Latest news with #router
Forbes
30-05-2025
- Politics
- Forbes
Brute-Force Router Login Attacks Confirmed — What You Need To Know
AyySSHush campaign targeting thousands of routers confirmed. Thousands of routers worldwide have been targeted by a sophisticated campaign that leverages a two-year-old vulnerability, authentication flaws, and brute-force attacks. The researchers who uncovered the AyySSHush attacks have suggested it is likely the work of a nation-state threat actor. Here's what you need to know. The as-of-yet unidentified threat actors behind the AyySSHush campaign have targeted routers from major manufacturers, with at least 9,000 ASUS router models known to have already been compromised, using a stealthy and persistent backdoor that can survive firmware updates and reboots. State-sponsored hacker groups are known to have been behind everything from Windows password-stealing attacks, targeting presidential political campaigns, and even ransomware attacks against predominantly Western targets. Espionage, however, is one of the primary drivers of these hackers working in tandem with government resources. And what better way to get a data eavesdropping foothold than to compromise a router? Researchers at GreyNoise have reported that just such a sophisticated compromise campaign, that is said to be consistent with such advanced persistent threat actors, although it cannot attribute it to a specific group at this point in time, 'the level of tradecraft suggests a well-resourced and highly capable adversary,' the report stated. Although the GreyNoise research has confirmed that at least 9,000 ASUS routers have been compromised to date, and the number is increasing all the time, it has been reported that other routers from other major vendors such as Cisco, D-Link, and Linksys have also been targeted by AyySSHush. The researchers explained that attackers gain initial access through brute-force login attempts, along with authentication bypass techniques that exploit known vulnerabilities that owners have yet to patch. They then insert a public key that is under their control for remote access. While no malware is installed, the backdoor itself 'is stored in non-volatile memory and is therefore not removed during firmware upgrades or reboots,' GreyNoise warned. I have reached out to ASUS for a statement. "Even something as mundane as a router becomes a strategic asset once it gains long-term identity in a threat actor's infrastructure,' Wade Ellery, field chief technology officer at Radiant Logic, said. Which is why, at the organizational level at least, real-time identity-aware telemetry across all assets, including those routers, is essential. Debbie Gordon, CEO at Cloud Range, meanwhile, wanted that the campaign highlighted a dangerous shift in attacker strategy from quick hits to long-haul persistence. 'AyySSHush's ability to survive factory resets and firmware updates is a wake-up call,' Gordon said, 'edge devices like routers are no longer low-value targets.' With both SoHo and consumer routers targeted by this latest attack, routers can no longer be treated as set-and-forget devices.
CNET
22-05-2025
- CNET
My Tips on the 5 Settings You Should Change on Your Router Right Away
When you get a new router, it's tempting to just plug it in, get online as quickly as possible and move on. However, given your router is responsible for directing nearly 100% of all internet traffic in your home network, it's definitely worth taking a few minutes to update some security settings before you move on with your day. As CNET's router expert, I know a few easy tricks for creating a secure Wi-Fi network and when I bought my own router, these were the first settings I updated -- and you should, too. Whether you just invested in your own router or you're renting one from an ISP, here is what to update on your new Wi-Fi router to enjoy browsing and streaming safely. For context, I'm an Xfinity (Comcast) subscriber, but the tips here should translate no matter what internet provider you use. 1. Change the network name and password To change the username and password, you'll need to log into your provider's website or mobile app. Log in to your account and look for a section for Network or W-Fi settings. On Xfinity's website, I clicked WiFi Details to change the name of my Wi-Fi network and set a new password. Choose a password -- or better yet, a passphrase -- that you'll remember but isn't too easy to guess. Matt Elliott/CNET 2. Choose a security mode If you set a strong password for your router, then you've taken the first step of securing your network rather than leaving it open for anyone to access. With a password set on a modern router, you are most likely using WPA2 or WPA3 encryption. Locating local internet providers WPA, or Wi-Fi Protected Access, is a 256-bit encryption protocol that is more secure than the older, weaker WEP standard that uses 64- or 128-bit encryption. WPA2 improves upon WPA by using a stronger encryption algorithm. It uses the Advanced Encryption Standard (AES) algorithm that is more secure than WPA and its TKIP (Temporal Key Integrity Protocol) algorithm. WPA3 stepped up the security measures even further, strengthening password security, data encryption and smart home connections. Many routers offer a mixed mode of WPA2 and WPA3 so that older devices that pre-date WPA3 can connect to your network. WPA2 has been around for more than 10 years so it's unlikely that your router is still using WPA encryption. When choosing the security mode for your router, I would go with WPA3 and only switch to mixed mode if you have an ancient device that won't connect to your WPA2-protected network. 