Once more, with feeling
Don't use devices that phone home and/or automatically apply updates. The security risk is simply too great.
Beyond that, specifically don't trust Ubiquiti. They've just proven that they're untrustworthy.
Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wireless routers to quietly phone HQ with telemetry. It all kicked off when the US-based manufacturer confirmed that a software update released this month programmed the devices to establish secure connections back to …
Unifi hardware doesn't auto install updates. I've the hardware has been adopted you can happily not update your devices as long as you like.
So if you don't want to have your devices phone home, just don't install the updates. When they allow users to disable phoning home, sure, continue updating.
Yes it's annoying. Ubiquiti, justifiably, have a great following. It is probably the only product in this price range that offers the massive number of features that it does.
I've used them at a number of sites if you wish to have an extensive wifi footprint all centrally managed with 'full fat' APs and great monitoring. They are much better than a Cisco set up in some circumstances. The fact that for an SME you can add another 10 APs to improve coverage for the cost of a single AP from many other providers.
However, when they do things like this and some of their other, interesting but half baked, features I wonder if they really think things through properly.
I would still recommend them, and hopefully they will learn from this (unlike Microsoft with their insistence on telemetry) but I would always avoid running the latest updates and let any issues filter though others bleeding edge adopters first.
"hopefully they will learn from this"
I was looking at the more general history of the behavior of this company, and it looks like they've long been sketchy. I personally doubt that they will learn the sort of lesson we would all hope they'd learn. Because of that history, more than this particular instance, I have them on my "never do business with" list.
Because of that history, more than this particular instance, I have them on my "never do business with" list.
A house-wirer acquaintance of mine uses them, and from his talking I'd been interested but not looked. I don't think I'll bother looking any further without putting them behind some serious firewall. Might just stick with no-name-brand repeaters and my dogged preference for wired networks wherever possible.
(I refuse to call him an electrician because if it's not 240V mains sockets/lighting or deep fryers, he doesn't have a clue. I doubt he could fix a 1980s torch with a flat battery! Once refused a customer request to have 10A breakers installed in a fusebox because "The standard is 20a for safety, therefore 10A must be more dangerous" (the request was made because the customer wanted the circuits limited to 10a absolute max, not 10.005 and --> definitely not 20! -->)
"I refuse to call him an electrician [...] "The standard is 20a for safety, therefore 10A must be more dangerous""Anyone who can say that with a straight face is absolutely not an electrician. An electrician would understand what those ratings actually mean.
Yup.
The customer didn't really know, but did know enough to know that at 20a there is quite a bit more available energy than at 10a, and while the wiring etc was plenty up to it they did not wish for devices to be able to draw more than their rated 10a (in fact I believe 5a breakers would've sufficed as they had lots of separate sockets and would at most run a basic computer and LED monitor off them).
(Apparently it is so you can have 2 10a sockets on the same breaker drawing near 10a each and not trip the breaker. Me? I'd put in 2 breakers if I wanted both to be able to draw that, as a lot of things like multiboxes, extension leads, various devices are only rated for 10a and if something goes haywire and starts pulling 19a through a 10a rated plug box... (NZ ratings are often 250V 10A for many things, though our actual power is generally around 230v)
> the request was made because the customer wanted the circuits limited to 10a absolute max, not 10.005 and --> definitely not 20!
In which case the customer understands even less what fuses/breakers are there for than your wiring fiend.
The sole function of circuitbreakers or fuses is to protect the WIRING from burning up beyond the point at which they're installed. (earth leakage detection is a different function) and if you need more fine-grained protection than that, then you don't do it with circuit breakers or fuses.
(aka, "a $20 power transistor will destroy itself to protect a 20c fuse")
On a steady load, a standard fuse or breaker will "pop" nearly instantly at 2x the rated current, hold indefinitely at the rated current and take 8-12 hours to let go at 1.5x the rated current.
What that means is if you have a circuit that's regularly tripping out or which trips when the TV/kettle/other load is switched on, it's _already_ significantly overloaded and you'd best be sorting it out before the electrical gods seek to exact retribution by burning your house down.
Quick or slow blow refers to SURGE current characteristics, as do the various "curves" in breakers.
