Cisco Pushing 'Cloud Connect' Router Firmware, Allows Web History Tracking

Myrv writes "Reports have started popping up that Cisco is pushing out and automatically (without permission) installing their new Cloud Connect firmware on consumer routers. The new firmware removes the user's ability to login and administer the router locally. You now must configure the router using Cisco's Cloud connect service. If that wasn't bad enough, the fine print for this new service allows Cisco to track your complete internet history. Currently, it appears the only way to disable the Cloud Connect service is to unplug your router from the internet."

Upgrade Instructions for Cisco Clients

1. Unplug router
2. Open garbage can lid
3. Insert router
4. Close garbage can lid
5. Purchase new router

That shit? Fuck it.

Re:Upgrade Instructions for Cisco Clients

[alphatel]

or Tomato, or DD wrt

Re:Upgrade Instructions for Cisco Clients

Not supported (yet). Last time I checked, the original Tomato has not produced any further updates or additional supported routers. It's really about TomatoUSB (which is also somewhat outdated) and all the forks (Vics-a-geek, Shibby, Openlinksys, etc) that came from that tree. I've been running those firmware almost immediately out of the box as soon as the router model was supported.

Re:Upgrade Instructions for Cisco Clients

[Local+ID10T]

The option to install firmware yourself is greyed out on routers after the "upgrade". I have read that if you call Cisco and complain they will allow you to roll back to a previous firmware (without Cloud Connect) at which point you can manually upgrade to non-Cisco firmware.

Re:Upgrade Instructions for Cisco Clients

[Jahf]

At least 3 of the routers affected (EA3500, EA4500, E4200v2) are using Marvell chipsets. Not sure about the EA2700. Which means that, unless someone decides to add chipset support, DD-WRT doesn't run on these routers.

Re:Upgrade Instructions for Cisco Clients

[Megane]

What I read in the linked thread yesterday (when this was still in firehose) is that if you disconnect from the internet, the manual upgrade option becomes available. Then you "upgrade" to an earlier version of the firmware, remembering to then uncheck the "automatic updates" option.

Re:Upgrade Instructions for Cisco Clients

[Gordo_1]

Yup. Currently running Shibby's latest (095) All-In-One build on my Cisco E4200v1. It's a good N router and Shibby's firmware is super stable with support for IPv6, USB & VPN among other things.

Check it out:
http://tomato.groov.pl/

Re:Upgrade Instructions for Cisco Clients

[epyT-R]

Ideally we shouldn't support companies who do this even if their hardware is reflashable.

Last post!

[fotoguzzi]

Have to disconnect my router.

Re:Last post!

wait! don't leave just yet, remember to run out and get a non linksys router

oh damn he already left

wow

[v1]

that's all I can say really. This sounds worse than sony's disabling of features in a firmware update. Only this one you can't just not do. (and deal with the consequences of not being up to date)

But I bet this one gets sufficient backlash to require them to backpedal. Significantly altering the behavior of a purchased product by remote control, without opt-out. Arguably illegal?

Re:wow

[torkus]

Not to mention I didn't even click-through an EULA on that router that could get them an idea they have some kind of "right".

It's MY router, I bought it. and it's not some quasi-goods digital product. This is a physical item. You want to back-door my router and install crippled firmware? I'll sign up with the class action if this is the case.

I don't want anyone *at all* to be able to update my router from the internet (or WiFi for that matter). In fact, almost every router has remote (i.e. internet) side administration disabled for obvious security reasons. Now they include the word 'cloud' and it's OK?

Hell, this isn't even cloud architecture anyway. It's just a web-based (pseudo-remote) remote administration tool. You'd think Cisco of all people would understand that.

Then I see things like this and can't help but smile at the "progress" :
Re: EA4500: weird login screen; can't login
Options
06-26-2012 05:10 PM

I found a hole... Dynamic DNS password is displayed in plain text

Re:wow

[Quakeulf]

No, they will only want in on the data and let this slide.