3. Check network mode and bands If you're using a newer Wi-Fi 7 router, it broadcasts in three frequencies: 2.4, 5, and 6 GHz. These are the frequencies with which your wireless network broadcasts radio waves to transmit information. All three frequency bands should be on by default, but check the advanced settings of your provider's website or app to check the status of both to make sure they are active. The 2.4GHz band is more crowded because it's the frequency many common electronics in your household use, from cordless phones and baby monitors to garage door openers and microwaves. You might run into network interference with 2.4GHz, but it allows older devices to connect to your network. The 5GHz band is less congested and faster but has shorter range than the 2.4GHz band. The 6GHz band is significantly faster than the other two, but it works best when your devic around 15 feet or closer to your router. With all three modes operating, your router will choose the best mode for each of your network devices. 4. Enable parental controls Look for a Parental Controls or Access Restrictions section to establish some boundaries for your kids' devices. With Xfinity, click the People tab to set up profiles for your kids. You can assign devices for each profile and then hit Pause for any or all devices of a profile to give them a break from Instagram, Snapchat, texting and everything else on the Internet. You can also enable parental controls for a profile to "reduce the risk of accessing objectionable websites and apps and enable protective search settings for Google, Bing and YouTube." You'll also find the option to set active hours for your kids' devices. Xfinity calls it Bedtime mode, which lets you set the hours the internet is and isn't available. There are different options for weeknights and weekends. Matt Elliott/CNET 5. Set up guest network Creating a guest Wi-Fi network saves you from potentially giving visitors access to shared computers and files on your network as well as the hassle of needing to tell them your complicated or embarrassing Wi-Fi password. In your account settings, look for Guest Network or Home Hotspot. Matt Elliott/CNET With Xfinity, I couldn't find this setting with the other Wi-Fi settings but instead had to move a level up to my general account settings. From the main account page, it was listed under Settings. With it enabled, Xfinity started broadcasting a separate network called "xfinitywifi" that guests can use without needing to track me down for a password.
CNET
18-05-2025
- CNET
2.4GHz vs. 5GHz Wi-Fi: Which Wi-Fi Band Is Right for Your Home?
For most home internet users, establishing fast internet speeds usually means upgrading to a faster plan or signing up for a new service. However, there may be a more straightforward way to achieve faster speeds, and even save more money in the long run. Understanding this one small technical detail about your router can change the quality of your internet connection. Determining what kind of Wi-Fi band you have can provide more insights into how to optimize your internet connection. Most routers are equipped with either 2.4GHz or 5GHz (in some cases both), but if you can choose only between the two, CNET recommends the 5GHz since it boasts faster speeds and less interference from other devices. Sandeep Harpalani, vice president of product management at Netgear, tells CNET that the average home in the US has over 20 connected devices running at any given time. "This includes static IoT devices, which may not be robust enough or even require more than 2.4GHz, and mobile devices such as phones, PCs and tablets used for streaming or gaming," Harpalani said. When choosing the right Wi-Fi band for their router, Harpalani recommends that home internet users assess their internet speed usage, the number of devices in the home and their online activities. Let's dive into the details. What is a Wi-Fi band? Your Wi-Fi connection uses the power of radio waves to transmit data wirelessly from your router to other connected devices. Most Wi-Fi routers are equipped with frequency bands of either 2.4 gigahertz or 5GHz and, in some cases, both. According to Britannica, hertz is a measurement of the frequency of waves. For example, one hertz can translate to one wave per second, whereas one gigahertz can equal one billion waves per second. Locating local internet providers Don't let these technical terms or numbers confuse you. The key thing to know is that every router has a Wi-Fi band that can send a specific amount of data to other devices. These Wi-Fi bands can impact various factors, such as speeds, range and the likelihood of nearby devices interfering with your connection. How to know which Wi-Fi band you have? The simplest way to tell which Wi-Fi band you have is to access your Wi-Fi network panel through your mobile device or computer. Navigate through the Wi-Fi networks available. If you see multiple similar network names with either 2, 2G, 2GHz or 5, 5G, or 5GHz associated, this can signify the specific Wi-Fi band used. Sometimes, the network name without any of these terms can signify the 2.4GHz network. As a Windows user, I determined that my Wi-Fi band is 5GHz by accessing my Wi-Fi network panel settings. Trisha Jandoc However, if checking the Wi-Fi network names on your mobile device is unclear, a more effective solution would be to check using your computer. MacOS users : Click on the Wi-Fi icon while holding down