Join 3,432 readers in helping fund MetaFilter (Hide)


Cisco called, they want their Internet back
June 30, 2012 7:50 AM   Subscribe

Introducing Cisco Connect Cloud! Now available mandatory for Linksys Smart Wi-Fi Routers, Cisco Connect Cloud gives you almost anybody anytime, anywhere access to your home network.
posted by flabdablet (67 comments total) 18 users marked this as a favorite

 
Well, they do say Cisco helps your business take data transfer to the next level. I just didn't realize that "the next level" meant "everybody."
posted by wolfdreams01 at 7:53 AM on June 30, 2012 [1 favorite]


Plus they apparently data mine the shit out of your traffic.
posted by Lord_Pall at 7:55 AM on June 30, 2012 [1 favorite]


Just put a dollar in the honesty box next time you're on someone else's network. That's how it works isn't it?
posted by arcticseal at 8:01 AM on June 30, 2012 [1 favorite]


Wow. Linksys was shit enough before Cisco took over. Can we go back to using the word "cloud" just for cool things that I want to be able to do?

Also, obligatory link to DD-WRT for anyone stuck with one of those routers.
posted by yerfatma at 8:03 AM on June 30, 2012 [3 favorites]


Well, this hasn't happened (yet) on my E3200. Wow Cisco is lame.
posted by fuq at 8:09 AM on June 30, 2012


I was just gonna say, buy the hardware, put on WRT.
posted by oddman at 8:09 AM on June 30, 2012


Oops.

Still, bar security fuckups this all seems pretty inevitable - your router is already a little tiny server, doing more with it makes sense. Possibly even more sense than your games console or Google Media Blob being the hub of your house.
posted by Artw at 8:11 AM on June 30, 2012


fuq: I have the same one and had a bit of a panic, but I think that model is safe. From Cisco's site:
The Cisco Connect Cloud is compatible with Linksys Smart Wi-Fi routers (EA2700, EA3500, EA4500) and the Linksys E4200 v2.
posted by yukonho at 8:13 AM on June 30, 2012 [1 favorite]


I'd flash my E3000 to DD-WRT or Tomato in a heartbeat if I could find a step-by-step set of up-t-date instructions, never mind figure out which of the thousand and one different firmwares I should be using.
posted by Sternmeyer at 8:13 AM on June 30, 2012 [3 favorites]


your router is already a little tiny server, doing more with it makes sense.

When I inject malware into your PC's OS and seize control of it, I go to prison.

When Cisco replaces your little tiny server's entire OS and seizes control of it, they go... where?
posted by flabdablet at 8:16 AM on June 30, 2012 [12 favorites]


To the bank?
posted by rtha at 8:18 AM on June 30, 2012 [16 favorites]


When Cisco replaces your little tiny server's entire OS and seizes control of it, they go... where?

To the bank!
posted by msbutah at 8:19 AM on June 30, 2012 [4 favorites]


Curse you rtha. I'm going to update your router firmware now.
posted by msbutah at 8:19 AM on June 30, 2012 [8 favorites]


Ha! Joke's on you - I don't have a router. All these comments arrive via carrier pigeon.
posted by rtha at 8:25 AM on June 30, 2012 [7 favorites]


Sternmeyer : I'd flash my E3000 to DD-WRT or Tomato in a heartbeat if I could find a step-by-step set of up-t-date instructions, never mind figure out which of the thousand and one different firmwares I should be using.

Flashing instructions for the E3000
posted by pla at 8:28 AM on June 30, 2012


This is some Sony CD Rootkit level of evil right here.
posted by radwolf76 at 8:33 AM on June 30, 2012 [3 favorites]


Is there any verification of a security hole, or is it just one possibly confused person on a forum?
posted by Tell Me No Lies at 8:36 AM on June 30, 2012 [1 favorite]


Surprise! Evil corporation is evil!

Not really. After watching the video on the Cisco site, two things became obvious:
1) The video does not communicate anything beyond the fact that Cisco can hire someone that knows how to use a 3D tool.

2) How out of touch Cisco is with... pretty much everything.

One of the goals of the Cisco cloud (I think) appears to build a VPN channel between devices, providing access to a home network from anywhere. That in itself is quite cool – if it means an iPhone can access shared files, printers, etc. from anywhere.

The data-mining aspect is philosophically neutral. It is already occurring by one's internet service provider in equally-fine grain detail, so it's not technically a new privacy concern. That Cisco is a less-regulated entity with a different legal standing may well make it a different privacy concern.

