Belkin To Offer Firmware Fix For Router Hijacking

L-Train8 writes "Belkin has an announcement at the bottom of their homepage about the spam router. They have decided to disable the 'feature' that hijacks a random http request every 8 hours and redirects to a webpage advertising their parental control system. This will require a firmware upgrade. The message says details will be forthcoming. Interestingly, while I was preparing this submission, the message changed. Originally, it included a snippy remark about how what they were doing was not spam, despite what everyone on the internet says. The new version is much less testy."

"anonymous usage statistics?"

[henc]

Although they remove this feature, what other 'usage statistics'-logging-features are silently embedded?

My newer D-Link 604 router has some statistics and a thorough logging function (which is displayed in the web gui). - Is all of it really visible to the end user?

It's a good bet from the manufacturers that the device will be online all the time.
Perhaps one should install a box to surveil the router/firewall, if any connections are initiated from the router?

henc

Re:"anonymous usage statistics?"

[MisanthropicProggram]

I hope the folks whose expertise is in this area will keep an eye out for any other hanky-panky.

I really appreciate the folks who spend the time to figure out these things instead of writing it off as little "quirks" or accepting the line from tech support that you have to get "used to the product".

My brother actually got this line from a Fujitsu tech support guy when he complained that his laptop didn't always read the CD-rom when a new one was inserted and the fact that the laptop didn't shutdown when told to (It would just restart ). - this was in 1999 - BTW.

Re:"anonymous usage statistics?"

[Bowie+J.+Poag]

No, but your D-Link 604 router is a piece of shit.. I should know, I own one too, unfortunately.

The router allows Windows XP to bypass normal user/administrator authentication on the router, and add entires to the firewall table.. Have a look at the firewall page on the router, and see if there's two entries for "msmsgs" that you didn't make. Ever wonder how those got there, especially in light of the fact your router is supposed to be password protected? Gee, thanks D-Link!

Concievably, any schmuck out there could easilly write a virus that pollutes the firewall table in the same manner. I'm surprised nobody has done so already.

I've got a fix...

[Dimensio]

...It involves a hatchet.

Seriously, Belkin's response to this has been utterly abysmal. First they tried to justify it, only now that it's blowing up in their face do they try to remedy it.

They've lost a great deal of trust that they will never regain.

Re:The old message? from Google cache

[_Sprocket_]

Here's some more interesting things for the record.

The origional reply from Eric Deming ("a product manager for Belkin's LAN products and ... very involved with the development of the Parental Control feature") to news.admin.net-abuse.email was removed. Oddly enough. However you can find mirrored copies re-inserted in to Google Groups thanks to:

Malev
Clifton T. Sharp Jr.
dave

And even a simple text mirror outside Google's domain provided by Steven J Sobol.

The removed message was replaced by a very familiar sounding post again from Eric Deming. Google Groups currently has its own copy available (at the time of this writing). But others have already began the process of burying the text - probably due to previous experience.

Of course - if all these sources fail you... you can always find the same text burried in reader comments from the initial Slashdot article mentioned in this article's submission.