the option or alt key, then look for the channel category. Next to the channel category, you should see if your Wi-Fi band is 2.4 or 5GHz. : Click on the Wi-Fi icon while holding down the option or alt key, then look for the channel category. Next to the channel category, you should see if your Wi-Fi band is 2.4 or 5GHz. Windows users: Open the network panel from your taskbar, then click on Wi-Fi. Next, click on properties and scroll down to network band details. Then, look for mentions of 2.4 or 5GHz. 2.4GHz vs. 5GHz: What is the difference? Screenshot by CNET/CenturyLink Now that you know what type of Wi-Fi band you have, let's explore each band's capabilities. When comparing Wi-Fi technology equipped with 2.4GHz and 5GHz, consider range, speed and interference from nearby devices. Network range If your network displays a Wi-Fi band of 2.4GHz, your internet connection will cover a wider area, making it suitable for larger homes. Whereas with 5GHz, the range is likely to be limited and is less effective in penetrating through walls. CNET's broadband expert, Joe Supan, visited the CNET labs in Louisville, Kentucky, where we test routers to test the ranges of each band. After conducting a series of signal strength tests, it was determined that the 2.4GHz band offered better range than the 5GHz band. Read more about how we test Wi-Fi routers here. Still, a 5GHz band can provide adequate coverage for a smaller home, especially if the router is in a central location. According to CenturyLink, using devices near the router if you have a 5GHz Wi-Fi band is best. Alternatively, home internet users can invest in a Wi-Fi extender to reach more areas throughout the home. I put this to the test when troubleshooting my slow gigabit speeds at home. Internet speeds Despite a limited range, a 5GHz Wi-Fi band will boast faster speeds. This is an ideal option for activities that require speedier bandwidth. You can benefit the most from a 5GHz band if you stream in 4K, game online or conduct video conferencing. These fast speeds are due to the 5GHz technology's ability to transmit higher data rates. A 2.4GHz Wi-Fi band won't produce the same speeds, but it should be enough to support basic web browsing and checking emails. Read our comprehensive internet speed guide to learn how much speed your household needs. Device interference and Network Congestion One disadvantage of using a 2.4GHz Wi-Fi band is that it's more susceptible to interference from other devices on the network. Certain connected devices, including smart home devices, microwaves and Bluetooth speakers, can crowd your network. Too many devices can lead to network congestion when the traffic moving through your network is at its capacity, which can significantly reduce your speeds. 2.4GHz and 5GHz: pros and cons Wi-Fi Band Pros Cons Suited for 2.4GHz Wider range Slower speeds Larger homes Better penetration through walls More susceptible to interference from other devices 5GHz Faster speeds Shorter range Small homes/apartments Less susceptible to interference from other devices Less effective in penetrating walls Show more (0 item) Shop providers at my address Each band offers a unique set of benefits and limitations. Determining which Wi-Fi band works for you will depend on your household's online activities and speed needs, the size of your home, and how many devices are connected to your network. What is a dual-band router? You can invest in a dual-band router if you don't want to choose between either. This router is best suited for various Wi-Fi 6 compatible devices, like the latest iPhone models, Apple TV, Google Pixel 6 and 7 and so on. A dual-band router is equipped with technology that can broadcast two separate frequency bands; in other words, it can support both Wi-Fi bands: 2.4GHz and 5GHz. Using a dual-band router can effectively enhance your internet connection by featuring faster speeds, broader coverage throughout your home and reducing interference from other nearby devices. The bottom line "Devices in a home always have a mix of varying requirements when it comes to Wi-Fi. One size does not fit all," Harpalani said. "The good news is that if you pick a router or mesh system that supports your very latest, highest performing device, everything else in your home will be covered." Determining which Wi-Fi band is better will depend on the size of your home, your household's online activities and the number of connected devices to your network. But CNET recommends going with 5GHz as it features faster speeds which can support many activities such as streaming, gaming and videoconferencing. While a 2.4GHz Wi-Fi band can cover more area, being perfect for larger homes, the downside is that you'll likely experience slower speeds and be prone to interference from other electronic devices. A 5GHz Wi-Fi band provides less range, but you can always invest in a Wi-Fi extender to reach the dead spots in your home. On that note, you can also invest in a dual-band router to use both 2.4GHz and 5GHz technology, enhancing your overall internet connection. 