> the request was made because the customer wanted the circuits limited to 10a absolute max, not 10.005 and --> definitely not 20!In which case the customer understands even less what fuses/breakers are there for than your wiring fiend.
No.
Many power supplies and plug boxes and other things have a rating for V and A. They are built so that at the max of those they should be able to cope, but they don't have to cope above those levels. Most have a safety/fudge factor built in, so a 10A 250V plug box could survive happily at 11A. Few would survive at 15A though.
I have watched transformers in TV's melt down and some actually get hot enough to catch fire, I recall some cheap Chinese[1] import TV's (at a time when the Phillips "Griax" (GR1AX) 14" TV was popular but suffering a "go to full volume when a bright white screen was displayed" fault - same chassis was in their 'space helmet' tv around '91/'92) that had a 10a fuse in them, but no thermal fuse in the under-rated and poorly made transformers. Even worse, when you turned the TV "off" the power was shunted through some hefty ballast resistors instead of actually turning the supply off, IE the PSU of the TV was always running at 'full noise'. Some of these transformers would literally have a melt-down, and some of them could be sending out flames while still well below 10a. I cannot recall any more on the brand details above what is in here (did fix many of the GRIAX's, fitting 2 diodes on the board where they should be but the factory had cheaped out and used wire links instead).
Many other people have had experiences of stuff catching fire while drawing a lower current than the fuses or breakers would trip at, and some people know that they can protect themselves better by using a lower-rated breaker, within the confines of the ratings of attached devices rather than twice the confines.
Your reply only shows you completely missed the point of the exercise, and why the customer wished to significantly reduce the available energy to the 'threat', hence vastly reducing the risk of a fire :) Sometimes personal safety means slowing way down and 'driving to the conditions', not blundering along at the legal limit.
[1] I'm quite certain they were Chinese-made but may've come from elsewhere. One of the larger store chains sold hundreds of them, which gave the starting-to-die repair industry a big boost for a while.
...the snowflakes are falling again.
Ahem..
You call those upset at the intrusion into their networks and the risks that causes them (those under GDPR rules for example), yet you're too chicken to post under your normal handle?
Guess we know who the real soft-cock snowflake is!
per this Reddit thread was to downgrade to older firmware.
"The only surefire ways to avoid this is to either downgrade switches and AP to a pre-4.0.60 version. 4.0.51 is stable for me. Some of the later .5x versions were a bit broken. Or block all WAN traffic to/from AP's and switches (which is best practice anyway). They don't need any external access, just the gateway and controller."
However, be advised that later in the thread someone stated that blocking WAN traffic to/from APs was problematic.
"The kicker being that if you did isolate them so that they could not phone home there was a memory leak bug that released with this “feature” that meant they would become unusable very quickly due to repeat retries."
There's also an annoying problem that if you trigger a firmware update from the controller, their access points don't update and just stay disconnected until you reset them if they don't have a NATed connection on their default (not VLAN) interface.
Discovered this the obvious way.
Been playing around with Draytek equipment and am of the opinion that they also reserve the default interface and VLAN for special largely undocumented behaviours.
Yes it may mean that stuff works out of the box, however, it can take a while to understand why that new VLAN isn't behaving in the same way as the default out-of-the-box configuration.
The blog piece linked to in the Register article states:
If you do not wish to participate/provide this data, we will add an opt-out button in upcoming versions that will make it easy to opt-out of providing this data. In the meantime, you can block traffic from UniFi devices to trace.svc.ui.com.
A bit late, but at least they admit it and have a workaround until the new update is released - more than can be said of Microsoft and its Windows 10 telemetry.
Yeah, just like a guy getting caught running a red light admits it to the cops who caught him red-handed.
Sorry bud, but admitting it in this case is not getting them any brownie points. It would have been simple to include a question at install time, collecting performance data is not something new and a lot of programs and other things offer to participate, so why did they think they were above that ?
They're not, and they deserve the fallout.
I don't say they don't have any blame. In fact, I think it stinks. But at least they are reacting quickly to the problem, which a lot of companies don't do.
I'm not giving them a pass, especially as a customer, I am not happy at all with the situation. But at least I have a workaround to deal with the problem.
Failing to keep router firmware updated introduces a significant network threat vector, so although your workaround addresses one issue it leaves you painfully vulnerable to any security threats addressed in subsequent firmware patches.
