Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Networking Privacy Your Rights Online

Cisco Pushing 'Cloud Connect' Router Firmware, Allows Web History Tracking 351

Myrv writes "Reports have started popping up that Cisco is pushing out and automatically (without permission) installing their new Cloud Connect firmware on consumer routers. The new firmware removes the user's ability to login and administer the router locally. You now must configure the router using Cisco's Cloud connect service. If that wasn't bad enough, the fine print for this new service allows Cisco to track your complete internet history. Currently, it appears the only way to disable the Cloud Connect service is to unplug your router from the internet."
This discussion has been archived. No new comments can be posted.

Cisco Pushing 'Cloud Connect' Router Firmware, Allows Web History Tracking

Comments Filter:
  • by Anonymous Coward on Friday June 29, 2012 @10:37AM (#40494589)

    1. Unplug router
    2. Open garbage can lid
    3. Insert router
    4. Close garbage can lid
    5. Purchase new router

    That shit? Fuck it.

    • by alphatel ( 1450715 ) * on Friday June 29, 2012 @10:39AM (#40494611)
      or Tomato [polarcloud.com], or DD wrt [dd-wrt.com]
    • by plover ( 150551 ) * on Friday June 29, 2012 @11:05AM (#40495017) Homepage Journal

      So who just plugs in a firewall/router and starts using it out of the box without changing the password and checking over all the settings?

      Under the Administration / Management tab, you'll find a radio button clearly marked "Remote Management", and beneath that settings for Remote Upgrade. The day I installed it I discovered remote management was enabled by default, so I immediately set it to disabled. I remember thinking "My god, that's f*ing stupid! Who would ever want to expose router management to the wild side?" Apparently this answers my question.

      Anyway, for anyone here who is outraged that their router has been pwnd by Cisco, SHAME ON YOU for not securing your own damn router yourself before hanging it on the intarwebs!

      • by symbolset ( 646467 ) * on Friday June 29, 2012 @11:12AM (#40495093) Journal
        I guess the question to ask yourself is, if a company would do this then what would that checkbox do?
      • by JDG1980 ( 2438906 ) on Friday June 29, 2012 @11:16AM (#40495159)

        So who just plugs in a firewall/router and starts using it out of the box without changing the password and checking over all the settings?

        Average users.

        Under the Administration / Management tab, you'll find a radio button clearly marked "Remote Management", and beneath that settings for Remote Upgrade. The day I installed it I discovered remote management was enabled by default, so I immediately set it to disabled. I remember thinking "My god, that's f*ing stupid! Who would ever want to expose router management to the wild side?" Apparently this answers my question.

        This should never have been enabled by default. It's terrible security practice: the default settings should be as secure as is reasonably possible, and any loosening of those settings should have to be explicitly approved by the user/administrator. This is especially true on a consumer focused product that many users aren't going to be configuring at all.

        • by plover ( 150551 ) * on Friday June 29, 2012 @11:26AM (#40495295) Homepage Journal

          I know exactly why Cisco did it, so they could remotely administer routers for "average users". That's not necessarily a terrible thing.

          My complaint is with technical people, such as the fine folks lurking here on slashdot, accepting any security device's defaults without checking them over. It's not like it requires arcane knowledge to look at the configuration screens; it just takes a mouse. You don't have to find a bunch of settings in a README.TXT file from some random website to know what you're looking for, or pull up a wiki page to explain what you're seeing. It's a button on a GUI screen that's clearly screaming out "LET SOMEONE ELSE RANDOMLY MESS AROUND WITH YOUR SECURITY", and these supposedly technical people left it checked. I clearly have no sympathy for them.

          • by contrapunctus ( 907549 ) on Friday June 29, 2012 @12:57PM (#40496715)

            I know exactly why Cisco did it, so they could remotely administer routers for "average users". That's not necessarily a terrible thing.

            But why do they need browsing history?

            • by 6ULDV8 ( 226100 )

              How else will they find the good porn?

            • by Jeng ( 926980 ) on Friday June 29, 2012 @02:54PM (#40498359)

              Marketing Marketing Marketing

              Doesn't matter if it is useful data since Marketing believes that if they have enough data about you that they will be able to create the perfect ad to make you buy a product that you really are not interested in buying.

            • by plover ( 150551 ) *

              But why do they need browsing history?