2.4GHz vs. 5GHz Wi-Fi band FAQs What is a Wi-Fi band? A Wi-Fi band is the range of frequencies broadcasted from your router to nearby devices. Most routers are equipped with Wi-Fi bands of 2.4GHz and 5GHz. Is a 5GHz Wi-Fi band faster than 2.4GHz? A Wi-Fi band of 5GHz will be the best option for most households looking for a reliable and fast internet connection. While the 2.4GHz band can accommodate larger homes since it offers broader coverage, it's not as fast. More importantly, a 2.4GHz band is susceptible to interference from electronic devices nearby, resulting in network congestion. Home internet users will likely experience reduced speeds during times of network congestion How can I optimize my connection using a Wi-Fi band? To maximize your Wi-Fi band, consider the following factors: range, speed and interference from nearby devices. Each Wi-Fi band has a unique set of benefits and drawbacks. If you're looking for top speeds, a 5GHz band will be a solid choice. However, larger homes can benefit the most from a 2.4GHz band since it provides more coverage throughout the house. How do I know which Wi-Fi band I have? A simple way to know which Wi-Fi band you have is to access your Wi-Fi network panel settings through your mobile device or computer. Though checking through your computer might be a more effective solution. This will look slightly different depending on what type of device you use. Below are instructions for Windows and MacOS users: MacOS users: Click on the Wi-Fi icon while holding down the option or alt key, then look for the channel category. Next to the channel category, you should see if your Wi-Fi band is 2.4 or 5GHz. Windows users: Open the network panel from your taskbar, then click on Wi-Fi. Next, click on properties and scroll down to network band details. Then, look for mentions of 2.4 or 5GHz. Should I set my Wi-Fi to 2.4GHz or 5GHz? Choosing which Wi-Fi band is right for you will depend on the size of your home and your broadband needs. If your household frequently streams and plays games, then you should set your Wi-Fi to use the 5GHz band. On the other hand, setting your Wi-Fi to use a 2.4GHz band will come in handy if you own a larger home. Depending on the type of router you have, you may be able to broadcast both bands simultaneously, which is the case for dual-band routers.
CNET
18-05-2025
- CNET
Two Technicians Reveal the 5 Worst Places for Your Wi-Fi Router
It's tempting to tuck your Wi-Fi router behind the couch, under a shelf or even inside a cabinet to keep it out of sight. After all, routers aren't the prettiest gadgets. However, hiding your router in such spots can interfere with its performance, and may be a reason why your Wi-Fi signal is weak. Obstructing the signal with furniture, walls or enclosed spaces weakens your connection and slows down your internet -- especially in rooms farther from the router. If you want fast, reliable Wi-Fi throughout your home, placement matters more than you think. "The main factor you have to consider is that Wi-Fi travels very well over open air, and it travels very poorly through hard material," said Julian, a technician with ThoseTechGuys in Renton, Washington. "The best place to put a router is centrally located out in the open away from any cabinets, kitchen, plumbing, walls, things like that." In general, the fewer obstructions around your router, the stronger your signal will be. Here's what not to do when you're setting up your router. Read more: Should You Buy or Rent Your Router? Here's What I Learned $873 Later Locating local internet providers Mistake #1: Putting your router on the floor Putting your router on the floor won't completely kill your signal, but you won't be maximizing it, either. Think of your router like a light bulb. You want it to light up as large of an area as possible. Putting a lamp on the ground will still provide some lighting, but not as much as putting it on a table. Radio waves typically send their strongest signals downward, so placing your router in an elevated position will maximize your coverage. You can find wall mounts on Amazon, but I wouldn't recommend them -- attaching your router to a wall will block a good chunk of its signal. Instead, try placing it on a table or shelf, ideally with a foot or so of space from the wall. Now Playing: Should you replace your router? Maybe! 05:55 Mistake #2: Placing your router behind the couch If you look around the living room for the best place to put your router, the couch might jump out as a convenient hiding place. But this is a bad idea for the same reason you don't want to put it right against a wall or floor. "You want to avoid as many hard materials that the Wi-Fi signal has to travel through as possible," Julian said. A couch or armchair might not be as oversized of an impediment as a wall, but it will still weaken your Wi-Fi signal. Mistake #3: Stashing your router in the basement Some people dislike the look of their router so much that they stash it in the basement. But that violates one of the fundamental rules of home networking: Put your router where you use it the most -- and that's probably not in the basement. Basements also tend to have a lot of things that can interfere with a Wi-Fi signal. "There's also a lot more noise in the basement," said David Maxey, a senior technician at IT support company NerdsToGo in Bellevue, Washington. "If you have fluorescent lighting, wiring or copper piping in the ground floor, that's definitely going to have some effect." Mistake #4: Hiding your router away inside cabinets A cabinet might seem like a clever solution to an unsightly router, but it's one of the few mistakes you can make that could actually damage your router. In addition to blocking the signal, keeping a router in an enclosed space could cause it to overheat. In late 2024, one woman in Florida lost her home in a fire that she says was started by her Wi-Fi router. That's an extreme, worst-case scenario. What's more likely is that your router would degrade over time with inadequate airflow, with occasional