Better by far for Ubiquiti to have made the telemetry opt-in from the outset, if they really need it at all. (They don't).
>Failing to keep router firmware updated introduces a significant network threat vector
It doesn't introduce it merely doesn't mitigate an existing threat vector that has been known about for many years.
As a previous commenter has noted, auto-update of network infrastructure firmware introduces a new threat vector. Personally, I have devices download updates and then message me so that I can control when the updates are applied. This is particularly useful when you are running dev/beta firmware to see whether it has fixed the fault you reported.
A better solution IMO is to use VLANs.
With unifi APs, the management IP address is always on the native (untagged) VLAN - and you can assign the wireless SSIDs to other (tagged) VLANs.
Therefore: put the management IP on a separate device management subnet that has no external Internet access - and no outbound access to any of your other networks, for that matter.
Then there's the question of what you do with the management software, which isn't currently implicated in phoning home. I'd suggest you stick that on the same untrusted device network and then you don't have to worry about it. If it's a Debian/Ubuntu box, you can give it access to an apt-cacher proxy so that it can download software updates when you choose, but nothing else.
Though I have no interest in Ubiquiti products, I've been following the complaints for a couple of days, just to see if Ubiquiti reverses course.
No sign of that yet, and the story has now hit Hacker News, Reddit and El Reg. I suspect Ubiquiti won't reveal the existence of the Rogue Engineer until they've suffered a serious dose of Twitter Outrage.
At the price point Draytek aren't bad either, but I understand the attraction of Ubiquiti AP's but not necessarily their switches and routers. I would have used them on a recent project if the total cost for a pure Ubiquiti network infrastructure was within the client's budget.
I installed a USG and 2 APs about 3 weeks ago at home. Very happy, apart from this bit.
I've used them in the past and we have 2 large crates of Unifi gear at work, which needs to be installed...
With the relevant block as suggested by Ubiquiti (see my other post), there shouldn't be a problem.
They screwed up by not making it opt-in and not clearly informing people. But at least they are reacting responsibly. I'll blacklist the trace.svc.ui.com address in my DNS server and on my USG, that should deal with the problem, for now.
They screwed up by not making it opt-in and not clearly informing people. But at least they are reacting responsibly. I'll blacklist the trace.svc.ui.com address in my DNS server and on my USG, that should deal with the problem, for now.
Very brave... Not in a GDPR-type area?
Me... I'd have a lot of trouble trusting them given their past practice (just these events alone, not making opt in AND not informing the customers) and past behaviour can be a good indicator of future behaviour. Would you give a known fraudster the job of managing your accounts? Especially without careful oversight? It's trivial to set up a new domain, or put something on another domain requesting/sending to a specific path (eg "ui.com/spyondumbcustomers.html"), or another port. I think if I wanted to hide something, I could have the router send a specific string as part of the update check which would let it send the pilfered data during that process (although HTTPS urls wouldn't be easy for you to read anyway).
I take protecting my data and the data of those I do stuff for very seriously. And I know full well companies work on the principle of "They didn't mind us pointing at them and laughing a little bit, so we should be fine to tie them up and beat the shit out of them" - IOW if they get away with a little they'll go for a lot. If this lot had gotten away with sending a little data, next thing you know your usage rates would've been doubling as every packet was copied to them "just for quality control purposes" - same as with MS/your documents.
Apparently FlashRouters will sell you a router with DD-WRT already installed. I've never used them myself, and have no idea what the quality of the hardware is.
I've been meaning to get a couple new routers with decent hardware (as far as I can determine from reviews) and put DD-WRT on them. That seems like a reasonable approach for tech folks who can afford the time. But the fact that I haven't gotten to it yet suggests I can't...
Ah yes...DD-WRT....the package that at one time came with a hard-coded opening in the firewall for an IP address in Germany. No real explanation as to why it was there or what it was enabling the DD-WRT people to do to your router.
Personally, I'll take UBNT's telemetry.
Ah yes...DD-WRT....the package that at one time came with a hard-coded opening in the firewall for an IP address in Germany.
