well, when I read this story I immediately logged into my router, and fortunately was not unexpectedly greeted by their cloud. It's still reporting the same firmware version that I last upgraded to. So you should also have no worries.
Re:Upgrade Instructions for STUPID OWNERS (Score:5, Insightful)
ho? Normal people, who don't have computers skills. People who don't know a firewall from Firefox would. It seems you damn them to hell.
Ok, so you know these things. My uncle, who was a CFO for a Fortune 500 company, doesn't know. Is he stupid? No, he just is as clueless about firewall and remote management as you would be about FASB157 and how you need to restructure your portfolio to comply. Are you saying that he shouldn't be on the Internet?
I know a bit about cars, I've changed oil, fixed a EGR valve, some very minimal carburetor work, but I couldn't do a tune-up on a modern car to save my life. I don't have the tools, nor the specialty. My wife knows less than I do. I don't know how to set up my fuel injector ratios, should we not drive? No, we trust the people who made our car and those who tune up our car (we're lucky we have a very good mechanic) to fix as needed. In the case of our car, we're literally putting our lives in Baykar's very capable hands.
We (collective we) hoped that we could trust Cisco to be trustworthy as well. For it to have capable, safe defaults for the vast majority of newbies that don't know better, and the opportunity for experts to customize. This faith in Cisco seems to be misplaced. Apple is selling billions of dollars of hardware because they understand this, that people don't know everything, and they just want things to work.
Re:Upgrade Instructions for STUPID OWNERS (Score:4, Insightful)
Just because you don't know how to retool a lock doesn't mean you should hand the keys over to the state.
Re: (Score:3)
Thank you, I appreciate the correction. And yes, it was trollishly written with a blame-the-user bent (at least when the user is a techie), and for that I apologize.
I'm still arguing that the remote router is adequate for mom. She probably won't get hacked by owning it, and having Cisco keep her router up to date and working is probably a lot easier than having to manually go to her house to configure it. Cisco is somewhat (OK, just barely) trustworthy in that regard.
And I believe that's your point: you
Last post! (Score:5, Funny)
Re:Last post! (Score:4, Funny)
wait! don't leave just yet, remember to run out and get a non linksys router
oh damn he already left
Re:SMOOTHWALL EXPRESS (Score:4, Insightful)
I'm gonna guess that a router uses less electricity.
Re:SMOOTHWALL EXPRESS (Score:4, Informative)
I would imagine.
Less privacy and control too. So which would you rather have, a slightly lower electric bill, or control of your internet history?
Savings or freedom. Your choice.
wow (Score:5, Insightful)
that's all I can say really. This sounds worse than sony's disabling of features in a firmware update. Only this one you can't just not do. (and deal with the consequences of not being up to date)
But I bet this one gets sufficient backlash to require them to backpedal. Significantly altering the behavior of a purchased product by remote control, without opt-out. Arguably illegal?
Re: (Score:3)
Re:wow (Score:4, Insightful)
Re: (Score:2)
Ah, but you're forgetting that Cisco have lots of $$$ to afford expensive lawyers.
Wait. You didn't actually think that that law was supposed to apply to Mega Corps did you?
Re: (Score:2)
Maybe this is Cisco's way of pushing alternative firmwares (DD-WRT, Tomato, etc). It's actually a cleverly disguised advertisement for open source alternatives.
Re: (Score:3)
It's incredibly dumb. Even without the whole spying on your history thing, what happens if you misconfigure your router? How do they expect you to fix the configuration when you lose your internet connection? Not everyone has a smartphone.
Re: (Score:2)
As the last line of the summary mentions, if you disconnect from the Internet then you'll be able to log in locally. However, one of the posts in the link in the summary says that many of the features are disabled when logging in that way.
Re:wow (Score:5, Insightful)
Not to mention I didn't even click-through an EULA on that router that could get them an idea they have some kind of "right".
It's MY router, I bought it. and it's not some quasi-goods digital product. This is a physical item. You want to back-door my router and install crippled firmware? I'll sign up with the class action if this is the case.
