Trust Google to intercept and route your net traffic?
What could possibly go wrong?
Google will shortly release its first WiFi router and has made automatic updating a frontline feature. The new "OnHub" is designed to offer a rather more pleasant experience for home users, starting with a cute coffee cup form factor and extending to an app-driven user interface. Google's even banished blinking lights [Heresy …
"Beg pardon? How does let them know my browsing history? Are you one of those people who use the Google search page instead of the address bar to input URLs...?"
If you're not running NoScript or something equivalent, Google will know what you see due to Google analytics already running on that page. This is why Google really no longer needs to use cookies because they already collect enough data to know its you. They can associate machines to you and they can even figure out if the same machine is being used by different people.
Its not just browsing history... But lets also consider why they want your wifi unit....
Like BT and other providers, they can use the spare capacity to act as a hot spot.
Also they can use it as a known GPS location to help better pin point you in terms of A-GPS.
If you worry about the Chinese hardware being bugged. Think again.. do you really trust Google?
Here's a qute from someone on Hackers' News which spells it out...
"Oh, come on. Just connect your Google router to your Google fiber connection and connect to it with your smartphone or laptop running a Google operating system and Google browser. Visit your Google home page (using Google's DNS servers, of course) to read your Google Mail, or perhaps catch up on the news with Google News, or use Google+ to see what your friends are up to, or get a little work done on Google Docs. Should you do some Google searches and end up on some non-Google sites, don't worry - you're still safe under the watchful eye of Google AdSense and Google Analytics. What have you got to be so paranoid about?"
The new "OnHub" is designed to offer a rather more pleasant experience for home users, starting with a cute coffee cup form factor and extending to an app-driven user interface. Google's even banished blinking lights [Heresy! - Ed.] and instead equipped the device with a glowing ring that changes hue to report its status.
Yes, it's always a good idea to make a dangerous tool helpful and apparently innocuous.
Google inside? Not in a billion years. If you need any help understanding that I suggest you look at the current Android mess, and how well they are onboard with ideas that protect your privacy.
This Google OnHub thing seems to be modeled on the Google Nexus. They may not care about your privacy, but they do take care of security. Unless a FISA judge tells them to hand your data to US agencies in secret. But hey, that’s way better than AT&T, which astonishes even the intelligence community with how eager they are to sell out their customers.
In my opinion, the biggest competition this device faces is not another high-end router, but no router. The ISPs are pushing really hard to upgrade people to combination modem and WiFi routers. Preferably rented. And this would have been good for consumers, because the ISP is in charge of maintaining and upgrading those things for the lifetime of the service. Except that they forgot to include customer service and good software updates.
It’s also tricky to get IPv6 through the combination modem and WiFi routers. IPv4 with NAT works because, eh, another layer of NAT, nobody will notice, incoming connections are for pirates anyway. IPv6 requires proper prefix delegation, which is handled differently depending on the ISP, and the customer probably has to log into the combination modem WiFi router thingy to place it into bridge mode. If it even has a proper bridge mode. I’m curious to see how Google intends to handle this issue.
" look at the current Android mess"
That's correct. It's impossible to turn on location services, to locate yourself, while not also agreeing to send the location to Google for helpful ad-making and generally intruding into your life.
And, god, how much configuration I had to do just to stop Google from sneakily eating my data allowance when I'm out and about. The same goes for eating my battery juice.
It's stylish and cool and all that, and I'm sure it'll sell well to those who like/can afford that sort of thing, but no, no thanks.
What with having to ensure Microsoft don't get the Back door with Windows 10, why would I now give Google control of the Front door?
I was musing recently about whether or not Microsoft had plans for such a thing - it would seem to fit with Windows 10's ideas about sharing WiFi access and acting as a distribution hub for Windows Update. If they weren't planning it, then Google have shown them the way.
... evil Google is going to slurp every bit it can. Seems this, from Wired, might make some pause before jumping on with the cleats. Then again, probably not.
The company that already knows your location, your email, your search history, now sniffing around everything you connect to the internet? Yikes. Not to mention, there’s the fact that it would be all too easy for Google to make the OnHub better for Google services than others, in the hopes that maybe you find yourself going to YouTube and not Netflix.
Wuellner promises, proudly, that none of this is happening. “We’re actually really proud of the work we’ve done around making sure OnHub is a trustworthy and secure member of your family,” he says. “We’ve drawn a very strong, hard and fast line around inspecting any information or websites about the content you’re looking at in your home.” There are settings in the app, too, that users can toggle on and off to determine what data is being shared. [Pushing the limits of Fair Use here.