periods of complete shutdown. Mistake #5: Setting your router up near another Wi-Fi router "Wi-Fi operates on its own spectrum of basically radio waves, so any device that broadcasts on the same spectrum is going to interfere with it. That includes other Wi-Fi devices," Julian told me. Receiving devices like your TV or smart speaker will not mess with your Wi-Fi, but it will be a problem if you have other equipment like routers or gateways. That doesn't include mesh systems, which use multiple routers in tandem to spread a Wi-Fi signal throughout the home. Why would someone have multiple routers if they're not part of a mesh system? It's more common than you might think, says Julian. "People just don't know. You start with one device, like a router, and then your internet's not working as well as you want. So then you go buy another device," Julian says. "It's just a lack of knowledge that the devices should be in the same family, in the same system." So, where should you put your router? The best place to put your router is somewhere you can see it, such as a centrally located room. Ideally, it should be raised at least a few feet off the ground, with some open space between it and any walls or thick pieces of furniture. That might be unwelcome news for those of us with eyesores for routers, but you can always hide your router inside a wicker basket or plastic crate. Just make sure the container isn't metal, which can interfere with a Wi-Fi signal.
CNET
17-05-2025
- CNET
Do Wi-Fi Routers Track Your Browsing? I Read 30,000 Words of Privacy Policies to Find Out
Your W-Fi router is responsible for conveying nearly 100% of your internet traffic. That's a lot of data -- enough to make privacy a concern when picking one out. So, how do you know if your router is collecting data about you? The first place to start looking for answers is your router manufacturer's privacy policy. Unfortunately, those privacy policies are often brutally long and full of dense and often contradictory language. Data-collection practices are complicated to begin with, and privacy policies tend to do a poor job of explaining them to the average internet user. Even if you read through the policy all the way through, you'll likely end up with more questions than answers. Fortunately, I have a strong stomach for fine print, and after spending the last few years testing and reviewing routers for CNET, most manufacturers tend to respond to my emails when I have questions. So, after reading through over 30,000 words of privacy policies from seven major router manufacturers and talking to some experts, here's everything I learned about how routers collect data about you. All of the problems with privacy policies I have more experience with routers than most, but the terms of use and policy documents I read for this article still weren't easy reading. Privacy policies typically aren't written with full transparency in mind. Locating local internet providers "All a privacy policy can really do is tell you with some confidence that something bad is not going to happen," said Bennett Cyphers, a staff technologist with the privacy-focused Electronic Frontier Foundation, "but it won't tell you if something bad is going to happen." "Often, what you'll see is language that says, 'we collect X, Y and Z data, and we might share it with our business partners, and we may share it for any of these seven different reasons', and all of them are very vague," Cyphers continued. "That doesn't necessarily mean that the company is doing the worst thing you could imagine, but it means that they have wiggle cover if they choose to do bad stuff with your data." He's not wrong: Most of the privacy policies I reviewed for this post included plenty of the "wiggle cover" Cyphers described, with vague language and few actual specifics. Even worse, many of these policies are written to cover the entire company in question, including its services, websites and how it handles data from sales transactions and even job applications. That means that much of what's written in a manufacturer's privacy policy might not even be relevant to routers. Then there's the issue of length. Simply put, none of these privacy policies are quick reads. Most of them are written in carefully worded legalese crafted more to protect the company than inform you, the consumer. A few manufacturers are starting to get a bit better about this, with overview sections designed to summarize the key points in plain English, but even then, specifics are typically sparse; you'll still need to dig deeper into the fine print to get the best understanding of what's going on with your data. In cases where a company uses a third-party partner to offer additional services like threat detection or a virtual private network, you may need to read multiple privacy policies in order to follow where your data ends up. All of that made for a daunting task as I set out to read through everything thoroughly, so I focused on finding the answers to a few key questions for each manufacturer. All of the policies I read confirmed that the company in question collected personal data for the purpose of marketing. Personal data, like your name and address, is typically collected when you're buying the router or if you're calling for troubleshooting, for example. But do manufacturers share or sell that personal data with third parties outside their control? And do router manufacturers track web activity, including websites visited while browsing? Let's take a closer look at what I found out. Router manufacturer privacy