From the technical point of view, More Data (Especially About Data) Is Always Better. Data allows for better decision-making regarding resource deployment. That decision-making and the related outcomes can involve tremendous amounts of capital, thus making data (about data) and data sets a valuable thing to generate and posses.

If we over-think what has occurred here, one's home router has always 'monitored' the data stream passing through it, and the destination router at an ISP monitors the hell out of the data passing through it. What Cisco's done is enable a feature which collects and aggregates that data from the user end. Seemingly, the 'incentive' to enable that feature is access to one's home network from anywhere.

There are a few outcomes from this, not all of which are negative:

1) Cisco now generates a data set that is similar to ISPs. In fact, Cisco may well generate a much richer data set than ISPs as Cisco devices sit across different ISPs around the world. Thus, Cisco is generating a global data set from all users of their routers. That body of knowledge currently does not exist, as ISPs are the only one's that have it – and they usually have it within geographical boundaries.

Thus, Cisco has generated a new competition point – and competition is (often) better for end-users. Yay Cisco!

2) Cisco now generates a data set that is similar to ISPs. In fact, Cisco may well generate a much richer data set than ISPs as Cisco devices sit across different ISPs around the world. That data set will live in the hands of a private company in the United States that is behest to US law. Thus, information previously held in chunks by a large number of different organisations in different countries will now also be held in the United States by a private company with cozy connections to US government leaders. That in itself is a neutral quantity, good or bad, depending on one's opinion of private companies in the US and the US government. *looks at Cisco with a suspicious eye*

3) Cisco now generates a data set that is similar to ISPs. In fact, Cisco may well generate a much richer data set than ISPs as Cisco devices sit across different ISPs around the world. Cisco will use that data in commercial ways, presumably to develop and refine products. However, there are few limitations on how Cisco can and will use that data in terms of whether it's used internally or externally. They can use it themselves, they can sell it on. It will be very obvious which individual flesh-and-blood people are connected to each data stream by the content of the data stream itself (via email addresses, social networking accounts, etc.).

Cisco's potential revenue streams from those data streams is substantial. If a revenue stream can be monitised, it (usually) will be monitised, thus a Cisco router basically becomes a very valuable behaviour data collection device that the end-user pays for. Good trick, Cisco. Based on how large corporations operate, Cisco is going to exploit this data stream as much as possible, which involves selling highly-detailed information about real people into a marketplace of other corporations. That then further cements the shift of power in society from individuals to corporations. Bad Cisco, no treat for you.

All that being said, the key issue is not that the data is being collected, it's that the data is going to be centrally-aggregated. Also, Cisco is not doing so well these days. Facebook, Google, and other Huge Customers are taking their ball and going home... home being China, where they are developing their own routers. A Cisco employee left a few years ago (or this year maybe) to start a completely software-based router. Physical ports that connect to a brainy chip that runs Expensive Cisco Hardware Features completely in software.

Cisco is under attack from all sides, and they're no doubt watching the RIM implosion with a distinct lack of joy. A major hardware player pushed to the edge of irrelevance in a very short length of time. Thus, Cisco is hunting for new revenue streams wherever they can find them... and this is a very large potential revenue stream.

As far as DD-WRT and similar products, if one knows of DD-WRT, they are not the target market for Linksys products, rather 'nice-to-have' consumers. The big, fat, juicy target are people who go to Best Buy, Argos, or whatever and buy one and pop it on their home/small business network, where that router will happily collect data all day long and pass it up to the Cisco mothership.

It's not inherently a bad move, and actually, from a nerd perspective, it would be an amazing data set to have in terms of general curiosity, infrastructure planning, and similar lines of inquiry. Where the concern comes is that Cisco is a wounded stag charging through the forest of potential profit centres and may well make decisions to use the data in ways that are less than palatable.
posted by nickrussell at 8:37 AM on June 30, 2012 [18 favorites]


Yes, ISPs already monitor traffic. In fact, starting tomorrow, they are required to monitor your traffic.

But with a router, they can monitor your home network, and even give you advertising based on that network configuration.

In addition, Cisco may collect and store detailed information regarding your network configuration and usage...If you have a particular game console in your home network, Cisco could provide you with information about upcoming games or movies that play on that game console.

posted by eye of newt at 8:51 AM on June 30, 2012


starting tomorrow, they are required to monitor your traffic.