Re:wow

[TheGratefulNet]

good comment from a user post:

No persuasian needed. Seriously. The engineer was great and you could TELL he was sincerely apologetic about the issues. I asked him about the whole incident, and he basically hinted at a little war going on within Cisco and the final decision to go ahead with updating people like this was upper management, where the lower pay grades tried hard and fought against the way they did things.

The Engineer simply sent me to a link, the one that is already listed in these threads and gave me instructions on how to revert back to the older firmware with the caveat (and he was apologetic about it - again I could tell he really was sincere) that the old firmware cant be supported. He then proceeded to give me his email address (which I wont give out, sorry) and told me to feel free to contact him with any issues I have. Very cool, very professional, and sincerely apologetic.

I asked if they were being inundated with calls, his simple reply was a sigh and "you have no idea......"

from a user called 'markdr'.

this pretty much sums up the situation, I would guess. the regular guys who write code were not for this but some idiot mgr upstream pushed for it.

I feel sorry for the real engineers there who are forced to do bullshit tasks that they KNOW will piss off their users. I hate this side of software eng. evilness of top level mgrs usually end up winning ;(

Re:wow

[girlintraining]

It's MY router, I bought it. and it's not some quasi-goods digital product. This is a physical item.

The firmware remains the property of the company. It's software. Therefore, you don't own it. Of course, without firmware, it's useless, but I doubt you'll get many judges to sign on with the idea that you own the firmware too. Thank you copyright law.

I'll sign up with the class action if this is the case.

Your terms of service have been patched. That option was removed by v43 of SCOTUS. It was a mandatory update to legal.sys. You'll have to use the legacy mode 'civil_action' after setting has_lawyer to true and extra_money to lots. Be aware, the legacy mode is really buggy; It produces different results depending on the locale set during install. Enabling it also occasionally causes the processor and memory to jump to 100% utilization and the I/O is doggedly slow.

Hell, this isn't even cloud architecture anyway. It's just a web-based (pseudo-remote) remote administration tool. You'd think Cisco of all people would understand that.

Cisco engineers do. Cisco marketing does not. Cisco marketing sees the value of having a complete web browsing history of a substantial cross-section of the world, and has chosen to leverage that to increase profits post-SCOTUS patch, and since the CEO and the board signed a legally binding agreement to maximize profits, the engineers had no choice. You should welcome your capitalist overlords, and as a IT worker, you can help increase their efficiency as they enslave others in their salt mines.

FU No Thanks

[Hangtime]

http://www.cisco.com/web/siteassets/legal/connect_cloud_supp.html

I especially like how they get to keep your Internet history. Why do you think this is a good idea Cisco?

Your new Cloud Connect contract ...When you use the Service, we may keep track of certain information related to your use of the Service, including but not limited to the status and health of your network and networked products; which apps relating to the Service you are using; which features you are using within the Service infrastructure; network traffic (e.g., megabytes per hour); Internet history; how frequently you encounter errors on the Service system and other related information ("Other Information"). We use this Other Information to help us quickly and efficiently respond to inquiries and requests, and to enhance or administer our overall Service for our customers. We may also use this Other Information for traffic analysis (for example, determining when the most customers are using the Service) and to determine which features within the Service are most or least effective or useful to you. In addition, we may periodically transmit system information to our servers in order to optimize your overall experience with the Service. We may share aggregated and anonymous user experience information with service providers, contractors or other third parties to assist us with improving the Service and user experience, but any shared information will be consistent with Cisco's overall Privacy Statement and will not identify you personally in any way....

Re:FU No Thanks

[torkus]

Let me get this straight. They install an "update" on my router that lets them monitor my internet usage - all without my consent?

I'd say it couldn't possibly be that bad...but the I look to what FB does and shake my head. I like their routers, but there is NO CHANCE whatsoever that I will give a 3rd party my entire house's internet browsing history. You couldn't get me to do that if you gave me a free router AND free internet.