I don't want anyone *at all* to be able to update my router from the internet (or WiFi for that matter). In fact, almost every router has remote (i.e. internet) side administration disabled for obvious security reasons. Now they include the word 'cloud' and it's OK?
Hell, this isn't even cloud architecture anyway. It's just a web-based (pseudo-remote) remote administration tool. You'd think Cisco of all people would understand that.
Then I see things like this and can't help but smile at the "progress" :
Re: EA4500: weird login screen; can't login
Options
06-26-2012 05:10 PM
I found a hole... Dynamic DNS password is displayed in plain text
Re: (Score:2)
This should not be a class-action (civil) issue; this should be a hacking and data theft (criminal) issue with the people responsible ending up in Federal prison!
Re:wow (Score:5, Funny)
It's MY router, I bought it. and it's not some quasi-goods digital product. This is a physical item.
The firmware remains the property of the company. It's software. Therefore, you don't own it. Of course, without firmware, it's useless, but I doubt you'll get many judges to sign on with the idea that you own the firmware too. Thank you copyright law.
I'll sign up with the class action if this is the case.
Your terms of service have been patched. That option was removed by v43 of SCOTUS. It was a mandatory update to legal.sys. You'll have to use the legacy mode 'civil_action' after setting has_lawyer to true and extra_money to lots. Be aware, the legacy mode is really buggy; It produces different results depending on the locale set during install. Enabling it also occasionally causes the processor and memory to jump to 100% utilization and the I/O is doggedly slow.
Hell, this isn't even cloud architecture anyway. It's just a web-based (pseudo-remote) remote administration tool. You'd think Cisco of all people would understand that.
Cisco engineers do. Cisco marketing does not. Cisco marketing sees the value of having a complete web browsing history of a substantial cross-section of the world, and has chosen to leverage that to increase profits post-SCOTUS patch, and since the CEO and the board signed a legally binding agreement to maximize profits, the engineers had no choice. You should welcome your capitalist overlords, and as a IT worker, you can help increase their efficiency as they enslave others in their salt mines.
Re:wow (Score:5, Interesting)
good comment from a user post:
No persuasian needed. Seriously. The engineer was great and you could TELL he was sincerely apologetic about the issues. I asked him about the whole incident, and he basically hinted at a little war going on within Cisco and the final decision to go ahead with updating people like this was upper management, where the lower pay grades tried hard and fought against the way they did things.
The Engineer simply sent me to a link, the one that is already listed in these threads and gave me instructions on how to revert back to the older firmware with the caveat (and he was apologetic about it - again I could tell he really was sincere) that the old firmware cant be supported. He then proceeded to give me his email address (which I wont give out, sorry) and told me to feel free to contact him with any issues I have. Very cool, very professional, and sincerely apologetic.
I asked if they were being inundated with calls, his simple reply was a sigh and "you have no idea......"
from a user called 'markdr'.
this pretty much sums up the situation, I would guess. the regular guys who write code were not for this but some idiot mgr upstream pushed for it.
I feel sorry for the real engineers there who are forced to do bullshit tasks that they KNOW will piss off their users. I hate this side of software eng. evilness of top level mgrs usually end up winning ;(
FU No Thanks (Score:5, Informative)
http://www.cisco.com/web/siteassets/legal/connect_cloud_supp.html [cisco.com]
I especially like how they get to keep your Internet history. Why do you think this is a good idea Cisco?
Your new Cloud Connect contract ...When you use the Service, we may keep track of certain information related to your use of the Service, including but not limited to the status and health of your network and networked products; which apps relating to the Service you are using; which features you are using within the Service infrastructure; network traffic (e.g., megabytes per hour); Internet history; how frequently you encounter errors on the Service system and other related information ("Other Information"). We use this Other Information to help us quickly and efficiently respond to inquiries and requests, and to enhance or administer our overall Service for our customers. We may also use this Other Information for traffic analysis (for example, determining when the most customers are using the Service) and to determine which features within the Service are most or least effective or useful to you. In addition, we may periodically transmit system information to our servers in order to optimize your overall experience with the Service. We may share aggregated and anonymous user experience information with service providers, contractors or other third parties to assist us with improving the Service and user experience, but any shared information will be consistent with Cisco's overall Privacy Statement and will not identify you personally in any way....