So now I have yet another reason to be glad not to live in the land of the "free".

That aside: let's assume for argument's sake that I am a customer of one of those Internet Spying Providers, that a substantial amount of my traffic consists of sharing Linux DVD images via BitTorrent, and that I do this with BitTorrent encryption turned on. How is my traffic distinguishable from that of a copyright-ignoring scofflaw unless the ISP runs its own farm of honeypot BitTorrent peers offering copyright-protected materials, thereby breaking the very laws they're supposed to be policing?
posted by flabdablet at 9:08 AM on June 30, 2012


Oh my god if this had happened to me I would lose my mind with fury. Are you shitting me? There have god to be thousands of class actions spooling up right now. Oh wait, class actions don't work any more. This is so fucked.
posted by seanmpuckett at 9:33 AM on June 30, 2012


nickrussell : Thus, Cisco has generated a new competition point – and competition is (often) better for end-users. Yay Cisco!

Uhh... The "competition" here doesn't have anything to do with providing the end-user a better or cheaper experience - They now "compete" only in the realm of selling us out, to marketers and governments and faux-"watchdog" groups like the RIAA. They may well push prices down, but only the "price" of stripping us of what little privacy we have left.

Going further, ISPs have historically used their monitoring primarily to maintain the quality of service across their networks and to comply with law enforcement requests; Cisco has no need for the first, and no interest in the second.

So yeah, when someone decides to watch me, against my wishes, and has no obvious legitimate reason to do so - I get a bit paranoid about it.
posted by pla at 9:38 AM on June 30, 2012 [5 favorites]


Is there any verification of a security hole, or is it just one possibly confused person on a forum?

You don't get it! EEEEEEEEEEVILLLL! /waves hands
posted by Artw at 9:43 AM on June 30, 2012 [1 favorite]


So using their product to inject malware into your home is a huge problem, and forcing people to agree to it or they don't get to use the product is equally a huge problem.
(I wonder what Apple does.. People sure love their AirPorts...)

What's this other thing though, about almost everybody? They screwed up user authentication?

Anyway, I'm a little confused.
posted by Chuckles at 10:09 AM on June 30, 2012


My current router is a Cisco/Linksys (also an E3000, which from what I see, won't be effected.) My previous router was a Linksys.

For the first time, I'm considering flashing it. And I won't even consider a Cisco/Linksys now when I'm replacing it. Now, for certain, Cisco doesn't have to care about users like me. There aren't enough of us. As nickrussell astutely observes "The big, fat, juicy target are people who go to Best Buy, Argos, or whatever and buy one and pop it on their home/small business network, where that router will happily collect data all day long and pass it up to the Cisco mothership."

But what does get a bit left out is that there's a large segment who don't even try to decide on the new model themselves, and instead ask their geeky friend. I wonder if Cisco is changing geeky friend's answer. And I further wonder if this will taint my opinion of Cisco when I'm buying much higher-end equipment for work.

So far as the "new competition point" though -- It may well give Cisco some leverage to compete against ISP's , which is especially useful for them right now, when, say, my ISP dumps a ubee 4 wired+wireless router in your house as opposed to the traditional cable modem, and you actually have to call them to have it thrown into bypass mode if you want to use your own instead. But here's my thing: if they have to load my router with spyware and remove my ability to use various config options to do so, then I don't care about their ability to compete except insofar as as I now actually wish them more ill than I did before.
posted by tyllwin at 10:14 AM on June 30, 2012 [1 favorite]


Wow, the Internet has really blown up about this today.

I'm a Cisco employee. I can't really say much here because I haven't been cleared to, but let me address a few concerns:

1) To the very best of my ability to determine, there are no known vulnerabilities in the remote management portion of the software. That last link is pretty damned disingenuous given its utter lack of anything but a spurious claim, and I hope that everyone takes it with a pretty huge grain of salt.

2) Not everyone uses, nor wants to use, things like DD-WRT or Tomato. I do, but that's because I'm not my mother or grandmother. Tomatoes come from gardens. Configuring their LAN? I may as well speak Klingon. The Cloud-based support is not for you, it's for them, and I see the value in it.

3) I sincerely suspect that the traffic profiling language is CYA language to avoid getting in trouble with EU regulators regarding data privacy. I can go into more detail about why Cisco might do such a thing if anyone cares, but I'm not worried about my mom's browsing habits getting recorded in Cisco datacenters. There is, indeed, no evidence that I've seen that data of that sort is being transmitted. There is only a clause in the EULA that says Cisco can.