Re:FU No Thanks

[Local+ID10T]

Dont forget section 4 of the Terms of Sevice!

4. Your Responsibilities as a Cisco Connect Cloud User

You are responsible for any data that is sent or received by you and/or any other party in connection with your access to and/or use of the Service used in connection with your account. You agree that Cisco will not be liable to you or any others for any loss or damages due to your use of the Service.

As a condition of your use of the Service, you agree that your use of the Service in accordance with the terms and conditions of this Agreement is permitted under and will comply with the applicable laws of the country where you use the Service. You agree not to use or permit the use of the Service: (i) to invade another's privacy; (ii) for obscene, pornographic, or offensive purposes; (iii) to infringe another's rights, including but not limited to any intellectual property rights; (iv) to upload, email or otherwise transmit or make available any unsolicited or unauthorized advertising, promotional materials, spam, junk mail or any other form of solicitation; (v) to transmit or otherwise make available any code or virus, or perform any activity, that could harm or interfere with any device, software, network or service (including this Service); or (vi) to violate, or encourage any conduct that would violate any applicable law or regulation or give rise to civil or criminal liability.

While we are not responsible for any content or data that you choose to access or otherwise use in connection with the Service, we reserve the right to take such action as we (i) deem necessary or (ii) are otherwise required to take by a third party or court of competent jurisdiction, in each case in relation to your access or use or misuse of such content or data. Such action may include, without limitation, discontinuing your use of the Service immediately without prior notice to you, and without refund or compensation to you.

You will indemnify and hold us and Cisco Systems Inc. and its affiliates harmless against any claims, losses or damages arising from any threatened, repudiatory or actual breach by you of the covenants set out in this Section.

As part of the Service, You will be required to create a password that will enable You to use the Service. Your email address and password will be used to validate Your identity in order to access the Service. When You choose a password, choose a unique combination of letters and numbers unrelated to Your or someone else’s identity or to any information that is publicly available or that may be needed by us to provide the Service to You or to others. If you share information related to the Service with others or allow others to access the Service using Your email address and password, you have no expectation of privacy or confidentiality in the personal information you may intentionally or unintentionally disclose. Therefore, please avoid giving access to these materials to others. You agree to notify Cisco immediately of any unauthorized use of your account or password, or any other breach of security.

Re:FU No Thanks

[Patch86]

A) This only happens automatically if you have the option for automatic firmware updating checked in your router's config. You lose your geek card & status if you left this option on. Not that I'm saying the average home user (who almost certainly wouldn't know how/why to change this option) deserves to have his/her data snooped, but as a techie, you should know better.

As a techie, I don't have my router using automatic updates (actually, I'm fairly sure my router doesn't have an automatic updates setting, but all the same).

But as the "techie friend/relative", I always tell my friends and family to keep automatic updates turned on. They certainly wouldn't update these things themselves (mostly they barely know how to access their router's admin page), and I'm not going to be doing it for every single one of them. And an un-updated router is an insecure router.

And they don't deserve to be spied on and have their privacy invaded just because they're not very good at network management.

It's not that hard.

[Art+Popp]

Buy your router from this enormous list which covers a huge range of budgets:

http://wiki.openwrt.org/toh/start

Re-Flash it and be done with these folk. This newer firmware is much friendlier than the original OpenWrt you may have tried years back, and if you don't like what it's doing, you get a command prompt and make it do exactly what you want.

Re:It's not that hard.

[Jeng]

I was in the market for a new router, I now know that my next one will either not be another linksys or it will not be running the stock firmware.

Since most of those who ask me for tech advice might not be up for re-flashing their router I will not be recommending linksys.

So now the question is, what to recommend instead?

Backdoor

[SJHillman]

Does this mean that Cisco routers, by default, have a backdoor enabled that allows the router to phone home for updates and for Cisco to send them back? None of the routers I've ever used (granted, it's been a while since I've used stock firmware) have ever had any sort of "automatic updates", much less one that's turned on by default.