Re:FU No Thanks (Score:4, Interesting)
Let me get this straight. They install an "update" on my router that lets them monitor my internet usage - all without my consent?
I'd say it couldn't possibly be that bad...but the I look to what FB does and shake my head. I like their routers, but there is NO CHANCE whatsoever that I will give a 3rd party my entire house's internet browsing history. You couldn't get me to do that if you gave me a free router AND free internet.
Re:FU No Thanks (Score:5, Informative)
Dont forget section 4 of the Terms of Sevice!
4. Your Responsibilities as a Cisco Connect Cloud User
You are responsible for any data that is sent or received by you and/or any other party in connection with your access to and/or use of the Service used in connection with your account. You agree that Cisco will not be liable to you or any others for any loss or damages due to your use of the Service.
As a condition of your use of the Service, you agree that your use of the Service in accordance with the terms and conditions of this Agreement is permitted under and will comply with the applicable laws of the country where you use the Service. You agree not to use or permit the use of the Service: (i) to invade another's privacy; (ii) for obscene, pornographic, or offensive purposes; (iii) to infringe another's rights, including but not limited to any intellectual property rights; (iv) to upload, email or otherwise transmit or make available any unsolicited or unauthorized advertising, promotional materials, spam, junk mail or any other form of solicitation; (v) to transmit or otherwise make available any code or virus, or perform any activity, that could harm or interfere with any device, software, network or service (including this Service); or (vi) to violate, or encourage any conduct that would violate any applicable law or regulation or give rise to civil or criminal liability.
While we are not responsible for any content or data that you choose to access or otherwise use in connection with the Service, we reserve the right to take such action as we (i) deem necessary or (ii) are otherwise required to take by a third party or court of competent jurisdiction, in each case in relation to your access or use or misuse of such content or data. Such action may include, without limitation, discontinuing your use of the Service immediately without prior notice to you, and without refund or compensation to you.
You will indemnify and hold us and Cisco Systems Inc. and its affiliates harmless against any claims, losses or damages arising from any threatened, repudiatory or actual breach by you of the covenants set out in this Section.
As part of the Service, You will be required to create a password that will enable You to use the Service. Your email address and password will be used to validate Your identity in order to access the Service. When You choose a password, choose a unique combination of letters and numbers unrelated to Your or someone else’s identity or to any information that is publicly available or that may be needed by us to provide the Service to You or to others. If you share information related to the Service with others or allow others to access the Service using Your email address and password, you have no expectation of privacy or confidentiality in the personal information you may intentionally or unintentionally disclose. Therefore, please avoid giving access to these materials to others. You agree to notify Cisco immediately of any unauthorized use of your account or password, or any other breach of security.
Unauthorized use of bandwidth (Score:3)
I especially like how they get to keep your Internet history.
This also means they are using bandwidth quota with out notifying the end users before doing so.
Re:FU No Thanks (Score:4, Insightful)
A) This only happens automatically if you have the option for automatic firmware updating checked in your router's config. You lose your geek card & status if you left this option on. Not that I'm saying the average home user (who almost certainly wouldn't know how/why to change this option) deserves to have his/her data snooped, but as a techie, you should know better.
As a techie, I don't have my router using automatic updates (actually, I'm fairly sure my router doesn't have an automatic updates setting, but all the same).
But as the "techie friend/relative", I always tell my friends and family to keep automatic updates turned on. They certainly wouldn't update these things themselves (mostly they barely know how to access their router's admin page), and I'm not going to be doing it for every single one of them. And an un-updated router is an insecure router.
And they don't deserve to be spied on and have their privacy invaded just because they're not very good at network management.
It's not that hard. (Score:4, Informative)
Buy your router from this enormous list which covers a huge range of budgets:
http://wiki.openwrt.org/toh/start [openwrt.org]
Re-Flash it and be done with these folk. This newer firmware is much friendlier than the original OpenWrt you may have tried years back, and if you don't like what it's doing, you get a command prompt and make it do exactly what you want.