Do you have a citation for that please? Genuine interest, especially as this is the first time I've come across the claim (but not deeply looked at DD-WRT yet, as not had routers on their support list and not had an overwhelming desire to change the router I had :) )
They will be making it opt-in and they have released a workaround for those affected, which is in the link in the article, although El Reg didn't mention it and just mentioned blocking all IPs for Ubiquiti...
If you do not wish to participate/provide this data, we will add an opt-out button in upcoming versions that will make it easy to opt-out of providing this data. In the meantime, you can block traffic from UniFi devices to trace.svc.ui.com.
TBH I have been removing these for a while as the performance is not that fantastic.
It is rather odd that the range on these is quite good but the throughput is pants.
I also really seriously don't like the controller system at all. It all feels rather well........yesterdays news.
"It is rather odd that the range on these is quite good but the throughput is pants."
I don't know the details of how these devices are implemented, but generally speaking this makes sense. If you reduce the transmission rates, then you increase the ability to deal with radio noise. That means that the radio signal can be usable at lower power levels, which means that the radio signal is usable at a greater distance.
>you could splash out on some higher gain antenna if that's legal where you are.
The legal limit is on transmitter/radio output power.
The way to extend the speed/coverage bubble is to use the highest legal spec. radio's in the AP's combined with directional aerials/beam formers which effectively direct all that power in a single direction. Then you need high gain antennas to receive the much lower power return signal from client devices.
The other way is get a licence and use more pricey equipment...
"The legal limit is on transmitter/radio output power."
Nope
The limit EVERYWHERE in the world is on Effective Isotropic Radiated Power (EIRP) - power emission from the antenna - meaning that if you put a 20dB gain directional antenna on a 100mW radio that's legally running max power on a 3dB omni antenna, congratulations you're now illegally running an effective 10W transmitter - and likely wiping out every AP for 3-4 miles in the direction the antenna is pointed as well as doppler radar for 10-20 miles if it's 5Ghz - This is _exactly_ what a number of FCC prosecutions over 5GHz interference in the USA have been about. European authorities have tended to issue warnings before prosecuting but they have gone after illegal setups too.
(a huge chunk of interference issues are down to idiots doing _exactly_ what I've just described)
For Wifi use in buildings the best policy is "as little power as you can possibly use".
I've got 120 APs deployed and doing very well (800Mb/s throughput on each) at 1-5mW (1-7dBm after antennas) in 5GHz and 1mW (300Mb/s) on 2GHz thanks to the simple expedient of one in every office and a couple of larger ones in public spaces (outdoor units run higher power with range limits dialled in)
There is absolutely zero point in any given network AP being detectable beyond the next AP in the same SSID and turning up the power just makes for an unholy co-channel mess with very unhappy users.
Wifi devices are seen as simple consumer type devices as everyone has them in their home. However for a proper installation you do need to understand the technicalities a little - they are RF devices after all and RF engineering is quite a complicated subject.
Anytime you are hit the extents of range you will have issues as then it becomes as much about the client as the AP. Just because you can see the AP with 1 bar, doesn't mean the AP can see your device. Also the speed gets negotiated right down. The LR version of the APs aren't worth it in the UK as the extra range won't be used with clients.
The most practical thing outside of proper channel mapping and reducing the number of SSIDs on each channel is to kick clients off (or not allow connection) if their signal strength drops below a certain level. Use the Minimum RSSI setting well can make connections very solid and make for a much better roaming experience (between APs).
The LR versions can be worth it, you won't legally get any extra transmit power in the UK with them, so you won't get a stronger signal reported on client devices, but the extra gain helps with the signal received from the client devices.
I put them in at home, because I had given up on trying other domestic mesh solutions, which have pants throughput. I had tried 2 or 3 different solutions, none got over 50mbps mesh link over the 10M between the base station and the APs (all current 1.5gbps AC kit).
I had had good experience with Unifi at a previous employer and like the configuration controller. With the Unifi mesh, I get around 110mbps over the same distance. Not brilliant, but better than the domestic stuff. It also adds full VLAN support into the mix, which is a great bonus.
This annoyed me because while my network setup here is quite resilient, after a short Internet outage the WiFi will disappear.
Turns out there is an option: "Uplink Connectivity Monitor"
I thought this was just to rearrange the network topography in case the WiFi mesh was having issues, but I was wrong.