              I don't know that they are planning on scraping everyone's browser history. However, because the software can serve as a web proxy, and as such it would have URLs flow through its memory. Technically, someone who saw that information in memory (say in a swap file) would have access to at least some of your "internet history", which this disclaimer would cover.

              However, because the disclaimer is so broad, it gives them license to stuff every URL you surf to into their corporate databases, and hold onto it f

      • by DJRumpy ( 1345787 ) on Friday June 29, 2012 @11:17AM (#40495173)

        I told my parents they should be ashamed. They first wanted to know what pwnd meant and if it involved urination. Then then wanted to know what Remote Management meant and how they get it. They looked for a radio button on the router, but couldn't find any stations they liked to listen to, and when they tried to dial the radio button, the antenna fell off.

        They weren't worried about the interwebs though, as they were sure they had a floppy for it in their desk drawer...

      • And what would you do if the next upgrade checks this option automatically, and FORBIDS you to uncheck it? I know i know, you would not install any upgrades at all......
        • by plover ( 150551 ) *

          Actually, I'm seriously considering upgrading it. I want to make sure that any needed security patches are in place. But before I do, I will confirm that's it's not the case that remote management is mandatory.

          On the brighter side, mine is an E4200.V1, which is supported by dd-wrt. Should someone discover a bug that they will not provide a secure remote-less upgrade for, I will simply replace the firmware.

      • SNMPv3 can have its own users configured, and you can use it to push out a firmware. So changing the default login info wouldn't matter if they created an SNMPv3 user to push out the firmware to your system since it would exist outside of the firmware authentication.
      • by UnderCoverPenguin ( 1001627 ) on Friday June 29, 2012 @11:32AM (#40495363)

        So who just plugs in a firewall/router and starts using it out of the box without changing the password and checking over all the settings?

        You presume that disabling remote management and automatic updates actually proevents the vendor from remote access to your router.

        I did disable automatic updates and remote management. Having just found out about this, I will find out this evening whether they pwned my E3000

      • by cant_get_a_good_nick ( 172131 ) on Friday June 29, 2012 @11:40AM (#40495491)

        ho? Normal people, who don't have computers skills. People who don't know a firewall from Firefox would. It seems you damn them to hell.

        Ok, so you know these things. My uncle, who was a CFO for a Fortune 500 company, doesn't know. Is he stupid? No, he just is as clueless about firewall and remote management as you would be about FASB157 and how you need to restructure your portfolio to comply. Are you saying that he shouldn't be on the Internet?

        I know a bit about cars, I've changed oil, fixed a EGR valve, some very minimal carburetor work, but I couldn't do a tune-up on a modern car to save my life. I don't have the tools, nor the specialty. My wife knows less than I do. I don't know how to set up my fuel injector ratios, should we not drive? No, we trust the people who made our car and those who tune up our car (we're lucky we have a very good mechanic) to fix as needed. In the case of our car, we're literally putting our lives in Baykar's very capable hands.

        We (collective we) hoped that we could trust Cisco to be trustworthy as well. For it to have capable, safe defaults for the vast majority of newbies that don't know better, and the opportunity for experts to customize. This faith in Cisco seems to be misplaced. Apple is selling billions of dollars of hardware because they understand this, that people don't know everything, and they just want things to work.

        • by epyT-R ( 613989 ) on Friday June 29, 2012 @02:00PM (#40497605)

          Just because you don't know how to retool a lock doesn't mean you should hand the keys over to the state.

  • Last post! (Score:5, Funny)

    by fotoguzzi ( 230256 ) on Friday June 29, 2012 @10:37AM (#40494593)
    Have to disconnect my router.
  • wow (Score:5, Insightful)

    by v1 ( 525388 ) on Friday June 29, 2012 @10:38AM (#40494603) Homepage Journal

    that's all I can say really. This sounds worse than sony's disabling of features in a firmware update. Only this one you can't just not do. (and deal with the consequences of not being up to date)

    But I bet this one gets sufficient backlash to require them to backpedal. Significantly altering the behavior of a purchased product by remote control, without opt-out. Arguably illegal?

    • UK has some law called something like the Misuse of Computers Act that might apply.
    • Maybe this is Cisco's way of pushing alternative firmwares (DD-WRT, Tomato, etc). It's actually a cleverly disguised advertisement for open source alternatives.