Government

Although this is pure speculation, but I have reasonable suspicion as a former employee of Cisco, that this really plays well with law enforcement and other three letter government agencies, having the ability to track all Internet activities. That's all I have to offer on this subject. Be careful.

Re:Government

[Lawrence_Bird]

time for a FOIA request to FBI, NSA,DOJ, etc on their contacts with Cisco on t his topic. When shit comes back redacted, if at all, you'll know whats up for sure.

Cisco Routers?

[Nethead]

That's a large field. Is this just the home routers (the old linksys stuff?) I can't see them doing this on enterprise or core routers. The solution is to put it in bridge mode if it's an ADSL router and do your own NAT, etc. with a BSD/Linux box of some type. Run Zeroshell if you want a nice GUI.

Really, this is slashdot. Leave the provider installs and help desks to the punters. If you're reading this there is no reason you should be running what the ILEC initially installed.

Cisco is getting weird. On one side (enterprise) you have to pay through the nose for updates, on the other (home) you can't avoid them.

Before we get our panties all in a bunch, let's wait for some packet sniffs to see what is really going on. Just because the lawyers put it in the EULA, doesn't mean the coders wrote it.

Re:Cisco Routers?

[TheGratefulNet]

they would not dare do this to enterprise customers. those guys take privacy a wee bit more seriously than home users do. they also have big lawyers and would not hesitate to sue if some unplanned update was forced on them that changed their whole security architecture.

home users don't have big lawyers and so they are defenseless against big corps.

I just can't see why cisco thought this would be a good idea. its got FAIL written all over it and will go down in history as a 'sony rootkit' type event. just wow...

OH BOY!

[slashmydots]

Wooo, a gigantic web-based backdoor with unknown remote login methods and an interception of all internet history tied directly to my company's cisco account with all our personally identifiable information?! WHERE CAN I GET ONE?! And by one, I mean the phone number for the account cancellation department.

By the way, my company actually runs some awful piece of crap from Cyberoam but now I'm slightly happier about that. Thanks, cisco.

Re:Something missing

[SJHillman]

As the summary mentions, if you disconnect from the Internet then you can log in locally. However, it looks like most settings are disabled when logging in this way - you presumably have just enough control to get it to reconnect to the Overlords.

Clarifications and Confirmations

[Jahf]

* The Cloud firmware is ONLY for EA2700, EA3500, E4200v2 (not v1) and EA4500 routers. Older routers (E4200v1 or older) will not see this update. These routers shipped with information explaining that Cloud would be released this summer and update to the Cloud firmware when it was released.

* You can prevent this update by turning off "Automatic Updates" in your router. However if you didn't already do this then YES ... disconnect from the Internet before you do anything else. Then go in and turn off the Automatic Updates. Then you can reconnect. Warning: If you've already been upgraded it currently isn't possible to downgrade to the older firmware.

* If you have updated ... you CAN do -some- local router configuration without having internet access. Just go to http://routers/ LAN IP address]/ while it is disconnected and you will be prompted for the router's local password (usually this will mirror your WiFi password). You will be limited to editing the network settings (LAN, WiFi, etc) and security settings (router password, VPN, firewall, DMZ). Parental controls, Guest Access QoS and USB storage won't be accessible until you are able to log in while the router is online (you'll use your CiscoConnectCloud.com login at this point).

NOTE: If you have an EA2700, EA3500 or EA4500 that shipped with the OLDER firmware (every router out there so far, the new firmware shouldn't appear in new routers for a couple more weeks) and have not set it up yet and WANT the older firmware ... do NOT use the CD setup. Configure it using the traditional web UI while NOT connected to the Internet and turn off Automatic Updates. Again ... this is only for people who do NOT want the Cloud firmware capabilities.