Re: (Score:3)
If Cisco is being this monumentally stupid the next step is signed firmware.
You can dump them out of that list in the future.
Re: (Score:3)
Re:It's not that hard. (Score:5, Insightful)
I was in the market for a new router, I now know that my next one will either not be another linksys or it will not be running the stock firmware.
Since most of those who ask me for tech advice might not be up for re-flashing their router I will not be recommending linksys.
So now the question is, what to recommend instead?
Re: (Score:2)
Backdoor (Score:5, Interesting)
Does this mean that Cisco routers, by default, have a backdoor enabled that allows the router to phone home for updates and for Cisco to send them back? None of the routers I've ever used (granted, it's been a while since I've used stock firmware) have ever had any sort of "automatic updates", much less one that's turned on by default.
Re: (Score:2)
My question exactly. Someone would have noticed long ago weird phone-home packets being sent out by Cisco/Linksys routers.
Something missing (Score:2)
Re:Something missing (Score:5, Informative)
As the summary mentions, if you disconnect from the Internet then you can log in locally. However, it looks like most settings are disabled when logging in this way - you presumably have just enough control to get it to reconnect to the Overlords.
Re: (Score:3)
If you are not connected to the internet, your router will allow you to connect to it directly and perform manual configuration... but many options are no longer configurable directly. You will still need to connect via "Cloud Connect" to configure the rest of your settings.
Government (Score:5, Insightful)
Although this is pure speculation, but I have reasonable suspicion as a former employee of Cisco, that this really plays well with law enforcement and other three letter government agencies, having the ability to track all Internet activities. That's all I have to offer on this subject. Be careful.
Re:Government (Score:4, Interesting)
time for a FOIA request to FBI, NSA,DOJ, etc on their contacts with Cisco on t his topic. When shit comes back redacted, if at all, you'll know whats up for sure.
Cisco Routers? (Score:5, Interesting)
That's a large field. Is this just the home routers (the old linksys stuff?) I can't see them doing this on enterprise or core routers. The solution is to put it in bridge mode if it's an ADSL router and do your own NAT, etc. with a BSD/Linux box of some type. Run Zeroshell if you want a nice GUI.
Really, this is slashdot. Leave the provider installs and help desks to the punters. If you're reading this there is no reason you should be running what the ILEC initially installed.
Cisco is getting weird. On one side (enterprise) you have to pay through the nose for updates, on the other (home) you can't avoid them.
Before we get our panties all in a bunch, let's wait for some packet sniffs to see what is really going on. Just because the lawyers put it in the EULA, doesn't mean the coders wrote it.
Re:Cisco Routers? (Score:4, Insightful)
they would not dare do this to enterprise customers. those guys take privacy a wee bit more seriously than home users do. they also have big lawyers and would not hesitate to sue if some unplanned update was forced on them that changed their whole security architecture.
home users don't have big lawyers and so they are defenseless against big corps.
I just can't see why cisco thought this would be a good idea. its got FAIL written all over it and will go down in history as a 'sony rootkit' type event. just wow...
Re: (Score:2)
"on consumer routers" is from the summary.
OH BOY! (Score:5, Interesting)
By the way, my company actually runs some awful piece of crap from Cyberoam but now I'm slightly happier about that. Thanks, cisco.
thank you cisco, (Score:3, Insightful)
when my linksys dies i won't buy one of your products. i'll probably just buy one of the Apple routers. the cost is about the same as your overpriced crap but they will work better with the icrap i already have at home.
i've tried the cheapo routers and they seem flaky
buy soekris hardware instead of cisco hardware (Score:4, Interesting)
get one of these hardware boxes:
http://soekris.com/ [soekris.com]
and run openwall (or whatever you want) on it.
it keeps the money OUT of cisco's hands in both hardware and software. you can trust your hardware (no motivation to do evil spy things on generic pc style hardware) and you can trust your software. no one will force something on you, this way.
my soekris box has been running non-stop (other than moves) for years, literally, 5 years or more. no blown caps, no blown power suplies, no 'china syndrome' electrolytics that are on ALL cisco, netgear, etc style circuit boards) and software that just plain works.
tomato firmware (and similar) are cool, but they require vendor hardware and at this point, I'd just assume NOT give cisco ANY (!) of my money for any hardware of any kind.