    • It's incredibly dumb. Even without the whole spying on your history thing, what happens if you misconfigure your router? How do they expect you to fix the configuration when you lose your internet connection? Not everyone has a smartphone.

      • As the last line of the summary mentions, if you disconnect from the Internet then you'll be able to log in locally. However, one of the posts in the link in the summary says that many of the features are disabled when logging in that way.

    • Re:wow (Score:5, Insightful)

      by torkus ( 1133985 ) on Friday June 29, 2012 @10:45AM (#40494721)

      Not to mention I didn't even click-through an EULA on that router that could get them an idea they have some kind of "right".

      It's MY router, I bought it. and it's not some quasi-goods digital product. This is a physical item. You want to back-door my router and install crippled firmware? I'll sign up with the class action if this is the case.

      I don't want anyone *at all* to be able to update my router from the internet (or WiFi for that matter). In fact, almost every router has remote (i.e. internet) side administration disabled for obvious security reasons. Now they include the word 'cloud' and it's OK?

      Hell, this isn't even cloud architecture anyway. It's just a web-based (pseudo-remote) remote administration tool. You'd think Cisco of all people would understand that.

      Then I see things like this and can't help but smile at the "progress" :
      Re: EA4500: weird login screen; can't login
      Options
      06-26-2012 05:10 PM

      I found a hole... Dynamic DNS password is displayed in plain text

      • It's MY router, I bought it. and it's not some quasi-goods digital product. This is a physical item. You want to back-door my router and install crippled firmware? I'll sign up with the class action if this is the case.

        This should not be a class-action (civil) issue; this should be a hacking and data theft (criminal) issue with the people responsible ending up in Federal prison!

      • Re:wow (Score:5, Funny)

        by girlintraining ( 1395911 ) on Friday June 29, 2012 @11:16AM (#40495151)

        It's MY router, I bought it. and it's not some quasi-goods digital product. This is a physical item.

        The firmware remains the property of the company. It's software. Therefore, you don't own it. Of course, without firmware, it's useless, but I doubt you'll get many judges to sign on with the idea that you own the firmware too. Thank you copyright law.

        I'll sign up with the class action if this is the case.

        Your terms of service have been patched. That option was removed by v43 of SCOTUS. It was a mandatory update to legal.sys. You'll have to use the legacy mode 'civil_action' after setting has_lawyer to true and extra_money to lots. Be aware, the legacy mode is really buggy; It produces different results depending on the locale set during install. Enabling it also occasionally causes the processor and memory to jump to 100% utilization and the I/O is doggedly slow.

        Hell, this isn't even cloud architecture anyway. It's just a web-based (pseudo-remote) remote administration tool. You'd think Cisco of all people would understand that.

        Cisco engineers do. Cisco marketing does not. Cisco marketing sees the value of having a complete web browsing history of a substantial cross-section of the world, and has chosen to leverage that to increase profits post-SCOTUS patch, and since the CEO and the board signed a legally binding agreement to maximize profits, the engineers had no choice. You should welcome your capitalist overlords, and as a IT worker, you can help increase their efficiency as they enslave others in their salt mines.

    • Re:wow (Score:5, Interesting)

      by TheGratefulNet ( 143330 ) on Friday June 29, 2012 @10:54AM (#40494865)

      good comment from a user post:


      No persuasian needed. Seriously. The engineer was great and you could TELL he was sincerely apologetic about the issues. I asked him about the whole incident, and he basically hinted at a little war going on within Cisco and the final decision to go ahead with updating people like this was upper management, where the lower pay grades tried hard and fought against the way they did things.

      The Engineer simply sent me to a link, the one that is already listed in these threads and gave me instructions on how to revert back to the older firmware with the caveat (and he was apologetic about it - again I could tell he really was sincere) that the old firmware cant be supported. He then proceeded to give me his email address (which I wont give out, sorry) and told me to feel free to contact him with any issues I have. Very cool, very professional, and sincerely apologetic.

      I asked if they were being inundated with calls, his simple reply was a sigh and "you have no idea......"

      from a user called 'markdr'.

      this pretty much sums up the situation, I would guess. the regular guys who write code were not for this but some idiot mgr upstream pushed for it.

      I feel sorry for the real engineers there who are forced to do bullshit tasks that they KNOW will piss off their users. I hate this side of software eng. evilness of top level mgrs usually end up winning ;(

  • FU No Thanks (Score:5, Informative)

    by Hangtime ( 19526 ) on Friday June 29, 2012 @10:42AM (#40494661) Homepage

    http://www.cisco.com/web/siteassets/legal/connect_cloud_supp.html [cisco.com]

    I especially like how they get to keep your Internet history. Why do you think this is a good idea Cisco?