"One mitigation is to use DNS or IP address filtering to block connections from the devices to Ubiquiti's servers"
A better mitigation is to not use their products. Ever. History has shown that any company willing to cross the privacy line once will cross it again and again, whenever they think they can get away with it.
History has shown that any company willing to cross the privacy line once will cross it again and again, whenever they think they can get away with it.
Yet... we still use a plethora of products from Microsoft, search using Google, use GMail and GoogleDocs, spend hours drooling over Facebook and other (anti)Social Media services.
Well... some of us don't but we are in a real minority. We are the refuszniks of 2019/20/21/22/23... etc
Cisco Meraki have access to all you data directly as it is all managed from their cloud service. They also partner with a number of organisations such as Amazon, Google, Microsoft, Salesforce, Twilio ...
They are open and honest about this, as long as you spot the link. Although they don't readiyl tell you what they collect and what everyone processes exactly.
And this just on the back of the great advert fiasco. They released an upgrade to the unifi video controller that advised customers to "upgrade" to unifi protect that has nowhere near product parity with video. They reversed that one, but to do something worse less than a month later... Not good news
I have always been dubious about their products for not really fitting the way I want to manage my network devices. Now it seems that my concerns were entirely justified.
For my home usage I will never tolerate or accept a network device that in anyway depends on anything outside the network for any aspect of its operation.
How do you connect to the internet? There's always that one pesky device that really does need to talk to the rest of the world.
When the internet drops off (as it does from time to time where I live), I don't expect my WiFi, DHCP, switch etc to stop working. I only expect to not be able to contact machines outside of my home network.
Why does WiFi functionality require internet access?
Well never had DB corruption myself with a few thousand APs, so can't comment directly on that.
However the Unifi solution doesn't rely on the backend to function. If something happens to the controller the APs will continue to work, but you'll lose some of the monitoring and ongoing management.
As the controller can be run in a VM it is very easy to snapshot it, create redundant VMs, Backup the config and recover very quickly if you have an issue with a very simple change management and backup routine. The fact that the individual APs have full functionality and the controller is not a single point of failure makes it more useful than most where loss of controller or communication with it can brick the APs.
A few days ago I was asked by a client (for whom we normally don't do any networking, but hey there is the water-cooler/coffee-maker/whatever talk) to help them think how to expand their (currently Ubiquiti) WLAN - stay with Ubi, roll their own or go "Enterprise". I forwarded them a link to this article at ca. 11 p.m., and got a reply along the lines of "so one possibility just dropped" within 5 minutes.
This tells me, that they are quite serious in both ways.
After getting fed up with unreliable performance from a BT-Hub5 re-purposed as a WAP, I recently dipped my toes into the dedicated WAP world with a Ubiquiti Unify AP.
I was a bit disappointed at having to use Java to run the local controller, but this is only needed to get the AP up and running or if you want to tweak settings or monitor performance etc.
Once the AP was up and running satisfactorily, I've not had to run the controller again. The AP just sits there doing its job, so I'm happier with it than I was with the old BT Hub.
But now this.
So what other well performing, reliable, industrial strength alternatives are there?
DD-WRT is good, until you come across something that should work and blatantly doesn't - e.g. multiple VLANs split out into multiple WiFi SSIDs - something I ended up head on up against, and it turned out it was a bug in some of the accompanying software on the Linux distribution. It's good until it's not.
Tomato is pretty solid, if a little limited. OpenWRT is the most flexible, but also seems to lack wireless drivers for a lot of common AP hardware, due to binary blob requirements. Shame, as it seems to be the best out of all three, as far as functionality and customisability goes.
I've been happy with the Zyxel USG-40 and USG-60W in some offices I shepherd. Good wireless range in the 60W (skip the 2.4-only 40W) and multiple port-based LANs on all USG models allow segregating traffic by sensitivity of content, keeping guest WiFi, payment card services, and protected identity info on separate subnets. (Yes I know what a VLAN is. The Zyxel way isn't as flexible but also isn't as prone to erorr after a long night installing and configuring.)
Can save money if you avoid the annual license for the security services and reporting. Haven't tried their cloud products and likely won't because cloud.
Some Asus routers phone home to TrendMicro servers where a rouge employee has been caught selling users data.