practices Tracks online activity Shares personal data with outside third parties Sells personal data Allows users to opt out of data collection Arris No No Yes* No Asus No No No Yes D-Link Unclear No No No Eero No No No No Google Nest No No No Yes Netgear No No No No TP-Link No No No No *CommScope, which manufactures Arris Surfboard networking products, says it doesn't sell data collected from products, but rather, that some of its business operations including order fulfillment and data analytics may constitute a sale under California law. You can find more details on that in the "Is my data being sold?" section. Is my router really tracking the websites I visit? Before we begin, I'll note that this article covers the privacy policy of router manufacturers, not the privacy policies of internet service providers. If you're renting a router from your ISP, the information covered here likely won't apply to you as your ISP may monitor your router as it sees fit. Almost all of the web traffic in your home passes through your router, so it's difficult to imagine that it isn't tracking the websites you're visiting as you browse. Every major manufacturer I looked into discloses that it collects some form of user data for marketing or technical purposes -- but almost none of the policies I read explicitly answered the question of whether or not routers log or record web history. The sole exception? Google. Google's privacy notice for Nest Wifi and Google Wifi devices was the only policy I found from any manufacturer that explicitly states that the products do not track the websites you visit. Chris Monroe/CNET "Importantly, the Google Wifi app, Wifi features of the Google Home app, and your Google Wifi and Nest Wifi devices do not track the websites you visit or collect the content of any traffic on your network," Google's support page for Nest Wifi privacy reads. "However, your Google Wifi and Nest Wifi devices do collect data such as Wi-Fi channel, signal strength, and device types that are relevant to optimize your Wi-Fi performance." I asked each of the six other companies I looked into for this post whether or not they tracked the websites their users visit. Though none of them indicate as much in their privacy policies, representatives for five of them -- Eero, Asus, Netgear, TP-Link and CommScope (which makes and sells Arris Surfboard networking products) -- directly told me that their products do not track the sites that users visit on the web. Eero "Eero does not track and does not have the capability to track customer internet browsing activity," an Eero spokesperson said. Asus "Asus routers do not track what the user is browsing nor do our routers include targeting or advertising cookies," an Asus spokesperson said. Netgear "Netgear routers do not track any user web activity or browsing history except in cases where a user opts in to a service and only to provide information to the user," a Netgear spokesperson said, offering the examples of parental controls that allow you to see the sites your child has visited, or cybersecurity features that let you know what sites have been automatically blocked. TP-Link TP-Link also told CNET that it doesn't collect user browsing history for marketing purposes, but the company muddies the waters with confusing and contradictory language in its privacy policies. Section 1.2 of the company's main privacy policy says that browsing history is only collected when you use parental control features to monitor your child's web usage -- but a separate page for residents of California, where disclosure laws are more strict, says that browser history is collected using cookies, tags, pixels and other similar technologies, anonymized and then shared internally within the TP-Link group for direct marketing purposes. When I asked about that discrepancy, a TP-Link spokesperson explained that the cookies, tags and pixels mentioned in that California disclosure are referring to trackers used on TP-Link's website, and not referring to anything its routers are doing. "I will say our policy can be clearer," the spokesperson said. "That's something we're kind of working on right now, internally." CommScope CommScope, too, says that its products don't collect a its users' browsing history -- though the company makes a distinction between retail products sold directly to consumers and the routers it provides via service partnerships with third-party partners, most notably internet service providers. "Regarding our retail Surfboard products, CommScope has no access or visibility to an individual users' web browsing history or the content of the network traffic flowing through these retail products," a company spokesperson said. D-Link Meanwhile, D-Link did not respond to multiple requests for clarification about its data collection practices, and it's unclear whether or not the company's products track any person's browsing data. I'll update this post if and when I hear back. Ry Crist/CNET Where exactly is my router data going? Even if your router isn't tracking the specific websites you visit, it's still collecting data as you use it. Much of this is technical data about your network and the devices that use it that the manufacturer needs to keep things running smoothly and to detect potential threats or other issues. In most cases, your router will also collect personal data, location data and other identifiers -- and like I said, every company I looked into explicitly acknowledged that it uses data like that for marketing purposes in one way or another. If a company is "using your data for marketing," that often means that your data is being shared with third parties. In that case, there is a risk that the company may share your data with a third party outside of its control, which would then be free to use and share your data however it likes. "When data is used to target ads, it's usually not just used by the company that's collecting the data," said Cyphers. "The company is going to share it with a number of advertising companies who might share it downstream with a number of other, vaguely ad-related companies. All of them are going to use that data to augment profiles they already have about you." With respect to routers, all of the companies I looked at acknowledged that they share user data with third parties for marketing purposes. However, the majority of these companies claim that these are in-house third parties bound by the company's own policies, and all of the companies I reached out to said that they don't share data with third parties for their own independent purposes. CommScope notes that the way it handles and shares data used for performance analytics with its Arris Surfboard routers constitutes a sale of personal data under California law. Ry Crist/CNET Is my data being sold? I also asked the companies I looked into for this post whether or not they sell data that could be used to personally identify a user, as defined by the California Consumer Privacy Act of 2018. That law defines a "sale" broadly to include, "selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer's personal information by the business to another business or a third party for monetary or other valuable consideration." Most of the companies indicate in their privacy policies that they do not sell personal data, but the CommScope privacy policy acknowledges that it shares information, including identifiers as well as internet and other network activity information, for purposes including marketing in a way that qualifies as a sale as defined by California. "Data used for some of our business operations like order fulfillment and performance analytics as well as the use of 'cookies' on our and websites may constitute the 'sale' of 'personal information' under a conservative reading of the California law," a CommScope representative says. There's some nuance to that "yes" on the question of whether or not the company sells data, especially since things like order fulfillments and cookies on CommScope's website don't directly relate to the use of CommScope home networking hardware. Still, it's noteworthy that the company acknowledges that some of its practices may constitute a sale under California law when the majority of the manufacturers I looked at did not. "We can say that we do not sell data collected from the modems nor is that data used for marketing purposes by CommScope," the company added. "But where modems are ordered from us directly or where we provide customer support, that information is 'sold' (our read of the California law) only as part of filling that order and providing those services. "Where we supply modems/gateways to service providers, they control their own privacy policy controls," the company added. People in California have the right to tell CommScope not to sell their data on this website, but CommScope says that it "reserves the right to take a different approach" when responding to requests from users who live elsewhere. Meanwhile, TP-Link tells CNET that it does not sell its users' personal data and that none of the data collected by its routers are used for marketing at all. Still, the company's privacy policy appears to create wiggle room on the topic: "We will not sell your personal information unless you give us permission. However, California law defines 'sale' broadly in such a way that the term sale may include using targeted advertising on the Products or Services, or how third party services are used on our Products and Services." Enlarge Image Motorola router users can find a clear option for opting out of data collection in the settings section of the Motosync app used to manage their device. Screenshot by Ry Crist/CNET Can I opt out of data collection altogether? With some manufacturers, the answer is yes. With others, you can request to view or delete the data that's been collected about you. Regardless of the specifics, some manufacturers do a better job than others of presenting clear, helpful options for managing your privacy. The best approach is to give people an easy-to-locate option for submitting an opt-out request. Minim, the company that manages Motorola's home networking software, is a good example. Head to the settings section of the company's Motosync app for routers like the Motorola MH7603, and you'll find a clear option for opting out of data collection altogether. Asus offers a similar option, telling CNET, "users can opt out or withdraw consent for data collection in our router setting interface at any time by clicking the "withdraw" button." Unfortunately, that approach is more exception than norm. The majority of manufacturers I looked into make no mention of opting out of data collection within their respective apps or web platforms, choosing instead to process opt-out and deletion requests via email or web form. Usually, you'll find those links and addresses in the company's privacy policy -- typically buried towards the end, where few are likely to find them. That's the case with Netgear. Pursuant to Apple's policies, the company discloses its data collection during setup on iOS devices, complete with