Saturday, March 12th 2022
TP-Link Said to be Sharing all Router Traffic with Third Party
These days, routers are quite complex devices that are doing much more than just routing data and are often the main security device on a home network. As such, we've seen a surge in third party services such as Asus' AIProtection that runs software from Trend Micro and Netgear Armor in cooperation with Bitdefender. Chinese TP-Link is likewise offering similar services, some in partnership with Trend Micro and some with Avira. It now appears that TP-Link's HomeCare service—that the company is offering in partnership with Avira—is sending data to Avira even when disabled in the UI, based on a thread over at Reddit.
The standard Avira features are meant to offer protection against malicious content, network intrusions and even against infected devices on the network that are said to be quarantined from other devices on the network. It also incorporates some basic parental control features, such as automatic content filtering and time controls. However, in this case, the issue isn't the functionality itself, but the fact that there apparently is no way to turn off the HomeCare feature, since even when seemingly disabled in the UI of the affected routers, it sends data to Avira. It seems to be a fairly large amount of data being sent as well, with the initial poster claiming over 80,000 requests in a 24 hour period. According to a review of a TP-Link product over on XDA-Developers from May last year, TP-Link said that they were working on a firmware update that would allow the Avira service to be turned off permanently.
However, it seems like no such option has materialized in close to a year since that comment from TP-Link and although it seems the data that is being sent is intended for Avira to use to improve their services, it also seems to go against the European GDPR rules to send user data to a third party, especially without the users consent. Back to Reddit, the poster contacted TP-Link, who claimed that the data sent was to check if the owner of the router had an active service with Avira or not, but this sounds rather preposterous considering that it wouldn't require 80,000 requests per day. To put it in a different context, that's close to once a second.
Multiple people on Reddit have chimed in saying that they're seeing exactly the same thing. Trying to block the requests isn't an option either, as this causes the routers in question to get stuck in a retry loop, which in turn leads to CPU usage spikes and causes issues with the general usage of the routers in question. Other users tried signing up for the trial of the paid-for service, but didn't see any changes in behavior, regardless if the service was enabled or disabled. The only slightly positive note on all of this is that Avira is a German company and could potentially be forced to amend how its service works based on the European GDPR regulation. However, it would still be up to TP-Link to issue a firmware release to the 13 or so routers that run the Avira service. Most of the routers are recent 802.11ax/WiFi 6 models and about half are part of TP-Link's Deco series of mesh systems.
Sources:
Reddit, TP-Link HomeCare, XDA-Developers
The standard Avira features are meant to offer protection against malicious content, network intrusions and even against infected devices on the network that are said to be quarantined from other devices on the network. It also incorporates some basic parental control features, such as automatic content filtering and time controls. However, in this case, the issue isn't the functionality itself, but the fact that there apparently is no way to turn off the HomeCare feature, since even when seemingly disabled in the UI of the affected routers, it sends data to Avira. It seems to be a fairly large amount of data being sent as well, with the initial poster claiming over 80,000 requests in a 24 hour period. According to a review of a TP-Link product over on XDA-Developers from May last year, TP-Link said that they were working on a firmware update that would allow the Avira service to be turned off permanently.
Multiple people on Reddit have chimed in saying that they're seeing exactly the same thing. Trying to block the requests isn't an option either, as this causes the routers in question to get stuck in a retry loop, which in turn leads to CPU usage spikes and causes issues with the general usage of the routers in question. Other users tried signing up for the trial of the paid-for service, but didn't see any changes in behavior, regardless if the service was enabled or disabled. The only slightly positive note on all of this is that Avira is a German company and could potentially be forced to amend how its service works based on the European GDPR regulation. However, it would still be up to TP-Link to issue a firmware release to the 13 or so routers that run the Avira service. Most of the routers are recent 802.11ax/WiFi 6 models and about half are part of TP-Link's Deco series of mesh systems.
90 Comments on TP-Link Said to be Sharing all Router Traffic with Third Party
If I did they'd see me on smallnetbuilder most of the time waiting for new merlin firmware lolYa it's too bad router companies don't put a big sticker on the box advertising it's compatible with tomato/open wrt/etc. For the average user even a regular firmware update is probably over their head, let alone custom firmware.
TP-Link only seems to offer 2-3 firmware updates for their products, then they do a new hardware revisions and drop the old revision like a hot potato. I really loathe how they operate.
Using only FritzBox(AVM).
Decent products, my parents use a Fritz repeater.
I didn't say they weren't sold anywhere else, but the DACH region is where they seem to do their core business.
Here we see how much open source matters and no one stresses much as there is a fine alternative like OpenWRT, that is fully code transparent.
Not sure what the next upgrade is, maybe an AX86U? Been looking at the synology and ubiquiti, but not sure how they would be for residential use. I guess I like the asus for the firmware choices.xvtx.ru/xwrt/
hmmmm
is it fully open source??How do you like it? Is it simple? Does if have filtering for the children in the house? My co-worker has a R7800, but says the netgear FW is hit and miss, but he isn't a tech guy though.
It should be reasonably future proof, as long as you don't care about the 6 GHz band.
Yes, it's big, clunky and fugly, but it's the first consumer router with two 2.5 Gbps ports.It's the most stable router I've ever owned. Never had to reboot it because the router had a hissy fit. It obviously gets rebooted when I've installed software updates, but it was working non-stop for at least seven months in 2020, when I was stuck in Sweden, plus the start of the year. The WiFi signal is still really fast and reliable after 5+ years of usage.
Not overly fond of the Netgear UI/UX, but it has everything there that's needed, if if it's not always as advanced as it could be for certain things and annoying complex for some other bits.
If I click on the Parental Control option, I'm taken here www.netgear.com/home/services/lpc/
I have never used it.
He should install the Voxel firmware, as he's keeping the firmware up to date and has even added a few things. There's also an add-on available for it which should apparently be released as a final release sometime this year. I haven't tried it, but it's meant to add a lot of features. I don't feel like I really need a bunch of other stuff for it.
I wish Asus made some more Qualcomm based hardware, but every time they do, it feels like their engineers aren't capable of bringing them to the same functional levels as their Broadcom based hardware.
arstechnica.com/information-technology/2018/07/enterprise-wi-fi-at-home-part-two-reflecting-on-almost-three-years-with-pro-gear/
Just in case you're interested. But it's from 2018, on gear the author started using back in 2015, so it's pretty old.
There's actually not much wrong with the hardware, but when you cut corners on the software side, or have software developers that don't really know what they're doing, you end up with an inferior product. Both my TP-Link products, one actual range extender and one cheapo router, that have only ever been used as WiFi access points or range extenders, are both working better with OpenWRT than they did with their default firmwares. It suggests the hardware is fine, but the issue is software.
That said, I have no interest in giving them any more of my money and I'm not trying to defend them as a business, but the actual hardware is pretty much on par with the competition most of the time.
Also had a TPLINK usb wifi stick but haven't used it much, also sold.
Won't buy anything from this brand anymore.
www.newegg.com/asus-gt-ax6000/p/N82E16833320517?Description=rog%20ax6000&cm_re=rog_ax6000-_-33-320-517-_-Product&quicklink=true
ouch $400 USD so about $510 CAD w/o 13% tax. Could add it to the list with the AX86u and just wait for sales and reviews. Old AC68U still performing good for now, but usually better to replace before it dies and end up with a bunch of disgruntled kids and wife with no wifi lol
The AX86U should be more than plenty otherwise.