Link: http://www.wired.com/2015/08/google-onhub-wi-fi-router/?mbid=nl_81815
Two points on that quote:
1. A router is a device which should have one, and only one, function. It is expendable. It is NOT a member of the family.
2. We’ve drawn a very strong, hard and fast line around inspecting any information or websites about the content you’re looking at in your home - that means absolutely nothing. Is the line a barrier to inspection, or does it define who can inspect and why?
@All_Of_The_Above re:switch-before-router - so the incoming WAN cable will now automagically do NAT and/or DHCP et. al. for everything else I plug into that switch, or does everyone get multiple routable IPs from their ISP except me...?
@ Blane Bramble: ah well, serves me right reacting blindly like that to the comment noting there's only one RJ45...
Yeah, well.. Some of us have large networks at home. Not just a wireless.
I have maxed out my ADSL modem/router with it's pitiful 4 ethernet ports, one of which goes to a separate switch to provide more ethernet ports. One such ethernet cable goes to a second wifi access point. I used to have a third wifi access point before it broke.
You really don't want to clog up the wireless spectrum too much with all that streaming going on. Hence all the wired stuff.
This post has been deleted by its author
This post has been deleted by its author
Why compromise the router when they already know all about you centrally. Too likely to break and be revealed and is vulnerable to a great deal of effort to tear down and discredit it already.
I would be more concerned about the firmware update being pwned by a third party actor, via poor SSL certificate maintenance, or routing DNS or IP traffic to a compromised host.
Google don't need to slurp all your data with this, they just want to intercept all those 404 responses and replace them with suggestions from Google's advertisers; similar functionality is already implemented in some routers from ISPs.
So if you can't find what you want, Google will suggest something based on your original query; the revenue from this will pay for the updates to the router software.
If you're ok with this, then it's no worse than other products already foisted on people by ISPs like BT.
No, there isn't a conspiracy - it's all out in the open and everyone seems to be playing the same game.
Why compromise the router when they already know all about you centrally
They know something about me centrally, I'm sure, but it isn't that meaningful or useful compared to what they could know if I fully embraced Google.
With this thing Google would have the same level of access to my internet traffic as my ISP has (even more, actually, since it gets in before the ISP sees what's going out). While I accept that my ISP can see all my traffic, it's primary function is to shift that traffic where it's supposed to go and not to monetize it. Google's primary aim is to make money out of aggregating and selling information : do you really think they're going to resist the urge to do something with it?
I don't, so no, not never.
You know, I would actually trust Google more than my ISP. Your ISP would sell your data in an instant to make a quick buck whereas Google don't sell your data.
Your ISP would probably think nothing about using Phorm style technology to intercept your stream and put it's own adverts in there.
Google, at least, have a reasonable grasp of security and provide updates. The router I got from my ISP never had any firmware updates despite known security holes.
Depends on your ISP, I suppose.
I'm sure all ISPs would sell my data in an instant if they thought they could get away with it, but as far as I can tell they aren't currently. Phorm caused a lot of fuss and I think my ISP would think carefully about breaching the fundamental basis of its arrangements with its customers (who, bear in mind, also include businesses and government organisations).
It would be naive of me to assume that my ISP won't ever play this game, but my point is that I absolutely know that Google is playing it now.
Security - never used an ISP router so I'm a bit better off than some. Google may understand and implement security better than ISPs, but that really just means ensuring only they can get at the data.
So I do what I can to say 'fuck you' to the data gatherers, and that includes putting things as much in my control as possible. Convenience isn't an issue.
"Google don't sell your data"
You obviously have no idea what that means.
Otherwise show me where I can purchase the data for "Pascal Monett" from Google. There's plenty of sites online that will allow me to buy a person's data (192.com, marketing lists, in the UK electoral role data) but I have never seen that data available for sale by Google, even though we have a very sizeable ad spend with them.
The key here is the word "centrally".
Also, it's not "compromising" the router, just augmenting it.
The goal, for Google, is to remove any destinction between "central" and perifery. From now on we are all in Google's domain, whether we want to or not. (That's the idea anyway.)
So you don't use Chrome? Not a problem any more.
So you only run Linux? Not a problem.
And so on.
On my Moto G running 5.0.2 I am unable to switch on GPS without Google wanting to run Google Assist which I presume wants to log any SSIDs that it finds.
There is a Catch 22 selection window where if you choose "Don't show this again" the "Disagree" option becomes greyed out. Choosing "Disagree" results in a warning message that says that Assist has to be on.
"High accuracy" my arse! This is just Google being greedy for data.
I'll wait until the next generation of Ubuntu phones are out before dumping the Moto. I would definitely not recommend buying an OnHub.