Clarifications and Confirmations (Score:5, Informative)
* The Cloud firmware is ONLY for EA2700, EA3500, E4200v2 (not v1) and EA4500 routers. Older routers (E4200v1 or older) will not see this update. These routers shipped with information explaining that Cloud would be released this summer and update to the Cloud firmware when it was released.
* You can prevent this update by turning off "Automatic Updates" in your router. However if you didn't already do this then YES ... disconnect from the Internet before you do anything else. Then go in and turn off the Automatic Updates. Then you can reconnect. Warning: If you've already been upgraded it currently isn't possible to downgrade to the older firmware.
* If you have updated ... you CAN do -some- local router configuration without having internet access. Just go to http://routers/ [routers] LAN IP address]/ while it is disconnected and you will be prompted for the router's local password (usually this will mirror your WiFi password). You will be limited to editing the network settings (LAN, WiFi, etc) and security settings (router password, VPN, firewall, DMZ). Parental controls, Guest Access QoS and USB storage won't be accessible until you are able to log in while the router is online (you'll use your CiscoConnectCloud.com login at this point).
NOTE: If you have an EA2700, EA3500 or EA4500 that shipped with the OLDER firmware (every router out there so far, the new firmware shouldn't appear in new routers for a couple more weeks) and have not set it up yet and WANT the older firmware ... do NOT use the CD setup. Configure it using the traditional web UI while NOT connected to the Internet and turn off Automatic Updates. Again ... this is only for people who do NOT want the Cloud firmware capabilities.
* Just an FYI ... the Cisco Connect Cloud concept allows people to manage and view their home network from anywhere on the internet so long as their router has a connection to the internet. Mobile apps allow your phone to control your home network (manage guest settings, see who is online right now, etc). Additionally it enables a plugin mobile application architecture that our partners can leverage to allow remotely managed network applications. It is an entirely new direction and yes ... it has some kinks ... the biggest ones being forcing this on the user and then limiting their ability to manage their device without it being on the internet. ...
So ... I anticipate a flood of groans about all of this, and I don't disagree with a fair amount of them. Let me make some things clear:
a) Yes, I work for Cisco Linksys.
b) No, I am not speaking directly for Cisco in this post nor am I posting on their behalf (I just wanted to get some quick assistance out there to the people who read this).
c) No, I do not work for the groups (PM, Engineering) that made the decisions to do this update automatically, to not allow you to downgrade, and to not allow you access to your full configuration capability while the router is offline. Which means I can try and funnel your feedback to those groups but I can not force anyone to implement any of it.
d) While I don't like the situations mentioned above in item "c)" ... I -do- like the CiscoConnectCloud.com concept and feel that Cisco will improve it significantly over time.
e) I completely ... 100% ... recognize that the /. audience most likely prefers things like DD-WRT, Tomato, etc (though some will really like the mobile Cloud concept, I do, and I've been around the block a few times at this point). Cisco Linksys is definitely moving more towards the average consumer market instead of the tech adopter market with these products.
f) We do still sell non-Cloud routers, like the E900, E1200 and E2500
Re:Clarifications and Confirmations (Score:5, Interesting)
Well if you work for Cisco Linksys you might want to tell some your lawyers(or drop a strong hint to the middle-management types) to look at this, and quickly before it becomes a major headache. Whoever greenlighted this just violated the privacy act in Canada by automatically tracking web history and pushing this update. I'd hazard a guess in various parts of the EU as well.
Re:Clarifications and Confirmations (Score:5, Informative)
Re:Clarifications and Confirmations (Score:5, Insightful)
Just an FYI ... the Cisco Connect Cloud concept allows people to manage and view their home network from anywhere on the internet so long as their router has a connection to the internet.