options for opting out, but there's no way to opt out in the app after that. Android users, meanwhile, get no option to opt out at all. "From the Android app (or iOS), a user can go to About > Privacy Policy and click on the web form link in Section 13 to delete their personal data," a Netgear spokesperson said. "We will look into making this option less hidden in the future." Other manufacturers, including D-Link and TP-Link, don't offer a direct means of opting out of data collection, but instead, instruct privacy-conscious folks on how to opt out of targeted advertising via Google, Facebook or Amazon, or to install blanket Do Not Track cookies offered by self-regulatory marketing industry groups like the Digital Advertising Alliance and the Network Advertising Alliance. That's better than nothing, but a direct means of opting out would make for a better approach -- especially since some companies might not make use of Do Not Track signals like those. "At this time, TP-Link does not honor Do Not Track signals," the company's privacy policy states. Enlarge Image Sections 8b and 8c of Eero's privacy policy make it clear that the only way to opt out of data collection is not to use Eero devices at all. Requesting that Eero delete the personal data it's gathered about you will render the devices inoperable, and Eero may still keep a backup of your data afterwards. Screenshot by Ry Crist/CNET This brings us to Eero. The company does not offer an option for opting out of data collection, and instead says the only way to stop its devices from gathering data is to not use them. "You can stop all collection of information by the Application(s) by uninstalling the Application(s) and by unplugging all of the Eero Devices," the Eero privacy policy notes. You can ask Eero to delete your personal data from its records by emailing privacy@ but the company claims that there's no way for it to delete its collected data without severing your connection to Eero's servers and rendering devices inoperable. The privacy policy also notes that the company "may be permitted or required to keep such information and not delete it," so there's no guarantee that your deletion request will actually be honored. Even if Eero does agree to delete your data, that doesn't mean that the company won't keep a backup. "When we delete any information, it will be deleted from the active database, but may remain in our backups," Eero's policy reads. How to opt out of router data collection, no matter which router you use Data collection is all too common in today's consumer tech, including concerns with smartphone apps, social media, phone carriers, web browsers and plenty more. I'd rank my concerns with routers beneath those -- but your home networking privacy is still worth paying attention to. From my perspective, opting out of data collection whenever possible is typically a good idea, even if the collection itself seems harmless. There's simply no good way to know for certain where your data will end up or what it will be used for, and privacy policies will only tell you so much about what data is actually being collected. To that end, here are some options for opting out with each of the manufacturers covered in this post below. And, as I continue to test and review networking hardware, I'll keep this post up to date. Asus You can withdraw consent for data collection by heading to the settings section of the Asus web interface, clicking the Privacy tab, and then clicking "Withdraw." You can reach that web interface by entering your router's IP address into your browser's URL bar while connected to its network, or by tapping the options icon in the top left corner of the Asus Router app and then selecting "Visit Web GUI." CommScope (Arris) If you live in California, you can tell CommScope not to sell your data by filling out a form on this website, but the company won't guarantee that it will honor requests if you live elsewhere. There isn't a direct option for opting out of data collection in any of the apps used to set up and manage CommScope products, but the company notes that you can unsubscribe from promotional emails at any time. D-Link D-Link does not offer a direct option for opting out of data collection, but instead, directs you to opt out of interest-based advertising from participating companies by using Do Not Track cookies provided by the Network Advertising Initiative, a self-regulatory marketing industry group. Eero Eero has no opt out setting for data collection, as Eero claims that its devices are unable to function without sending device data to Eero's servers. Google Nest You can manage your Google Wifi or Nest Wifi privacy settings and opt out of certain data collection practices by opening the Google Home app and tapping Wi-Fi > Settings > Privacy Settings. Netgear Netgear doesn't offer an option for completely opting out of data collection, but you can fill out a form on this website to download and view any data that Netgear has collected or request that Netgear delete that data. TP-Link TP-Link doesn't offer a direct option for opting out of data collection, but it does share instructions for opting out of interest-based advertising via Facebook, Google and Amazon on its website. The site also offers information about Do Not Track cookies available from the Digital Advertising Alliance and the Network Advertising Initiative, which are self-regulatory marketing industry groups. For more Wi-Fi tips, check out where you should set up your mesh router and why your ISP might be throttling your connection.