* Just an FYI ... the Cisco Connect Cloud concept allows people to manage and view their home network from anywhere on the internet so long as their router has a connection to the internet. Mobile apps allow your phone to control your home network (manage guest settings, see who is online right now, etc). Additionally it enables a plugin mobile application architecture that our partners can leverage to allow remotely managed network applications. It is an entirely new direction and yes ... it has some kinks ... the biggest ones being forcing this on the user and then limiting their ability to manage their device without it being on the internet. ...

So ... I anticipate a flood of groans about all of this, and I don't disagree with a fair amount of them. Let me make some things clear:

a) Yes, I work for Cisco Linksys.

b) No, I am not speaking directly for Cisco in this post nor am I posting on their behalf (I just wanted to get some quick assistance out there to the people who read this).

c) No, I do not work for the groups (PM, Engineering) that made the decisions to do this update automatically, to not allow you to downgrade, and to not allow you access to your full configuration capability while the router is offline. Which means I can try and funnel your feedback to those groups but I can not force anyone to implement any of it.

d) While I don't like the situations mentioned above in item "c)" ... I -do- like the CiscoConnectCloud.com concept and feel that Cisco will improve it significantly over time.

e) I completely ... 100% ... recognize that the /. audience most likely prefers things like DD-WRT, Tomato, etc (though some will really like the mobile Cloud concept, I do, and I've been around the block a few times at this point). Cisco Linksys is definitely moving more towards the average consumer market instead of the tech adopter market with these products.

f) We do still sell non-Cloud routers, like the E900, E1200 and E2500

Re:Clarifications and Confirmations

[Mashiki]

Well if you work for Cisco Linksys you might want to tell some your lawyers(or drop a strong hint to the middle-management types) to look at this, and quickly before it becomes a major headache. Whoever greenlighted this just violated the privacy act in Canada by automatically tracking web history and pushing this update. I'd hazard a guess in various parts of the EU as well.

Re:Clarifications and Confirmations

This is also illegal in Victoria and New South Wales in Australia, I know this because the last company I worked at did a remarkably similar move with their network security products and got sued and fined. What on earth was Cisco thinking with this...

Re:Clarifications and Confirmations

[Waffle+Iron]

Just an FYI ... the Cisco Connect Cloud concept allows people to manage and view their home network from anywhere on the internet so long as their router has a connection to the internet.

Well, I for one got a router in the first place partly because I specifically don't want anybody or anything to manage or view my home network from anywhere outside said network.

I've set it up to disable all such silliness, and I want it to stay that way.

Re:Clarifications and Confirmations

[Local+ID10T]

The information on effected models is incomplete.

My e1000 and e3000 (not listed as Cloud Connect compatible) will no longer allow direct connection and configuration while connected to the internet. They will not accept a connection from the LAN if there is a live cable on the WAN port.

Cisco/Linksys weren't that good anyway

[tkrotchko]

Cisco had limited what Linksys routers could do as to discourage corporate sales.

There are many better choices than Linksys these days.

The N900 is pretty nice, along with dozens. They're cheap (you can get decent non-cisco routers for $30 on sale)

Just use something else.

Re:Carriers?

[Jahf]

This only affects a very small number (4) of the Linksys consumer routers and only the ones currently on the shelves. Not big Cisco routers, not Cisco SPVTG routers, not Cisco SMB routers and not even all Linksys routers.

Upgrade Instructions for STUPID OWNERS

[plover]

So who just plugs in a firewall/router and starts using it out of the box without changing the password and checking over all the settings?

Under the Administration / Management tab, you'll find a radio button clearly marked "Remote Management", and beneath that settings for Remote Upgrade. The day I installed it I discovered remote management was enabled by default, so I immediately set it to disabled. I remember thinking "My god, that's f*ing stupid! Who would ever want to expose router management to the wild side?" Apparently this answers my question.