Well, I for one got a router in the first place partly because I specifically don't want anybody or anything to manage or view my home network from anywhere outside said network.
I've set it up to disable all such silliness, and I want it to stay that way.
Re:Clarifications and Confirmations (Score:5, Informative)
The information on effected models is incomplete.
My e1000 and e3000 (not listed as Cloud Connect compatible) will no longer allow direct connection and configuration while connected to the internet. They will not accept a connection from the LAN if there is a live cable on the WAN port.
Re: (Score:2)
So can you tell us who at Cisco we should direct the FBI to prosecute for hacking our routers and stealing our data?
Re: (Score:2)
e) I completely ... 100% ... recognize that the /. audience most likely prefers things like DD-WRT, Tomato, etc (though some will really like the mobile Cloud concept, I do, and I've been around the block a few times at this point). Cisco Linksys is definitely moving more towards the average consumer market instead of the tech adopter market with these products.
It should always be an owner choice (just provide a means to load a non-Cloud firmware w/o any need for a Cloud userid, for anyone with physical access to the router that can do a reset-boot). Company philosophy to the contrary means people avoiding the company for other things. Sure, Cisco most likely will not see any dings to high end core router sales. But sales of mid-level stuff that isn't even marketed to SOHO could be affected. And we may well end up prohibiting our telecommute staff from using L
Re: (Score:3)
that will forbid anyone from connecting to our network from home while using a Cisco/Cisco-Linksys/Linksys branded device
The company I work for provides us with laptops with a preconfigured, stronly encrypted VPN installed. These laptops are the only way we can connect to the company network - in the office or not. Our IT department basically assumes that any network or PC outside of the company's network is insecure or otherwise not trustworthy. The VPN allows us safer access while we are working outside the office (for example, at customer or supplier offices - and yes, even us software developers get to go to off-site meet
Re: (Score:3)
You're so completely full of crap.
The only people in companies with 78k employees who can get their legal department to move on such an issue are senior executives.
Senior executives in major corporations do not read /. and even if they did, would not understand the ramifications or might even think them a good idea.
Re: (Score:3)
Under what circumstances would I want to be able to remotely manage my /router/ setup? I honestly cannot think of ANY.
Why would I want to allow ANYTHING OUTSIDE OF MY NETWORK to be able to change my router settings, thus potentially compromising the security of my private network?
Why would I want to use a service which allows uninvolved third parties to track my internet usage without my explicit consent?
Why would I want to use a product which forces this bullshit "opt-out" style upon me?
Until your company
Re: (Score:3)
Because it's The Cloud.
Cisco/Linksys weren't that good anyway (Score:5, Informative)
Cisco had limited what Linksys routers could do as to discourage corporate sales.
There are many better choices than Linksys these days.
The N900 is pretty nice, along with dozens. They're cheap (you can get decent non-cisco routers for $30 on sale)
Just use something else.
Re: (Score:2)
I've always been having troubles with Linksys. I was amazed a "reputable" company like Cisco would manage to position their low end product line at the very bottom of the low end SOHO market. But they did. And now I can't even trust them for the mid-level stuff. I'm now getting ethernet handoffs from upstream, and there are plenty of other choices like these [routerboard.com], or just build it yourself (I have one such router working now in a data center to satisfy IPv6 needs to see a router).
"Supported" Routers (Score:2)
Has anyone found a list of which routers are "supported" by this? I'd like to know if I have to take mine off-line right now.
Do I have a few days to go to openWRT, or do I have to do it today?
The Solution (Score:2)
Install DD-WRT [dd-wrt.com]. Many Cisco routers [dd-wrt.com] are supported.
Boycott Cisco (Score:3)
The last time I posted how Cisco uses their routers to sell our privacy people responded that they were just complying with laws, which I question deeply because of the EXTENT to which they improve and market their eavesdropping capability, and how they constantly boast having a lead in the market in this area, appearing to go far beyond the law.
Now we have this? Really? Someone care to argue they are just complying with CALEA to avoid being sent to guatanamo bay?