4) People inside the company care. I will refrain from expressing my opinion - sorry about that.
posted by TheNewWazoo at 10:26 AM on June 30, 2012 [7 favorites]


They screwed up user authentication?

That's the claim, yes.
posted by flabdablet at 10:27 AM on June 30, 2012


Oh, and -- speaking entirely for myself here -- why would Cisco want to compete with ISPs? You don't compete with your customers.
posted by TheNewWazoo at 10:28 AM on June 30, 2012


The Cloud-based support is not for you, it's for them, and I see the value in it.

Are you in a position to reveal whether Cisco also sees value in continuing to release firmware updates that don't require the creation and/or use of a Cloud account?
posted by flabdablet at 10:31 AM on June 30, 2012


Excuse me, I didn't finish my thought.

There is, indeed, no evidence that I've seen that data of that sort is being transmitted. There is only a clause in the EULA that says Cisco can collect the data. My hunch is that it's to CYA in case personal information is included in the analytic information that is collected.
posted by TheNewWazoo at 10:31 AM on June 30, 2012


Are you in a position to reveal whether Cisco also sees value in continuing to release firmware updates that don't require the creation and/or use of a Cloud account?
posted by flabdablet at 10:31 AM on June 30


I am not, unfortunately. I will reiterate that there are people in the company that care deeply about this new discovery (and it was a discovery for a lot of people). Cisco is a huge company, and the home networking business unit is a fairly small (but highly visible) part.
posted by TheNewWazoo at 10:33 AM on June 30, 2012


and it was a discovery for a lot of people

Do you mean a lot of people inside Cisco?
posted by flabdablet at 10:38 AM on June 30, 2012


I'd flash my E3000 to DD-WRT or Tomato in a heartbeat if I could find a step-by-step set of up-t-date instructions, never mind figure out which of the thousand and one different firmwares I should be using.

Too easy to brick an $80 Linksys router with the wrong firmware on the wrong router subversion, as I learned to my cost. Never doing that again.
posted by Blazecock Pileon at 10:39 AM on June 30, 2012


Yeah, stick to your NDA's. No one wants you to be be the poor Chrome Specialist!!

OMG, no, I don't want to use DD-WRT or Tomato. I do that kind of crap at work. I long ago stopped thinking of it as fun tinkering, and now just want my home net to be simple and stable. But, y'know, a Netgear or D-Link is not "you must use a build in the e3k chain greater than SVN 12345"

For what its worth, I actually am not concerned about the purported vulnerability. Introducing accidental vulnerabilities during major upgrades is a problem for every product and vendor. Shit happens and no one will turn on a valued vendor for a mistake.

But removing the owner's ability to access certain config settings, and greying out the choice about accepting future updates? Not an accident. And, as RIM shows, the magic of a known name on a label has its limits in the longer term.
posted by tyllwin at 10:44 AM on June 30, 2012 [2 favorites]


I've deployed dozens of the e3000 APs and it is great hardware. I suggest the TomatoUSB firmware over dd-wrt for stability, but what I generally do is flash dd-wrt before Tomato.

1. Flash this dd-wrt build.

2. Flash this TomatoUSB if you don't need VPN, or this if you need VPN.

The Cisco e3000 is a really cheap way to deploy dual-band (2.4ghz & 5ghz) wireless.

Even though the TomatoUSB firmware is very stable, I still have it set to automatically reboot once a week at home, and nightly in the office.
posted by pashdown at 10:44 AM on June 30, 2012 [1 favorite]


TheNewWazoo : Oh, and -- speaking entirely for myself here -- why would Cisco want to compete with ISPs? You don't compete with your customers.

It might look that way, on the Surface, but when you really believe you've reached the last few rounds of the game, the one who defects first comes out ahead.
posted by pla at 10:47 AM on June 30, 2012


My hunch is that it's to CYA in case personal information is included in the analytic information that is collected.