    Your new Cloud Connect contract ...When you use the Service, we may keep track of certain information related to your use of the Service, including but not limited to the status and health of your network and networked products; which apps relating to the Service you are using; which features you are using within the Service infrastructure; network traffic (e.g., megabytes per hour); Internet history; how frequently you encounter errors on the Service system and other related information ("Other Information"). We use this Other Information to help us quickly and efficiently respond to inquiries and requests, and to enhance or administer our overall Service for our customers. We may also use this Other Information for traffic analysis (for example, determining when the most customers are using the Service) and to determine which features within the Service are most or least effective or useful to you. In addition, we may periodically transmit system information to our servers in order to optimize your overall experience with the Service. We may share aggregated and anonymous user experience information with service providers, contractors or other third parties to assist us with improving the Service and user experience, but any shared information will be consistent with Cisco's overall Privacy Statement and will not identify you personally in any way....

    • Re:FU No Thanks (Score:4, Interesting)

      by torkus ( 1133985 ) on Friday June 29, 2012 @10:59AM (#40494923)

      Let me get this straight. They install an "update" on my router that lets them monitor my internet usage - all without my consent?

      I'd say it couldn't possibly be that bad...but the I look to what FB does and shake my head. I like their routers, but there is NO CHANCE whatsoever that I will give a 3rd party my entire house's internet browsing history. You couldn't get me to do that if you gave me a free router AND free internet.

    • Re:FU No Thanks (Score:5, Informative)

      by Local ID10T ( 790134 ) <ID10T.L.USER@gmail.com> on Friday June 29, 2012 @11:00AM (#40494935) Homepage

      Dont forget section 4 of the Terms of Sevice!

      4. Your Responsibilities as a Cisco Connect Cloud User

      You are responsible for any data that is sent or received by you and/or any other party in connection with your access to and/or use of the Service used in connection with your account. You agree that Cisco will not be liable to you or any others for any loss or damages due to your use of the Service.

      As a condition of your use of the Service, you agree that your use of the Service in accordance with the terms and conditions of this Agreement is permitted under and will comply with the applicable laws of the country where you use the Service. You agree not to use or permit the use of the Service: (i) to invade another's privacy; (ii) for obscene, pornographic, or offensive purposes; (iii) to infringe another's rights, including but not limited to any intellectual property rights; (iv) to upload, email or otherwise transmit or make available any unsolicited or unauthorized advertising, promotional materials, spam, junk mail or any other form of solicitation; (v) to transmit or otherwise make available any code or virus, or perform any activity, that could harm or interfere with any device, software, network or service (including this Service); or (vi) to violate, or encourage any conduct that would violate any applicable law or regulation or give rise to civil or criminal liability.

      While we are not responsible for any content or data that you choose to access or otherwise use in connection with the Service, we reserve the right to take such action as we (i) deem necessary or (ii) are otherwise required to take by a third party or court of competent jurisdiction, in each case in relation to your access or use or misuse of such content or data. Such action may include, without limitation, discontinuing your use of the Service immediately without prior notice to you, and without refund or compensation to you.

      You will indemnify and hold us and Cisco Systems Inc. and its affiliates harmless against any claims, losses or damages arising from any threatened, repudiatory or actual breach by you of the covenants set out in this Section.

      As part of the Service, You will be required to create a password that will enable You to use the Service. Your email address and password will be used to validate Your identity in order to access the Service. When You choose a password, choose a unique combination of letters and numbers unrelated to Your or someone else’s identity or to any information that is publicly available or that may be needed by us to provide the Service to You or to others. If you share information related to the Service with others or allow others to access the Service using Your email address and password, you have no expectation of privacy or confidentiality in the personal information you may intentionally or unintentionally disclose. Therefore, please avoid giving access to these materials to others. You agree to notify Cisco immediately of any unauthorized use of your account or password, or any other breach of security.

    • I especially like how they get to keep your Internet history.

      This also means they are using bandwidth quota with out notifying the end users before doing so.