And according to some reports hackers may have had access to Trends source code.
An excellent website that is a must read before setting up a home WiFi router is:
https://routersecurity.org/
I had already stopped looking at new Ubiquiti equipment due to their consistent failure to get tested for commercial use (OSHA law in the US) and overheating, dropped out of their forums after they spent their resources to make the forum "pretty" instead of something radical like getting the long-promised IPv6 support out of beta, and now this. The two pieces I had (gateway and one access point) were promptly disconnected and software uninstalled; replaced with a Netgear WiFi router I had in reserve. It will be replaced with a more industrial choice soonish, but it gets me to El Reg until then.
Expect a flood of Brand U on flea-bay in time for Xmas.
Since GDPR requires "informed consent" from people before their data is processed (gathered, transmitted, analysed, acted upon, ...), whether it is anonymised or not, it is not possible for Ubiquiti's data gathering to be GDPR-compliant without people having given that consent.
Informed consent only applies before their personal data is collected, so that doesn't rule out GDPR compliance.
Doesn't matter though, GDPR compliance is a red herring. The problem is that "trust me" isn't a valid approach to any network security issue.
The main problem is that Ubiquiti management doesn't see (or is being paid/told not to see) how wrong this is.
Your IP address is personal data if there is other corroborating data that can link you to it. If, for example, your email address is present in the device and captured, or if your personal data is in a packet that is captured during a crash event.
So Ubiquiti are sure they never catch anything that could be linked to the IP address to give personal identification??
https://www.whitecase.com/publications/alert/court-confirms-ip-addresses-are-personal-data-some-cases
>So Ubiquiti are sure they never catch anything that could be linked to the IP address to give personal identification??
Whilst I get your question, which does need an answer, I think we should be asking ourselves: do the URL's and IP addresses of the Internet destinations we access, in themselves (ie. without an associating source IP address) constitute personal identifiable information.
Consent is only one of the lawful bases, and it's only effectively mandatory where the data processed fall within the scope of Article 9 (the 'sensitive' data categories) . "Legitimate interest" can be used (and is over-used) in almost any other case in the commercial context.
Hey, manufacturers. If you want to do this sort of thing, it has to be opt in, not opt out.
Yes, that might mean you get no data, but then you will understand your users requirements far better
If you need info on crashes and the like, then get a test team in your company and test the devices yourself. Good testers are worth their weight in gold.
The current approach being taken by certain manufacturers will only ever erode trust and adversely affect your bottom line. Once trust is gone it’s probsbly never coming back.
"Any data collected is completely anonymized"
Including WIFI keys ? I'd like to see evidences of this, since I don't believe it a single second.
"transmitted using end-to-end encryption and encrypted at rest"
This does nothing to make me confident. Once someone breaks your front end, it's all exposed.
I use a Ubiquiti UniFi Cloud Key Gen2 Plus to manage my UniFi networks. It's cloud enabled and lets me manage my customer UniFi installations from my phone or from my computer, remotely. I guess I'm not really worried because the Ubiquiti UniFi Cloud Key Gen2 Plus is registered on Ubiquiti's network and I can pull statistics as well. Being able to remotely manage a UniFi network 500 miles away is a big time saver for me. The telemetry data has helped me on many occasions diagnose various issues.
If you think about it, don't all "cloud enabled" devices have to phone home and report something to the mothership?
I can easily manage my network remotely just VPN-ing into it... no vendor lock-in, no cloud account, no cloud services or apps disappearing and making devices useless, no data going to third parties...
It's incredible how people overlook the simplest solution and just bite the decoy hung in front of them, usually because of a flashy UI.
It's not clear from your comment whether or not you know this already, but UniFi networks don't require vendor cloud services, mobile apps or cloud accounts either to configure or operate.
You can just run your own controller within your network (their software runs on a commendably wide range of platforms) and that's it - if you want to manage it from outside your network you can just forward the relevant ports or use a VPN.
I am dead against devices which require ongoing vendor support or licensing just to operate normally and was wary of UniFi with all the talk of "cloud" features but overall I've been pretty impressed over the past few years.
My comment was about managing the setup from outside using the cloud service and the mobile apps.
It's clear you can still VPN into your network and access the controller - I would never forward the very network management ports, too risky.