I think it would be pretty easy to word the legalese in a way that reassures the public of a good faith effort not to collect or share unrelated information, if any good faith effort was intended. Lots of companies make this same error of course.. If you can call it an error ;)
posted by Chuckles at 10:47 AM on June 30, 2012


Luckily my e1550 doesn't seem to have automatic firmware update. When I did update manually last month, it tried to force me to use their Anyconnect thing, but I was able to bypass that and use the regular interface. I'm glad, because this is easily the most stable router I've had. Outside of power outages and firmware upgrades, I've only rebooted maybe once or twice (and I think the problem was actually at the ISP).
posted by dirigibleman at 11:07 AM on June 30, 2012


On Slashdot the other day a (probably different) Cisco employee (also not directly involved in this) made it sound like this was an advertised feature of these specific routers. That is, when you bought them the box said "will be Cisco Cloud enabled in the future" and the install CD sets you up with a Cisco Cloud account thingy and the EULA and this shouldn't be a surprise. This is like buying a TV that said it would support Netflix at some future date and then freaking out when it updates and Netflix shows up on the menu. The Cloud Connect is an advertised feature of this sub-line of home routers. Giving the owner remote access via their Cloud account over their mobile devices, being able to check who's doing what or granting guest accounts remotely through some cloud app instead of trying to set up remote access to your router all by yourself, letting Cisco worry about security and updates instead of doing it yourself, etc. It's just now finally doing what it said it would on the tin when you bought it.
posted by zengargoyle at 11:15 AM on June 30, 2012


In fact, starting tomorrow, they are required to monitor your traffic.

"They" being the ISPs that have cozy relationships with the RIAA and MPAA. Mine doesn't. If you're lucky enough to live in an area with an ISP that has a spine, I urge you to use them instead of Comcast/Verizon/AT&T/etc.
posted by zsazsa at 11:16 AM on June 30, 2012 [1 favorite]


There is, indeed, no evidence that I've seen that data of that sort is being transmitted. There is only a clause in the EULA that says Cisco can.

Close enough. "Trust us, we aren't currently using this monetizable information you've just granted us permission to use."
posted by ook at 11:21 AM on June 30, 2012 [1 favorite]


Somehow I doubt it said this on the tin:

You will be unable to opt out of cloud connect
You will only be be able to access your device via this new internet service
You will be forced to accept all future updates, without notice
Other configuration settings you use may be disabled at our sole discretion
This will be activated without warning

Or, if it did, I doubt it was in language anyone could understand or type anyone could read.
posted by tyllwin at 11:48 AM on June 30, 2012 [2 favorites]


zengargoyle : This is like buying a TV that said it would support Netflix at some future date and then freaking out when it updates and Netflix shows up on the menu.

As long as that TV doesn't force me to use watch nothing but NetFlix, true, I don't think you'd hear many complaints. But that wouldn't parallel what Cisco did very well.

If, however, you bought an "online enabled" TV expecting to watch Netflix and Hulu and YouTube, and then the manufacturer locks you into their proprietary crappy service with "now monitoring your every move and phoning it home awesome sauce!" as a selling point, I'd call that a closer match to the Cisco situation.
posted by pla at 11:51 AM on June 30, 2012


I'm a Cisco employee. I can't really say much here because I haven't been cleared to, but let me address a few concerns:

1) To the very best of my ability to determine, there are no known vulnerabilities in the remote management portion of the software. That last link is pretty damned disingenuous given its utter lack of anything but a spurious claim, and I hope that everyone takes it with a pretty huge grain of salt.
I've been a Cisco user at the enterprise level off and on for around a decade. The problem with Cisco products is that they are buggy as hell and Cisco always assures you that there are no known vulnerabilities - until you twist their arm hard enough. At the Fortune500 level, it is easy enough to get Cisco to listen to your bug reports and then fix them. Anything below that and you are out of luck.

TL;DR If you spend less than $1 million a year on Cisco hardware, don't expect any bugfixes. Do expect bugs and exploits.
4) People inside the company care. I will refrain from expressing my opinion - sorry about that.
I'm sure they/you do as individuals, but that doesn't really matter unless backed up by corporate policy and action.
posted by b1tr0t at 11:56 AM on June 30, 2012 [6 favorites]


I'm a Cisco employee. I can't really say much here because I haven't been cleared to, but let me address a few concerns:

What I hate: corporate spokespeople saying something like "Oh it's really not that bad. I can't tell you why but it's not. Trust me on this." When I hear that, I substitute it mentally with "BLAH BLAH SMOKESCREEN."

When it comes to large corporations being revealed as doing questionable things, I'm prepared to be a little unreasonable. It's natural to be such when dealing with grossly powerful and callous entities like corporations, it isn't human nature to react to them with equanimity because they never do.