  • It's not that hard. (Score:4, Informative)

    by Art Popp ( 29075 ) * on Friday June 29, 2012 @10:43AM (#40494671)

    Buy your router from this enormous list which covers a huge range of budgets:

    http://wiki.openwrt.org/toh/start [openwrt.org]

    Re-Flash it and be done with these folk. This newer firmware is much friendlier than the original OpenWrt you may have tried years back, and if you don't like what it's doing, you get a command prompt and make it do exactly what you want.

    • by EdIII ( 1114411 )

      If Cisco is being this monumentally stupid the next step is signed firmware.

      You can dump them out of that list in the future.

      • Then we can dump them out of my list of companies whose products I buy, recommend to others, or neglect to give negative reviews to.
        • by Jeng ( 926980 ) on Friday June 29, 2012 @11:07AM (#40495037)

          I was in the market for a new router, I now know that my next one will either not be another linksys or it will not be running the stock firmware.

          Since most of those who ask me for tech advice might not be up for re-flashing their router I will not be recommending linksys.

          So now the question is, what to recommend instead?

        • Already done. A cisco router will never touch my consumer sites again.
  • Backdoor (Score:5, Interesting)

    by SJHillman ( 1966756 ) on Friday June 29, 2012 @10:43AM (#40494679)

    Does this mean that Cisco routers, by default, have a backdoor enabled that allows the router to phone home for updates and for Cisco to send them back? None of the routers I've ever used (granted, it's been a while since I've used stock firmware) have ever had any sort of "automatic updates", much less one that's turned on by default.

    • by Nutria ( 679911 )

      My question exactly. Someone would have noticed long ago weird phone-home packets being sent out by Cisco/Linksys routers.

  • So if my router can't get to the Internet (my static IP changed or something), and I can't log in locally to the router, how do I configure it? Surely we are missing part of the story.
    • Re:Something missing (Score:5, Informative)

      by SJHillman ( 1966756 ) on Friday June 29, 2012 @10:50AM (#40494797)

      As the summary mentions, if you disconnect from the Internet then you can log in locally. However, it looks like most settings are disabled when logging in this way - you presumably have just enough control to get it to reconnect to the Overlords.

    • If you are not connected to the internet, your router will allow you to connect to it directly and perform manual configuration... but many options are no longer configurable directly. You will still need to connect via "Cloud Connect" to configure the rest of your settings.

  • Government (Score:5, Insightful)

    by Anonymous Coward on Friday June 29, 2012 @10:47AM (#40494761)

    Although this is pure speculation, but I have reasonable suspicion as a former employee of Cisco, that this really plays well with law enforcement and other three letter government agencies, having the ability to track all Internet activities. That's all I have to offer on this subject. Be careful.

  • Cisco Routers? (Score:5, Interesting)

    by Nethead ( 1563 ) <joe@nethead.com> on Friday June 29, 2012 @10:48AM (#40494779) Homepage Journal

    That's a large field. Is this just the home routers (the old linksys stuff?) I can't see them doing this on enterprise or core routers. The solution is to put it in bridge mode if it's an ADSL router and do your own NAT, etc. with a BSD/Linux box of some type. Run Zeroshell if you want a nice GUI.

    Really, this is slashdot. Leave the provider installs and help desks to the punters. If you're reading this there is no reason you should be running what the ILEC initially installed.

    Cisco is getting weird. On one side (enterprise) you have to pay through the nose for updates, on the other (home) you can't avoid them.

    Before we get our panties all in a bunch, let's wait for some packet sniffs to see what is really going on. Just because the lawyers put it in the EULA, doesn't mean the coders wrote it.

    • Re:Cisco Routers? (Score:4, Insightful)

      by TheGratefulNet ( 143330 ) on Friday June 29, 2012 @11:00AM (#40494939)

      they would not dare do this to enterprise customers. those guys take privacy a wee bit more seriously than home users do. they also have big lawyers and would not hesitate to sue if some unplanned update was forced on them that changed their whole security architecture.

      home users don't have big lawyers and so they are defenseless against big corps.

      I just can't see why cisco thought this would be a good idea. its got FAIL written all over it and will go down in history as a 'sony rootkit' type event. just wow...

    • by grub ( 11606 )

      "on consumer routers" is from the summary.
  • OH BOY! (Score:5, Interesting)

    by slashmydots ( 2189826 ) on Friday June 29, 2012 @10:50AM (#40494795)
    Wooo, a gigantic web-based backdoor with unknown remote login methods and an interception of all internet history tied directly to my company's cisco account with all our personally identifiable information?! WHERE CAN I GET ONE?! And by one, I mean the phone number for the account cancellation department.