Anyway the controller is still a kind vendor lock-in since, as you can't easily access and manage UniFi systems without it, and it's a way to lure you into buying more of their products. I understand that for larger deployments it is a useful feature if fully optional, but IIRC you can do little without it - maybe some CLI, but little more, but I may be wrong since it has been some time Ubiquiti is no longer in any of my shopping lists.
You better get awfully pissy with every other major consumer vendor out there. They ALL call home. That includes Apple, Android, your HP printer, much home automation, Ubuntu, Redhat, you name it. And let's not even start with the massive fingerprints people leave on their favorite web sites.
What's more important is what information is being carried. Here it's relatively innocuous. That could change.
Oh, I don't know, when people speak about OS market share Android becomes Linux, when it's about slurping Android becomes not Linux - just take a single, coherent position, please....
And I'm sure there are a lot more products built on Linux that do slurp any data so unlucky to pass close to them. Most IoT device often run some form of Linux too.
My position is coherent and consistent -- Android is an OS that uses Linux. Linux is just the kernel, after all.
But my point is that even if we (incorrectly) call Android "Linux", it's still true that the parts that are slurpy are the applications and services that Google layers on top of that. You can absolutely have a non-slurpy Android installation.
>do not confuse the Linux world with Windows or IoT shite. They're not the same . . . yet.
As Linux increases its market share, expect that differentiator to erode, as both Google and Facebook have demonstrated, you can build a very large profitable business on top of free (to the consumer).
"They ALL call home."
This is not true in the sense that you're implying, and even if it were, it's beside the point. A lot of those do, of course, but a lot of them do the right thing and get your informed consent first. Mobile devices aside, very few of them engage in sneaky and mandatory reporting.
"What's more important is what information is being carried"
What's even more important than that is getting informed consent before doing data collection. I don't care if the data collected is actually 100% innocuous, if you're doing it without my informed consent, you deserve to be widely condemned.
And I would like a pony.
Consumers have no option to give meaningful consent. A vast number of products simply won't function if you do not agree to the shrink wrap. To prove the point a study was done years ago that had a shrink wrap where at the bottom there was a number you could call to claim $100. I think only one person called it.
And what's more, for most of these devices, you would WANT them to call home, if for no other reason, then to get upgraded. And maybe you would like to be asked, but your family and friends who AREN'T geeks wouldn't otherwise upgrade, the result being that they are vulnerable to far worse things than exfiltration of crash information.
"Consumers have no option to give meaningful consent."
It depends on the device and manufacturer, but yes, this is often true. Which is the exact problem that I'm complaining about.
"And what's more, for most of these devices, you would WANT them to call home, if for no other reason, then to get upgraded"
If by "you", you mean the ordinary person, this is probably true. If by "you" you mean me personally, or literally everybody, this is emphatically not true. I don't want any of my devices doing this.
And what's more, for most of these devices, you would WANT them to call home, if for no other reason, then to get upgraded.
Aside from auto-upgrades having their own sets of risks (eg W10/Hardware and software disappearing) - though I do admit much of the time it is preferable for the general populace, you still miss the point.
"Hi, Upgrade server, my version is 10.077, is there an upgrade?" is perfectly fine.
"Hi, Upgrade server, my versions is 10.077, in the last 24 hours I have uploaded 24738465 bytes and downloaded 8461085732 bytes, until 0245 GMT my ip was 8.8.8.8, from 0247 to 1552 it was 203.96.152.4[1]. I have the following data on MAC addresses...." is not at all fine, especially without consent.
Yes, your current IP has to be given to download an update, the running version is not actually necessary (the requesting device can simply be told the latest version # and if it is higher than what the device has the device downloads it), and what ever other data is not necessary and should not be sent without express consent from the user. The reason 'opt out' is considered bad is it is not consent.
[1]Long-disappeared paradise.net's primary DNS server IIRC (sold off to vodafone, subsequently destroyed due to incompatible levels of service and competence (ie Paradise's people knew what those words meant!) - dang, still remember that after all these years???? And secondary was .12...