I think you'll find that is actually Motorola Assist and not Google Assist. Motorola is a company owned by Lenovo.
The Guardian Project (Tor, Orbot, Orweb) are working on a way to selectively switch on location temporarily for certain purposes, while preventing everything else including google from accessing it. The "app" is called Location Privacy - BETA currently.
I can’t help but notice that when Google is looking for a maintainable wireless router, they’re going with Qualcomm Atheros. All the router chipset manufacturers sort of suck, as far as openness of device drivers is concerned, but Atheros seems to have sucked much less than the rest. My routers use older Atheros chipsets, because I know I can upgrade the kernel on them.
But I’m a bit concerned about the Qualcomm acquisition. Will Qualcomm maintain the openness policy? The IPQ8064 doesn’t actually include the radio, and most routers that have the IPQ8064 SoC attach it to closed-source Quantenna radios. Worse, it looks like the Qualcomm Atheros QCA9980 is not open. I hope Atheros is not another nice company killed by acquisition.
OnHub therefore represents a welcome change in router design.
Funny that. I've always made a habit of turning off any remote admin / update features in anything internet facing, as that's the route the miscreants usually take to pwn it......(!)
A bit like sorting the problem of the inadequate lock on your door by removing it entirely.
I made the mistake of reading about this device on a different tech news site this morning, that i shall euphamistically refer to as "Gammr" (which has recently been subject to a disastrous rebranding).
After their light and fluffy article with no technical content whatsoever put me in a bad mood about technical journalism, it was refreshing to come back to The Register and read this.
Thanks Darren Pauli for a much more informative article!
Google's even banished blinking lights [Heresy! - Ed.]
WAS IST DAS? KEINE BLINKENLICHTEN? GOOGLE, BITTE PISSEN SIE OFF UND TAKEN YOUR nOOben TOOTEN ROUTEN MIT SIE - DIESE "OnHub" IST ONLY FUR DUMMKOPFEN UND NONTEKNISCHEN LOOKENPEEPERS WHO THINKEN THAT DIE "GLOWING RING" REMINDEN THEM AUF DIE COTTONPICKEN FECKIN XBOX...
This post has been deleted by its author
A few questions:
1 this 'app-driven' UI... I take it that you can't access the device except via the app. Interesting. How is this different from Apple's AirPort routers, which also can't be access except via an app, and have been around for quite some time?
2 is this app available for platforms other than Android? Apple has AirPort Utility available for iOS, OS X, and Windows. Not, so far as I know, for Linux or Android. I do hope that Google doesn't mirror-image this.
re the firmware updates:
1 again, Apple has made a habit of issuing firmware updates, usually via the Apple Store, for a long time now for the AirPort routers. It's a relatively painless system. Will Google be doing something similar?
2 several firmware updates for Apple's AirPort have had... problems. They were fixed promptly. (Well, promptly for Apple, anyway.) Google _will_ have problems. I do wonder just how fast they will fix them.
re the Ethernet ports:
1 it's got _how many_ ports? Really? You're kidding, right? Even Apple manages three ports plus the WAN port....
re the design...
<looks at AirPort Extreme in the corner. Looks at pic of Google thingie.> No comment. I suspect that there will be lawyers at dawn, though.
I don't understand who this sort of device is targeted at.
Home users invariably access the 'net via their Skyhub, Livebox or whatever broadband router combo box supplied by (and configured by) whoever they sign up with. So why would they want something like this?
Small business users? Unlikely I would've thought.. Netgear, Cisco etc. are well-known well thought of boxen suppliers and their admin interfaces, quirky or no, are no great frightener to the average local sysadmin... this offering has no clear advantage that I can see over the "standard" router.
From the Wired text:
"“We’ve drawn a very strong, hard and fast line around inspecting any information or websites about the content you’re looking at in your home.” There are settings in the app, too, that users can toggle on and off to determine what data is being shared."
Well, that confirms it then!
Google DOES have "information sharing" built into the router, just as suspected!
Those toggles so often accidentally change during upgrades, etc...
And the default value probably is to make it as convenient as possible for the end user, so the ads will be properly targeted and relevant. Or else.. the ads will be random and nasty.
There are other router manufacturers apart from re skinners of chipset firmwares like Zyxxel, Belkin, D-Link, Linksys and so on. There are companies which actually make their own firmware and even allow you do use the auto-update funktion for which they provide at least 5 years of support. A good example is AVM. Their Fritz!Box series offers anything from a plain router/DSL-modem (unfortunately you cannot turn off the router functionality) to a device which not only includes dual band WIFI, but also DECT for your mobile phones.