Re: (Score:2)
Short-term thinking (Score:5, Insightful)
This is typical of the short-term thinking that is all too common among corporations today. They're throwing away their credibility with professional users – you know, the ones who buy the expensive Cisco gear that generates most of their profits – so they can grab a few quick bucks by data-mining the consumer market. How many network administrators are going to hear about this and rule out Cisco for future consideration? Keep in mind that the silent and unprompted nature of the update implies that there already was a back door into the routers, even before this recent change. And I don't think that Cisco can cleanly separate its credibility in the home and enterprise markets, even if this is what they're planning to do.
Re:Short-term thinking (Score:5, Interesting)
Re: (Score:3)
"For a perfect example, read the Harvard business cases on Black & Decker, and how they tried to do the same thing and completely destroyed their brand name for professionals."
Great info! As an equipment geek, I thank you for that post.
I wondered why they polluted their old line of gear with consumer shit.
uwf.edu/hbettisoutland/Black%20&%20Decker.pdf
FU Cisco.... (Score:2)
I set up networks for home/small business locally and have always recommended Linksys routers, along with Tomato firmware. I also come from a 20+ year background of network support, where I ALWAYS used/recommended Cisco. I was pretty happy when Cisco acquired Linksys, and until NOW, had been reasonably pleased with where Cisco was taking Linksys. THIS Orwellian crap by Cisco terminates ANY recommendation by me for ANYTHING from Cisco. Yeah.. I realize I'm but one, but from what I'm seeing here on Slashdot a
No more Cisco/Linksys products (Score:3)
I'll never buy another Linksys product. I don't want remote administration from the public internet side of a router.
I already use Sonic.net DSL, one of the last of the independent ISPs - no filtering, no proxying, net-neutral, no quotas. Just bits.
I wonder if we could organize a 'burn router day'? (Score:3)
I remember when there was enough hate toward microsoft that we had protests in front of the MS offices (windows refund EULA events and such).
there have been other protests with people carrying signs (etc) when we feel we've been wronged and need to make our view clear to the corps.
I wonder if people feel bad enough about this to organize a day where we take our ciscos, bring them to some parking lot and destroy them. get the press to cover it and explain WHY we are doing it.
maybe even do it in the parking lots of best buy, frys, microcenter and places that sell cisco gear to consumers.
wouldn't that be grand?! imagine group 'burn-ins' (lol) where we destroy the cisco gear, thus saving unsuspecting end users from having to deal with this crap. and mostly it would be to make a statement and get some press coverage. unless there is public visibility in this, cisco won't be shamed enough.
Verizon has been doing it for ages. (Score:5, Informative)
Re:Verizon has been doing it for ages. (Score:5, Insightful)
This is different for two main reasons:
1) Verizon is your ISP. They already see all your internet traffic. That's just the way ISPs work. Cisco did not previously have access to any information about your internet traffic (and, btw, considering their stated goals of their cloud system, there does not seem to be a reason for them to have access to it now).
2) The problem is not automatic updates. It's the dramatic change in your relationship with Cisco and how your router operates that is the problem. Automatic updates, if they were just bug fixes and feature upgrades, sound like a good thing.
Re: (Score:2)
It violates human rights. Cisco has no business tracking user history. Federal law? Privacy law? I hope they throw the book at them. What churl.
Who do they think they are, Oracle or Google???
Re: (Score:2)
Verizon uses the crappy Westell which has the cable connection and has to be on the front of your network. They too restrict what you can do in it.
Re:Carriers? (Score:5, Informative)
This only affects a very small number (4) of the Linksys consumer routers and only the ones currently on the shelves. Not big Cisco routers, not Cisco SPVTG routers, not Cisco SMB routers and not even all Linksys routers.
Re:Carriers? (Score:5, Insightful)
Re: (Score:2)
Re: (Score:3, Funny)
Re: (Score:3)
This is for consumer grade Linksys junk, not enterprise. Cisco may be dumb, but hopefully not THAT dumb
Home users may not know that Cisco = Linksys, but network administrators do. And I don't think most people are going to be very confident that a company that already screwed over one large portion of its user base in this way wouldn't do the same to the other part if it thought it could get away with it.