I used Ubiquiti a fair bit, until I tried Open Mesh, which was fantastic for my purposes. It's interesting that (I think) nobody has suggested Open Mesh (or Datto, as they are now) as a potential alternative. It was such a terrible shame that Datto purchased them. I haven't bought a single one of their products since the Datto announcement, and neither has anyone I encounter. I pretty much universally hear that people are ripping out their Open Mesh gear, and going to, or back to, Ubiquiti. This current issue is worrying, but I hope they learn from it.
There's nothing else on the market that hits as many of my requirements as Ubiquiti. I suppose I could be called a fan.
OpenMESH, same here several local businesses use it, I have it at home and at my parents and in-laws and now I have to rip-and-replace as I do not have the funds to pay per month for this clown wifi controller, when it was free for 30 days it was good enough. I do not want to pay full price for the access point and then pay every month. the access points never fail and datto is not cisco and I am not using cisco features or have the cisco staff to run the WLC/WCS - Cisco Prime.
Would like to know if this affects the more enterprisey EdgeMAX line (which I am running) vs the Unifi line. The EdgeMAX line recently had a fork in software releases (kinda like VMWare 6.5 vs 6.7!) where the modern fork allows the routers and switches to be managed by Ubiquiti cloud and the older fork does not, but still received updates etc. I am on the 'legacy' fork still but would be interested to know how this played out on the EdgeMAX line.
Last year I bought one of these. The ONLY EASY WAY to configure the thing was to set up a "cloud account" on a Linksys server, an account embedded in the router. The rational for this arrangement (from Linksys) was that the "Linksys App" would allow the proud owner of this kit to manage their router from the beach in Brazil. I wondered at the time if this arrangement also allowed Linksys to monitor the LAN.
*
As it happens, I did find a way of configuring the device the old fashioned way - laptop, ethernet cable, router....AND NO INTERNET CONNECTION.
*
Then I did a factory reset on the router, packed it into the original box and gave it to my local charity shop! SEP!
By some interesting engineering and good marketing they have placed themselves as "the solution" for managing multiple WiFi access points, but there are simpler and cheaper solutions, which also work perfectly well without an extra PC or "the cloud". For example, I am using TP-Link AC50 for the few APs at home, while a slightly larger AC500 could be used for decent sized network.
Ubiquiti told customers all of the information is being handled securely, and has been cleared to comply with GDPR, Europe's data privacy rules.
Now I (like Ubiquiti) am a left-ponder, and therefore (like Ubiquiti) may not understand GDPR in all its intricacies. But IIRC, GDPR had something about end users having to opt-in in order for their data to be appropriated. This doesn't sound like opt-in to me.
Is Donald Trump running this company?
So there are people in enterprise IT who don't put third party devices into a sandbox where they have restricted access? Who are these people and who let them loose in the network?
1) Build a great product that people will want to use.
2) Be a very trustworthy company and do everything right, with "our users security/privacy at the foremost of our decisions"
3) Wait till you have a large number of users loving your product and trusting your exceptional service, reliability and security.
4) Slip in an update that steals all their data
5) Profit!
(Somehow MS managed to skip 1 & 2...)
Besides, given that so many places still run Windows and use cloud products (O365/G-Docs etc), I don't think as many there give a stuff about who has their data as you'd imagine :(
"Synology is *much* worse. Their RT2600ac phones home for many reasons to many different servers. They do not explain what or why and you can not stop it either. Details here in the section Spying on the Router
https://www.routersecurity.org/synology.php"
I'm a bit baffled Syno is so bad TBH. In their core NAS market, they are probably the best security aware maker !
My venerable DS411, bought 7 years ago, still gets security updates, those days. Which other manufacturer is doing that ?
Also, seems bizarre they are going into the crowded and indeed quite messy home router business, now. Not sure they'll get there ...
Whether or not they do it is not an issue in its own right. Lots of us allow some stuff to report back (I often turn on crash/usage data for some progs in the interest of helping the devs).
What is the issue is they pushed out a security update and changed all the affected systems to a opt-out send-data setting without forewarning.
Not only is that a nasty and untrustworthy thing to do, it's probably illegal in many places.
After a couple of recent foul ups and their controller software getting more and more needy we're switching to Aruba during our hardware refresh. I've tossed 110 Ubiquiti AP's in the skip in the past month. They're great value for the features they have, but you can only push your luck so far.