    By the way, my company actually runs some awful piece of crap from Cyberoam but now I'm slightly happier about that. Thanks, cisco.
  • thank you cisco, (Score:3, Insightful)

    by alen ( 225700 ) on Friday June 29, 2012 @10:50AM (#40494801)

    when my linksys dies i won't buy one of your products. i'll probably just buy one of the Apple routers. the cost is about the same as your overpriced crap but they will work better with the icrap i already have at home.

    i've tried the cheapo routers and they seem flaky

    • by TheGratefulNet ( 143330 ) on Friday June 29, 2012 @11:07AM (#40495045)

      get one of these hardware boxes:

      http://soekris.com/ [soekris.com]

      and run openwall (or whatever you want) on it.

      it keeps the money OUT of cisco's hands in both hardware and software. you can trust your hardware (no motivation to do evil spy things on generic pc style hardware) and you can trust your software. no one will force something on you, this way.

      my soekris box has been running non-stop (other than moves) for years, literally, 5 years or more. no blown caps, no blown power suplies, no 'china syndrome' electrolytics that are on ALL cisco, netgear, etc style circuit boards) and software that just plain works.

      tomato firmware (and similar) are cool, but they require vendor hardware and at this point, I'd just assume NOT give cisco ANY (!) of my money for any hardware of any kind.

  • by Jahf ( 21968 ) on Friday June 29, 2012 @10:50AM (#40494807) Journal

    * The Cloud firmware is ONLY for EA2700, EA3500, E4200v2 (not v1) and EA4500 routers. Older routers (E4200v1 or older) will not see this update. These routers shipped with information explaining that Cloud would be released this summer and update to the Cloud firmware when it was released.

    * You can prevent this update by turning off "Automatic Updates" in your router. However if you didn't already do this then YES ... disconnect from the Internet before you do anything else. Then go in and turn off the Automatic Updates. Then you can reconnect. Warning: If you've already been upgraded it currently isn't possible to downgrade to the older firmware.

    * If you have updated ... you CAN do -some- local router configuration without having internet access. Just go to http://routers/ [routers] LAN IP address]/ while it is disconnected and you will be prompted for the router's local password (usually this will mirror your WiFi password). You will be limited to editing the network settings (LAN, WiFi, etc) and security settings (router password, VPN, firewall, DMZ). Parental controls, Guest Access QoS and USB storage won't be accessible until you are able to log in while the router is online (you'll use your CiscoConnectCloud.com login at this point).

    NOTE: If you have an EA2700, EA3500 or EA4500 that shipped with the OLDER firmware (every router out there so far, the new firmware shouldn't appear in new routers for a couple more weeks) and have not set it up yet and WANT the older firmware ... do NOT use the CD setup. Configure it using the traditional web UI while NOT connected to the Internet and turn off Automatic Updates. Again ... this is only for people who do NOT want the Cloud firmware capabilities.

    * Just an FYI ... the Cisco Connect Cloud concept allows people to manage and view their home network from anywhere on the internet so long as their router has a connection to the internet. Mobile apps allow your phone to control your home network (manage guest settings, see who is online right now, etc). Additionally it enables a plugin mobile application architecture that our partners can leverage to allow remotely managed network applications. It is an entirely new direction and yes ... it has some kinks ... the biggest ones being forcing this on the user and then limiting their ability to manage their device without it being on the internet. ...

    So ... I anticipate a flood of groans about all of this, and I don't disagree with a fair amount of them. Let me make some things clear:

    a) Yes, I work for Cisco Linksys.

    b) No, I am not speaking directly for Cisco in this post nor am I posting on their behalf (I just wanted to get some quick assistance out there to the people who read this).

    c) No, I do not work for the groups (PM, Engineering) that made the decisions to do this update automatically, to not allow you to downgrade, and to not allow you access to your full configuration capability while the router is offline. Which means I can try and funnel your feedback to those groups but I can not force anyone to implement any of it.

    d) While I don't like the situations mentioned above in item "c)" ... I -do- like the CiscoConnectCloud.com concept and feel that Cisco will improve it significantly over time.

    e) I completely ... 100% ... recognize that the /. audience most likely prefers things like DD-WRT, Tomato, etc (though some will really like the mobile Cloud concept, I do, and I've been around the block a few times at this point). Cisco Linksys is definitely moving more towards the average consumer market instead of the tech adopter market with these products.

    f) We do still sell non-Cloud routers, like the E900, E1200 and E2500

    • Well if you work for Cisco Linksys you might want to tell some your lawyers(or drop a strong hint to the middle-management types) to look at this, and quickly before it becomes a major headache. Whoever greenlighted this just violated the privacy act in Canada by automatically tracking web history and pushing this update. I'd hazard a guess in various parts of the EU as well.