Anyway, for anyone here who is outraged that their router has been pwnd by Cisco, SHAME ON YOU for not securing your own damn router yourself before hanging it on the intarwebs!

Re:Upgrade Instructions for STUPID OWNERS

[symbolset]

I guess the question to ask yourself is, if a company would do this then what would that checkbox do?

Re:Upgrade Instructions for STUPID OWNERS

[JDG1980]

So who just plugs in a firewall/router and starts using it out of the box without changing the password and checking over all the settings?

Average users.

Under the Administration / Management tab, you'll find a radio button clearly marked "Remote Management", and beneath that settings for Remote Upgrade. The day I installed it I discovered remote management was enabled by default, so I immediately set it to disabled. I remember thinking "My god, that's f*ing stupid! Who would ever want to expose router management to the wild side?" Apparently this answers my question.

This should never have been enabled by default. It's terrible security practice: the default settings should be as secure as is reasonably possible, and any loosening of those settings should have to be explicitly approved by the user/administrator. This is especially true on a consumer focused product that many users aren't going to be configuring at all.

Re:Upgrade Instructions for STUPID OWNERS

[DJRumpy]

I told my parents they should be ashamed. They first wanted to know what pwnd meant and if it involved urination. Then then wanted to know what Remote Management meant and how they get it. They looked for a radio button on the router, but couldn't find any stations they liked to listen to, and when they tried to dial the radio button, the antenna fell off.

They weren't worried about the interwebs though, as they were sure they had a floppy for it in their desk drawer...

Re:Upgrade Instructions for STUPID OWNERS

[plover]

I know exactly why Cisco did it, so they could remotely administer routers for "average users". That's not necessarily a terrible thing.

My complaint is with technical people, such as the fine folks lurking here on slashdot, accepting any security device's defaults without checking them over. It's not like it requires arcane knowledge to look at the configuration screens; it just takes a mouse. You don't have to find a bunch of settings in a README.TXT file from some random website to know what you're looking for, or pull up a wiki page to explain what you're seeing. It's a button on a GUI screen that's clearly screaming out "LET SOMEONE ELSE RANDOMLY MESS AROUND WITH YOUR SECURITY", and these supposedly technical people left it checked. I clearly have no sympathy for them.

Re:Upgrade Instructions for STUPID OWNERS

[UnderCoverPenguin]

So who just plugs in a firewall/router and starts using it out of the box without changing the password and checking over all the settings?

You presume that disabling remote management and automatic updates actually proevents the vendor from remote access to your router.

I did disable automatic updates and remote management. Having just found out about this, I will find out this evening whether they pwned my E3000

Re:Upgrade Instructions for STUPID OWNERS

[cant_get_a_good_nick]

ho? Normal people, who don't have computers skills. People who don't know a firewall from Firefox would. It seems you damn them to hell.

Ok, so you know these things. My uncle, who was a CFO for a Fortune 500 company, doesn't know. Is he stupid? No, he just is as clueless about firewall and remote management as you would be about FASB157 and how you need to restructure your portfolio to comply. Are you saying that he shouldn't be on the Internet?

I know a bit about cars, I've changed oil, fixed a EGR valve, some very minimal carburetor work, but I couldn't do a tune-up on a modern car to save my life. I don't have the tools, nor the specialty. My wife knows less than I do. I don't know how to set up my fuel injector ratios, should we not drive? No, we trust the people who made our car and those who tune up our car (we're lucky we have a very good mechanic) to fix as needed. In the case of our car, we're literally putting our lives in Baykar's very capable hands.

We (collective we) hoped that we could trust Cisco to be trustworthy as well. For it to have capable, safe defaults for the vast majority of newbies that don't know better, and the opportunity for experts to customize. This faith in Cisco seems to be misplaced. Apple is selling billions of dollars of hardware because they understand this, that people don't know everything, and they just want things to work.

Re:Upgrade Instructions for STUPID OWNERS

[plover]

Well, when I read this story I immediately logged into my router, and fortunately was not unexpectedly greeted by their cloud. It's still reporting the same firmware version that I last upgraded to. So you should also have no worries.

