Quaoar
join:2004-08-11
Fort Collins, CO
 ·Comcast
| Linksys N routers: open to Cisco's snooping?
The new models of Linksys N routers, WRTxyzN, are supplied with the Linksys application Easy Link Advisor (ELA). ELA is acts as a management gateway to the router. Recent events have demonstrated that these routers will eventually invoke Parental Controls, outside of the control of the user.
Parental control is, from out of the box, set by the supposed optional add-on of Trend Micro Security.
What is happening with users is that if Easy Link Advisor is installed, sooner or later web sites are blocked, purportedly by Trend Micro Security that in most cases has not been installed by the user.
When the web site blocking is invoked, the users have no option within Easy Link Advisor to reset Parental Controls, in most cases. There is NO OPTION. Users report than neither Trend Micro nor Cisco/Linksys can offer a solution other than pointing the finger at each other. This is very mysterious and makes the new N routers worthless to users.
Now comes Cisco/Linksys with a solution: an entirely new application Cisco Network Security that will allow users to reset the Trend Micro Security settings.
Here's the catch: Cisco admits that the web security "feature" is embedded IN THE FIRMWARE of these routers, and cannot be removed, but only turned off.
Now, Cisco has cooperated the the US Government in developing commercial routers with back-door snooping features available.
This fiasco with Cisco/Linksys N routers, invocation of Parental Controls that are embedded in firmware, with no notice to users, and the inability of users to turn the damned parental control off, speak volumes about what else is in the firmware of these new N routers, like back-door snooping of user's web activities.
Cisco isn't telling; Trend Micro is silent. What is telling is that Cisco admits there is non-traditional code in the firmware of their N consumer routers, and that special methods must be used to access the embedded control flags to turn off web security.
Something is not right with these user-level routers if the installed firmware provides access by others to the user's activity on the web. Maybe next week we will have to sit through a ten minute hate. |
|
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire
| is ELA app optional or part of default install? Once installed can it be removed or does that other Cisco app needs to be used in order to remove? not sure if anybody is snooping it looks more like an overzealous misconfigured security app.
Cudni
--
"what we know we know the same, what we don't know, we don't know it differently."
Help yourself so God can help you.
Microsoft MVP, 2006 - 2009 |
|
Sith HMP
I Did What?
Premium
join:2004-04-25
Bloomington, IL
| As far as I know the ELA is optional. However, when I installed my router I did not use any disc or pre configured install. I hooked it up and configured the settings on my own.
I believe the ELA is on a separate blade of it's own with in the other configuration blades. I am not home to look first hand. I do know for certain that it wasn't required or even offered during initial install. Well, other than having the option to install it if you went to that portion of the configurations.
Does that make any sense?  |
|
EGeezer
Freezin Season
Premium
join:2002-08-04
Country!
 ·Callcentric
·RoadRunner Cable
| reply to Quaoar
... Recent events have demonstrated that these routers will eventually invoke Parental Controls, outside of the control of the user. ...
... What is happening with users is that if Easy Link Advisor is installed, sooner or later web sites are blocked, purportedly by Trend Micro Security that in most cases has not been installed by the user. ...
.. Now, Cisco has cooperated the the US Government in developing commercial routers with back-door snooping features available. ...
... with Cisco/Linksys N routers, invocation of Parental Controls that are embedded in firmware, with no notice to users, and the inability of users to turn the damned parental control off ...
Interesting observations. I'd like to see some independent verification of these claims if you have any to provide.
--
The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis |
|
Full Power
join:2009-09-25
Houston, TX | reply to Quaoar
Doesn't Cisco still use open source firmware ? How hard would it be for a programmer to have a look at the code ?
Something smells fishy about this one. |
|
EGeezer
Freezin Season
Premium
join:2002-08-04
Country!
·Callcentric
·RoadRunner Cable
| said by Full Power  :Something smells fishy about this one. Yes. Fishy and unsubstantiated. I'll give these assertions no credibility until I see the independent confirmation I asked for. If they were true, every network security analyst would be posting their logs and code analysis.
--
The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis |
|
KodiacZiller
join:2008-09-04
73368
| reply to Full Power
said by Full Power :Doesn't Cisco still use open source firmware ? How hard would it be for a programmer to have a look at the code ? Something smells fishy about this one. I don't think Cisco uses open-source firmware much anymore. This is why certain routers are still very popular amongst enthusiasts (like the WRT54GL) because they are one of the few models that still run on Linux. Most of the others run on the closed-source VxWorks OS. |
|
paranoid
@qwest.net
| reply to Sith HMP
I have installed a number of Linksys WRT???N routers. Never saw ELA installed and never had it appear after the installation. I have also never seen any behavior similar to what the original poster describes.
quote:
Cisco admits that the web security "feature" is embedded IN THE FIRMWARE of these routers
Any vendor embeds *all* of their router features in the firmware since there is no other software running on the router. Where would they put features except in the firmware?
quote:
I believe the ELA is on a separate blade of it's own with in the other configuration blades.
This makes no sense. What is the "blade" you are referring to?
quote:
speak volumes about what else is in the firmware of these new N routers, like back-door snooping of user's web activities.
Actually were I a paranoid type I would be far more worried about Microsoft embedding such code in Windows.
I suspect the original poster is confused or has an axe to grind. |
|
joako
Premium
join:2000-09-07
/dev/null
 ·AT&T U-Verse
| said by paranoid :
I suspect the original poster is confused or has an axe to grind.
Or has a legitimate gripe about Linksys' firmware which was probably put together quickly by the lowest offshore bidder.
--
PRescott7-2097 |
|
Sandman5
Premium
join:2002-07-10
Brookline, MO
clubs:
| reply to paranoid
said by paranoid :I have installed a number of Linksys WRT???N routers. Never saw ELA installed and never had it appear after the installation. I have also never seen any behavior similar to what the original poster describes. quote:
Cisco admits that the web security "feature" is embedded IN THE FIRMWARE of these routers
Any vendor embeds *all* of their router features in the firmware since there is no other software running on the router. Where would they put features except in the firmware? quote:
I believe the ELA is on a separate blade of it's own with in the other configuration blades.
This makes no sense. What is the "blade" you are referring to? quote:
speak volumes about what else is in the firmware of these new N routers, like back-door snooping of user's web activities.
Actually were I a paranoid type I would be far more worried about Microsoft embedding such code in Windows. I suspect the original poster is confused or has an axe to grind. I have heard of this.
I do technical support for a major computer manufacturer and provided support where they were having this exact problem and I'm almost positive that it was caused by ELA. They ended up having to reinstall Windows 7 because they did not want to call Linksys/Cisco.
If you don't install the software then you'll likely never see this though.
--
Rule #62: Don't take yourself so damn seriously! |
|
Sith HMP
I Did What?
Premium
join:2004-04-25
Bloomington, IL
| reply to paranoid
When I speak of "blade" I mean tab.
Sorry XBOX used to call their sections blades and I guess it just stuck with me.
As far as it not making any sense please bare with me. Sense and I really do not get along very well. |
|
StepR
Code Warrior
Premium
join:2000-11-06
Elgin, IL | reply to Quaoar
I do not understand why EasyLinkAdvisor is in the taskbar, and when pulled up, anyone has access to the settings, including the router password and encryption key. |
|