They should have to go an extra mile or two, treading lightly, to satisfy people, because if they are not held to that, if they are not subject to the occasional disproportionate overreaction, then just like what they tend to do with the law they will figure out exactly where The Line lies then sidle up to the precise closest centimeter they can without going over it. Then, millimeter.

1) To the very best of my ability to determine, there are no known vulnerabilities in the remote management portion of the software.

In other words: "As far as I know, no one knows of a vulnerability." I'm sure people at Microsoft can say the same thing about Windows security.

3) I sincerely suspect that the traffic profiling language is CYA language to avoid getting in trouble with EU regulators regarding data privacy.

EULAs typically claim all kinds of rights in order to avoid prosecution later. It doesn't change the fact that, once claimed, they can later be used for ill purposes. Maybe not under Cisco's current management, but after the next guy in line, who doesn't perhaps have much respect for user privacy.

4) People inside the company care. I will refrain from expressing my opinion - sorry about that.

Then I'm sorry but BLAH BLAH SMOKESCREEN.
posted by JHarris at 12:12 PM on June 30, 2012 [7 favorites]


What I hate: corporate spokespeople saying something like "Oh it's really not that bad. I can't tell you why but it's not. Trust me on this." When I hear that, I substitute it mentally with "BLAH BLAH SMOKESCREEN."
It seems clear that TheNewWazoo isn't a Cisco spokesperson, but rather a Mefite who happens to work at Cisco.
posted by b1tr0t at 12:38 PM on June 30, 2012 [4 favorites]


It isn't words but actions that determine how I look at companies. Belkin a couple years back put in a (rather innocuous, compared to this Cisco thing) way of advertising that was IIRC something like a default page when an address wasn't resolved. I have never bought anything from Belkin - cables, KVMs, whatever - since then.

This stunt of Cisco's is such a naked power grab (in that the power that resided with the admin has been unilaterally taken on by Cisco, changing what people bought into something... different, and potentially malicious or at least intrusive) that I shall never buy anything else from Cisco or Linksys. Ever. Unless they reverse themselves completely on this action and give everybody concerned at least a whole marionberry pie that doesn't come with Ts and Cs.
posted by jet_silver at 12:43 PM on June 30, 2012


So they want to tune into my computer. Instead of popcorn, they should bring a bowl of Nodoz pills. These are not the droids sexy emails you are looking for.
posted by Cranberry at 12:53 PM on June 30, 2012


If we over-think what has occurred here, one's home router has always 'monitored' the data stream passing through it, and the destination router at an ISP monitors the hell out of the data passing through it. What Cisco's done is enable a feature which collects and aggregates that data from the user end.

But there's something incredibly different about the two. When I sign up for an ISP, the understanding is that I'm going to be sending all my traffic to that ISP. For better or for worse, I'm trusting my ISP to be the first link in the communication chain (that or I'm using a VPN to funnel traffic to someone I trust more). Similarly, I'm not surprised when my phone company "monitors" my calls to produce a list of who I've called or when my credit card company "monitors" my spending to produce a list of who I've paid or when Netflix knows that movies I've watched.

What's happening here is that Cisco is reserving the right to make the device I purchased "phone home" to its manufacturer with information about the data passing through it. This is a lot more akin to Toyota getting access to everywhere I've driven in my Prius or Sony sucking down a list of all the Netflix moves I've watched on my Sony TV.
posted by zachlipton at 1:55 PM on June 30, 2012 [1 favorite]


But there's something incredibly different about the two. When I sign up for an ISP, the understanding is that I'm going to be sending all my traffic to that ISP. For better or for worse, I'm trusting my ISP to be the first link in the communication chain (that or I'm using a VPN to funnel traffic to someone I trust more). Similarly, I'm not surprised when my phone company "monitors" my calls to produce a list of who I've called or when my credit card company "monitors" my spending to produce a list of who I've paid or when Netflix knows that movies I've watched.

And in all those examples, there's something tangible that you get in return for giving your trust: internet service, phone service, transaction processing, movies to watch.

What are we getting for trusting Cisco with our internet history again?

Upthread, nickrussell spoke of Cisco becoming more competitive as a company, but that's what they're getting. As a consumer, I only benefit if multiple companies are about equally matched in competitiveness. Cisco is already one of the top players in this market segment, making them stronger on top of that may end up driving one of the smaller companies out of the game.