      • by Anonymous Coward on Friday June 29, 2012 @11:02AM (#40494987)
        This is also illegal in Victoria and New South Wales in Australia, I know this because the last company I worked at did a remarkably similar move with their network security products and got sued and fined. What on earth was Cisco thinking with this...
    • by Waffle Iron ( 339739 ) on Friday June 29, 2012 @11:12AM (#40495101)

      Just an FYI ... the Cisco Connect Cloud concept allows people to manage and view their home network from anywhere on the internet so long as their router has a connection to the internet.

      Well, I for one got a router in the first place partly because I specifically don't want anybody or anything to manage or view my home network from anywhere outside said network.

      I've set it up to disable all such silliness, and I want it to stay that way.

    • by Local ID10T ( 790134 ) <ID10T.L.USER@gmail.com> on Friday June 29, 2012 @11:14AM (#40495121) Homepage

      The information on effected models is incomplete.

      My e1000 and e3000 (not listed as Cloud Connect compatible) will no longer allow direct connection and configuration while connected to the internet. They will not accept a connection from the LAN if there is a live cable on the WAN port.

    • So can you tell us who at Cisco we should direct the FBI to prosecute for hacking our routers and stealing our data?

    • by Skapare ( 16644 )

      e) I completely ... 100% ... recognize that the /. audience most likely prefers things like DD-WRT, Tomato, etc (though some will really like the mobile Cloud concept, I do, and I've been around the block a few times at this point). Cisco Linksys is definitely moving more towards the average consumer market instead of the tech adopter market with these products.

      It should always be an owner choice (just provide a means to load a non-Cloud firmware w/o any need for a Cloud userid, for anyone with physical access to the router that can do a reset-boot). Company philosophy to the contrary means people avoiding the company for other things. Sure, Cisco most likely will not see any dings to high end core router sales. But sales of mid-level stuff that isn't even marketed to SOHO could be affected. And we may well end up prohibiting our telecommute staff from using L

    • by sstamps ( 39313 )

      Under what circumstances would I want to be able to remotely manage my /router/ setup? I honestly cannot think of ANY.

      Why would I want to allow ANYTHING OUTSIDE OF MY NETWORK to be able to change my router settings, thus potentially compromising the security of my private network?

      Why would I want to use a service which allows uninvolved third parties to track my internet usage without my explicit consent?

      Why would I want to use a product which forces this bullshit "opt-out" style upon me?

      Until your company

  • by tkrotchko ( 124118 ) on Friday June 29, 2012 @10:52AM (#40494833) Homepage

    Cisco had limited what Linksys routers could do as to discourage corporate sales.

    There are many better choices than Linksys these days.

    The N900 is pretty nice, along with dozens. They're cheap (you can get decent non-cisco routers for $30 on sale)

    Just use something else.

    • by Skapare ( 16644 )

      I've always been having troubles with Linksys. I was amazed a "reputable" company like Cisco would manage to position their low end product line at the very bottom of the low end SOHO market. But they did. And now I can't even trust them for the mid-level stuff. I'm now getting ethernet handoffs from upstream, and there are plenty of other choices like these [routerboard.com], or just build it yourself (I have one such router working now in a data center to satisfy IPv6 needs to see a router).

  • Has anyone found a list of which routers are "supported" by this? I'd like to know if I have to take mine off-line right now.

    Do I have a few days to go to openWRT, or do I have to do it today?

  • Install DD-WRT [dd-wrt.com]. Many Cisco routers [dd-wrt.com] are supported.

  • The last time I posted how Cisco uses their routers to sell our privacy people responded that they were just complying with laws, which I question deeply because of the EXTENT to which they improve and market their eavesdropping capability, and how they constantly boast having a lead in the market in this area, appearing to go far beyond the law.