Re:Upgrade Instructions for STUPID OWNERS

[contrapunctus]

I know exactly why Cisco did it, so they could remotely administer routers for "average users". That's not necessarily a terrible thing.

But why do they need browsing history?

Re:Upgrade Instructions for STUPID OWNERS

[epyT-R]

Just because you don't know how to retool a lock doesn't mean you should hand the keys over to the state.

Re:Upgrade Instructions for STUPID OWNERS

[Jeng]

Marketing Marketing Marketing

Doesn't matter if it is useful data since Marketing believes that if they have enough data about you that they will be able to create the perfect ad to make you buy a product that you really are not interested in buying.

buy soekris hardware instead of cisco hardware

[TheGratefulNet]

get one of these hardware boxes:

http://soekris.com/

and run openwall (or whatever you want) on it.

it keeps the money OUT of cisco's hands in both hardware and software. you can trust your hardware (no motivation to do evil spy things on generic pc style hardware) and you can trust your software. no one will force something on you, this way.

my soekris box has been running non-stop (other than moves) for years, literally, 5 years or more. no blown caps, no blown power suplies, no 'china syndrome' electrolytics that are on ALL cisco, netgear, etc style circuit boards) and software that just plain works.

tomato firmware (and similar) are cool, but they require vendor hardware and at this point, I'd just assume NOT give cisco ANY (!) of my money for any hardware of any kind.

Short-term thinking

[JDG1980]

This is typical of the short-term thinking that is all too common among corporations today. They're throwing away their credibility with professional users – you know, the ones who buy the expensive Cisco gear that generates most of their profits – so they can grab a few quick bucks by data-mining the consumer market. How many network administrators are going to hear about this and rule out Cisco for future consideration? Keep in mind that the silent and unprompted nature of the update implies that there already was a back door into the routers, even before this recent change. And I don't think that Cisco can cleanly separate its credibility in the home and enterprise markets, even if this is what they're planning to do.

Re:Short-term thinking

[captaindomon]

This is right on. The problem Cisco doesn't realize they have is that most of these cheap home routers are maintained by people that also make decisions for purchase on the enterprise side. When Grandma needs to buy a router, she doesn't buy one, she has her nephew (who is so cute and knows so much about computers!) to buy it for her. Her nephew also works in enterprise IT, in many cases. For a perfect example, read the Harvard business cases on Black & Decker, and how they tried to do the same thing and completely destroyed their brand name for professionals.

Re:Carriers?

[symbolset]

Let me explain about trust...

Re:One more reason to buy Juniper

Er, so Cisco is cheap and reasonably reliable while Juniper is obscenely expensive and notoriously unreliable?

Verizon has been doing it for ages.

[140Mandak262Jamuna]

All routers supplied by Verizon for FiOS service has a WAN side log-in port open, and they install firmware upgrades and you can do nothing about it. If you want FiOS you have to let them do whatever they want with the bits coming of the router at their end.

Re:Verizon has been doing it for ages.

[Chuckstar]

This is different for two main reasons:

1) Verizon is your ISP. They already see all your internet traffic. That's just the way ISPs work. Cisco did not previously have access to any information about your internet traffic (and, btw, considering their stated goals of their cloud system, there does not seem to be a reason for them to have access to it now).

2) The problem is not automatic updates. It's the dramatic change in your relationship with Cisco and how your router operates that is the problem. Automatic updates, if they were just bug fixes and feature upgrades, sound like a good thing.

Re:SMOOTHWALL EXPRESS

[contrapunctus]

I'm gonna guess that a router uses less electricity.

Re:SMOOTHWALL EXPRESS

[d3ac0n]

I would imagine.

Less privacy and control too. So which would you rather have, a slightly lower electric bill, or control of your internet history?

Savings or freedom. Your choice.