TheNewWazoo, as well as Cisco employees on their official forums, have mentioned that the analytic data they collect will help them design a better product because they'll be able to tailor their design closer to usage patterns. Again, there's no immediate benefit to me, as I'd have to buy next year's model to get those design improvements. And Cisco probably didn't have to enable wholesale data collection across the entire customer base to meet that goal, I'm sure the R&D engineers are smart enough they could have extrapolated those same usage patterns from a statistical sampling taken via opt-in survey.

Easy setup of remote access to my home network? The existing free software solutions for this aren't terribly complex, and the only new thing that Cisco Cloud Connect brings to that table are a handful of smartphone apps, none of which are revolutionary. Hardly worth trading all of one's internet history for.
posted by radwolf76 at 2:43 PM on June 30, 2012 [2 favorites]


I think a better analogy would be you buy some cell phone, let's call it a uPhone, with the promise that great new features will be coming with the next firmware update, and then that update magically shows up one day and the next time you want to dial a phone or send a text it makes you create a new ID and password before you can even see your contact list, and the EULA states pretty clearly that they reserve the right to send every SMS and voice call and email and all the websites you look at and really everything back to uPhone headquarters. And then there's some noise from PR flacks who say, "oh, it's cool, that's just for debugging, or in case there's a virus or something? anyway we need that, and you should trust us!"

Because what NetFlix shows you watch, who cares, that's just demographic shit. Where you drive your car, that's a little more personal, that's where you work where you shop where your mistress lives and where you met the drug dealers and how you had a meeting in an alley with the newspaper reporter who blew open a case about the bank's embezzling millions.

Your phone or internet data, though? These days that's almost 100% of our lives. Our most personal info from bank passwords to sex videos to the silly poems we send to our partners, and now Cisco wants to say, "oh, it's cool, that's just for debugging, or in case there's a virus or something? anyway, we need that, and you should trust us!" Which is the point at which if I'd been using a Cisco router I'd have thrown the thing into a chipper shredder.

Soooooo, with all due respect to employees of Cisco who think it's not a big deal and they're really on our side, fucking hell no god damnit it's not okay, this is not anything you have any business doing and as far as I'm concerned your home office just grew black flagged turrets and zombie dragons and moats full of lava and dragon salamanders and your CEO is a horned devil with pitchfork briefcase.
posted by seanmpuckett at 2:57 PM on June 30, 2012 [4 favorites]


TL;DR If you spend less than $1 million a year on Cisco hardware, don't expect any bugfixes. Do expect bugs and exploits.

Believe me, nothing magical happens when you spend > $1M a year. It's the same software.
posted by Runes at 3:21 PM on June 30, 2012


Believe me, nothing magical happens when you spend > $1M a year. It's the same software.

Yes, but if you're spending that much they're actually willing to consider bugfixes and feature requests when you need them. Which probably explains why at this point, IOS resembles nothing so much as 10,000 feature requests flying in loose formation.
posted by McCoy Pauley at 3:48 PM on June 30, 2012 [1 favorite]


$1 million is chump change to Cisco. 50 or 60 is more like it.
posted by Tell Me No Lies at 4:00 PM on June 30, 2012


Too easy to brick an $80 Linksys router with the wrong firmware on the wrong router subversion, as I learned to my cost. Never doing that again.

That's what $5 Linksys WRT54G v2.0 routers at Savers and Goodwill are for. And guess what? For 90% of all setups, they work just as well at sharing an internet connection and providing a local WiFi network as the brand new $80 routers.
posted by RonButNotStupid at 6:58 PM on June 30, 2012


Wait, what? So monitoring the traffic on my home network/wireless router is going to improve my router experience, eh? Maybe public works needs to start keeping track of what I eat to determine if my sewer pipes are big enough.
posted by hellslinger at 7:10 PM on June 30, 2012 [1 favorite]


That's what $5 Linksys WRT54G v2.0 routers at Savers and Goodwill are for. And guess what? For 90% of all setups, they work just as well at sharing an internet connection and providing a local WiFi network as the brand new $80 routers.

That's not actually true. I can't speak for the newer models, but the V2 that I had couldn't keep up with a greater than 6mbps connection. It was really bad if I tried to use wireless at the same time. Replaced it with a $5 Pentium III machine running linux and I get speeds identical to plugging straight into the cable modem.
posted by gjc at 7:25 PM on June 30, 2012


Just go buy a Buffalo device with DD-WRT baked in from the factory. Easier than trying to figure out if you hardware rev has compatible chips, etc.
posted by MikeKD at 7:48 PM on June 30, 2012 [2 favorites]


My WRT54G is still going strong, but if Cisco/Linksys are now persona non grata, which routers should we get if you're like me and don't want to mess around shoving vegetables/fruit through the ports? Can anyone recommend a better brand/model?
posted by arcticseal at 8:30 PM on June 30, 2012


Asus seems to be the go-to for enthusiast routers these days. Their out-of-the-box firmwares are solid enough it seems but often feature in-complete and poorly implemented or documented.