    Now we have this? Really? Someone care to argue they are just complying with CALEA to avoid being sent to guatanamo bay?

    • All right, I'm in. Just on principle, I'm not buying any more Linksys/Cisco hardware until this gets reversed. On the slightly brighter side, this looks like multiple class action lawsuits waiting to happen.
  • by JDG1980 ( 2438906 ) on Friday June 29, 2012 @11:14AM (#40495117)

    This is typical of the short-term thinking that is all too common among corporations today. They're throwing away their credibility with professional users – you know, the ones who buy the expensive Cisco gear that generates most of their profits – so they can grab a few quick bucks by data-mining the consumer market. How many network administrators are going to hear about this and rule out Cisco for future consideration? Keep in mind that the silent and unprompted nature of the update implies that there already was a back door into the routers, even before this recent change. And I don't think that Cisco can cleanly separate its credibility in the home and enterprise markets, even if this is what they're planning to do.

    • by captaindomon ( 870655 ) on Friday June 29, 2012 @11:36AM (#40495445)
      This is right on. The problem Cisco doesn't realize they have is that most of these cheap home routers are maintained by people that also make decisions for purchase on the enterprise side. When Grandma needs to buy a router, she doesn't buy one, she has her nephew (who is so cute and knows so much about computers!) to buy it for her. Her nephew also works in enterprise IT, in many cases. For a perfect example, read the Harvard business cases on Black & Decker, and how they tried to do the same thing and completely destroyed their brand name for professionals.
      • "For a perfect example, read the Harvard business cases on Black & Decker, and how they tried to do the same thing and completely destroyed their brand name for professionals."

        Great info! As an equipment geek, I thank you for that post.

        I wondered why they polluted their old line of gear with consumer shit.

        uwf.edu/hbettisoutland/Black%20&%20Decker.pdf

  • I set up networks for home/small business locally and have always recommended Linksys routers, along with Tomato firmware. I also come from a 20+ year background of network support, where I ALWAYS used/recommended Cisco. I was pretty happy when Cisco acquired Linksys, and until NOW, had been reasonably pleased with where Cisco was taking Linksys. THIS Orwellian crap by Cisco terminates ANY recommendation by me for ANYTHING from Cisco. Yeah.. I realize I'm but one, but from what I'm seeing here on Slashdot a

  • by Animats ( 122034 ) on Friday June 29, 2012 @11:35AM (#40495411) Homepage

    I'll never buy another Linksys product. I don't want remote administration from the public internet side of a router.

    I already use Sonic.net DSL, one of the last of the independent ISPs - no filtering, no proxying, net-neutral, no quotas. Just bits.

  • I remember when there was enough hate toward microsoft that we had protests in front of the MS offices (windows refund EULA events and such).

    there have been other protests with people carrying signs (etc) when we feel we've been wronged and need to make our view clear to the corps.

    I wonder if people feel bad enough about this to organize a day where we take our ciscos, bring them to some parking lot and destroy them. get the press to cover it and explain WHY we are doing it.

    maybe even do it in the parking lots of best buy, frys, microcenter and places that sell cisco gear to consumers.

    wouldn't that be grand?! imagine group 'burn-ins' (lol) where we destroy the cisco gear, thus saving unsuspecting end users from having to deal with this crap. and mostly it would be to make a statement and get some press coverage. unless there is public visibility in this, cisco won't be shamed enough.

  • by 140Mandak262Jamuna ( 970587 ) on Friday June 29, 2012 @12:29PM (#40496283) Journal
    All routers supplied by Verizon for FiOS service has a WAN side log-in port open, and they install firmware upgrades and you can do nothing about it. If you want FiOS you have to let them do whatever they want with the bits coming of the router at their end.
    • by Chuckstar ( 799005 ) on Friday June 29, 2012 @02:11PM (#40497753)

      This is different for two main reasons:

      1) Verizon is your ISP. They already see all your internet traffic. That's just the way ISPs work. Cisco did not previously have access to any information about your internet traffic (and, btw, considering their stated goals of their cloud system, there does not seem to be a reason for them to have access to it now).

      2) The problem is not automatic updates. It's the dramatic change in your relationship with Cisco and how your router operates that is the problem. Automatic updates, if they were just bug fixes and feature upgrades, sound like a good thing.

Children begin by loving their parents. After a time they judge them. Rarely, if ever, do they forgive them. - Oscar Wilde

Working...