I had the RT-N16 which is the best single-band one.

DD-WRT has lost most of the enthusiast uh...enthusiasm lately with more people going towards Tomato.
posted by reiichiroh at 9:39 PM on June 30, 2012


Just go buy a Buffalo device with DD-WRT baked in from the factory. Easier than trying to figure out if you hardware rev has compatible chips, etc.

I tried one of those, Maybe I just got a bad model, but it really suffered from stability issues. Even with adding a script to reboot it everyday, there would be times when I couldn't go more than 8-9 hours without having to do a hard reset.

Getting back to the Cisco issue, has anyone dropped a packet sniffer between one of these and their internet connection to see just what's getting sent back to the mothership, and how much extra bandwidth per day it consumes? I wouldn't expect it to be a lot, but for those who are just barely squeaking by on their ISP's bandwidth caps, every little bit hurts.
posted by radwolf76 at 5:04 AM on July 1, 2012 [1 favorite]


I was having issues with a buffalo N300 router doing the same thing, dropping wireless while still claiming to be up. An update to the newest buffalo firmware fixed the issue.
posted by TheJoven at 12:26 PM on July 1, 2012


It's not that you need to be spending >$1M a year with Cisco. It's spending right around $10-15M per year with Ingram Micro to get their attention. Very few people buy directly from Cisco.
posted by Thistledown at 6:09 AM on July 2, 2012


Cisco hardware for the home and small business generally sucks. First, for lousy performance, and now this.

I like the Asus N-16, N-56, or N-66, depending on how much you want to spend. N-16 and Tomato seems to be what the cool kids are doing, but even the stock firmware is reasonably featureful. (Tomato might be a little slower, but with more/better features and UI.) And if you're looking for high performance (and you probably are, whether you know it or not), the N-56 has the best overall performance AND the best price-performance on the market, although it didn't support ipv6 last I checked. That wouldn't stop me from buying one, though.

Netgear has been gradually improving their stock firmware at the same time Cisco's has been standing still or getting worse, but they still don't have Asus levels of performance.

Smallnetbuilder has some other useful performance data if you want to see the various details.
posted by Hello Dad, I'm in Jail at 7:09 AM on July 2, 2012 [1 favorite]


In case anyone is interested, Cisco has posted instructions about how to revert back to a web-page-only configuration version. It looks useful.

There's also a PR-style response. I will reserve comment about this.
posted by TheNewWazoo at 8:47 AM on July 2, 2012 [1 favorite]


how to revert back to a web-page-only configuration

Given that the instructions speak of "downgrading" and "rolling back", I'm not sensing a commitment to ongoing maintenance of a non-Cloud option for these models.

I will reserve comment

Then I will put some points that, as a loyal employee, it's obviously politically unsafe for you to put.

I am sick to death of PR types who think admitting to a cockup is worse for a company's image than telling people who know what they're doing that they don't know what they're doing.

Nobody is going to find that piece of rainbows-and-unicorns puff other than people looking for a solution to a problem that they already know perfectly well that Cisco just caused for them, at which point the last thing they will want to do is sit down with Cisco in a happy clappy circle and sing Kumbaya and "give Cisco Connect Cloud a try" because "it’s a great way to simplify how you connect, control and interact with your connected devices".

NO.

My connected devices were working just fine, thank you. What Cisco just did was stop me from connecting, controlling and interacting with them at all.

Brett Wingo needs to be put in a room with Dylan Moran and have some things explained to him. Cisco is like the "really bad flatmate of the world... Oh, sorry, did I break all your shit? I didn't know it was yours. Yeah, I'll replace it some time. With my stuff."
posted by flabdablet at 7:07 PM on July 2, 2012


Cisco backs down over right to see your internet history
posted by Artw at 8:52 AM on July 3, 2012


« Older Born in the shadow of the Eiffel Tower, member of ...  |  In 2010, DC Comics offered Ala... Newer »


This thread has been archived and is closed to new comments