Cisco locks customers out of their own routers, only lets them back in if they agree to being spied upon and monetized

Owners of Cisco/Linksys home routers got a nasty shock this week, when their devices automatically downloaded a new operating system, which locked out device owners. After the update, the only way to reconfigure your router was to create an account on Cisco's "cloud" service, signing up to a service agreement that gives Cisco the right to spy on your Internet use and sell its findings, and also gives them the right to disconnect you (and lock you out of your router) whenever they feel like it.

They say that "if you're not paying for the product, you are the product." But increasingly, even if you do pay for the product, you're still the product, and you aren't allowed to own anything. Ownership is a right reserved to synthetic corporate persons, and off-limits to us poor meat-humans.

Joel Hruska from ExtremeTech reports:

This is nothing but a shameless attempt to cash in on the popularity of cloud computing, and it comes at a price. The Terms and Conditions of using the Cisco Connect Cloud state that Cisco may unilaterally shut down your account if finds that you have used the service for “obscene, pornographic, or offensive purposes, to infringe another’s rights, including but not limited to any intellectual property rights, or… to violate, or encourage any conduct that would violate any applicable law or regulation or give rise to civil or criminal liability.”
It then continues “we reserve the right to take such action as we (i) deem necessary or (ii) are otherwise required to take by a third party or court of competent jurisdiction, in each case in relation to your access or use or misuse of such content or data. Such action may include, without limitation, discontinuing your use of the Service immediately without prior notice to you, and without refund or compensation to you.”
Since the Service is the only way to access your router, killing one would effectively kill the other.

Oh, and Cisco reserves the right to continue to update your router, even if you set it not to allow automatic updates.

Cisco’s cloud vision: Mandatory, monetized, and killed at their discretion

Update: A Cisco rep comments below, pointing out that Cisco has since changed its privacy policy.

However, the current policy reserves the right to change it back.

The current policy also allows Cisco to discontinue your access to your router if you download pornography, or if someone complains about you, without a court order, evidence or a chance to state your case and face your accuser.

They have also provided users with a way to back out of the "cloud management" "feature."

But, as noted, Cisco still reserves the right to change how your router works, even if you set it not to accept automatic updates.

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

MORE: cloud computing • corporatism • eula • fraud • Gadgets • privacy • ripoff • web theory

More at Boing Boing

Ants and Stars: Bruce Sterling and Jasmina Tesanovic visit the Sardinia Radio Telescope in Italy

The Snowden Principle

http://potentialeyetrauma.blogspot.in/ Dr. Roboto

This is a creepy move. Guess I won’t be buying anything Cisco.
- Eric De La Cruz Lugo
  
  You are right lets change to Juniper!!! every body!, another solution should be a PFsense solution (both are FreeBSD based!).
  - John Verne
    
    If you are using “pf” you may as well use it at the source: OpenBSD.
    - http://twitter.com/gonzopancho Jim Thompson
      
      OpenBSD is a distribution of a general-purpose OS, not tuned to the requirements of a router. pfSense >is<.
      
      Also, OpenBSD didn't INVENT pf, Daniel Hartmeier did.
      
      And yes, I was there. Were you?
      - http://twitter.com/phessler phessler
        
        Really? I was also there when PF was invented. Daniel Hartmeier wrote it after IPF was removed from OpenBSD, and the first place he showed it was to the OpenBSD team as a patch submission. After it was committed, the main place he worked on it was in the OpenBSD tree.
        
        As far as your claim “I was there”, no you weren’t. I am phessler@openbsd, and you were not involved in this.
      - stjerne kilde
        
        Jim and phessler made me wonder.. just for a moment.. whether or not those nice chaps who went to the moon will one day — perhaps after Alzheimers lays eggs in their grey matter — argue about, ‘Who was there when the flag went in?’ . : )
        Thanks for the chuckle good fellows!
        Toodle pip!
- Robbi Brown
  
  Next comes big brother spying even more and asking Cisco for all there infomation on hard working,tax paying,law abidding American citizens. Damn when is enough , ENOUGH. Not to mention they will also turn on your web cam and look into your private home. I’ve had about enough of being controlled and told what I can do in my own home. I’m for one not ever going to buy anything Cisco.
http://www.facebook.com/profile.php?id=100002042736154 Ah El

I have a Linksys Router, but it’s running DD-WRT. Eat my shorts, corporate suckers.
- Greg Miller
  
  Same. First thing I did with the new router, and haven’t regretted it, especially now.
  - dcorbett
    
    I have a WRT54GL that has not been installed. Found a reasonably good link at: http://www.howtogeek.com/56612/turn-your-home-router-into-a-super-powered-router-with-dd-wrt/
    - http://fak3r.com fak3r
      
      I threw DD-WRT on my netgear the day I got it: http://fak3r.com/2011/10/25/howto-run-dd-wrt-on-a-netgear-wndr3700/ and ran Tomato on my Linksys WRT54GL before that. I’m thinking of running DD-WRT on a regular system with 2 nics, or a OpenBSD / pf box to be my next router / AP for my networks. This vendor tie-in is whack.
      - http://twitter.com/mistophiles Andrew Mackay
        
        I agree with fak3r. DD-WRT is an awesome firmware and also out performs the cisco one.
  - http://www.facebook.com/people/Gavin-Fielke/719127993 Gavin Fielke
    
    Me too.
    Did Cisco decide they wanted to give DD-WRT a boost. LOL
    I thaught I felt a disturbance in the force.
    This week will be seen as the highest traffic week at the DD-WRT server as everyone runs there screaming that Cisco are bad.
- http://twitter.com/markmcan Mark McAndrew
  
  Thanks for the heads-up!
  
  Worth an article in its own right, I reckon.
- wysinwyg
  
  Didn’t know about DD-WRT. Thanks for the tip.
- kraken17
  
  I have a WRT54GL, running Tomato firmware, found here http://www.polarcloud.com/tomato I find the interface simpler than DD-WRT, while still allowing a fair amount of customization.
  Just another option, ymmv.
  - http://twitter.com/jimeeztwit James
    
    Chalk up another vote here for Tomato.
- Doug Black
  
  dd-wrt is a thing of beauty. I won’t let a WRT54G or similar router pass through my hands without replacing the factory firmware with it.
- Don
  
  Same here. And I look forward to running Tor on it someday, as a result of the FreedomBox project. http://freedomboxfoundation.org/
- http://twitter.com/DonSeenu7 jsaravana
  
  DD-WRT is the way to go..
- http://www.facebook.com/profile.php?id=1640144061 Peter Dell’Ario
  
  haha, I said the same thing. DD-WRT for the win… I still can’t believe they did that sh*t though.
- Rod Sullivan
  
  How long before Cisco decides that allowing Linksys customers to run non-Cisco firmware is verboten?
  
  And I wonder if this decision by Cisco will extend beyond the consumer-oriented Linksys line to the low-end or even mid-range Cisco switches and routers?
  - http://www.facebook.com/profile.php?id=527703443 Christopher Baar
    
    I’m surprised they haven’t forbidden it already.
  - kc koellein
    
    They’ll NEVER be able to extend this to any of their business-class gear in any competent corporate setup. So many of the various industries that make use of IT have some government regulation pushing “compliance”… and just about all of these regulations require very granular access to their systems. This is something they do to the plain ole dumb people because they can. Corps simply would never do it. It would not compute. End of discussion. Ahh but us people… us BATTERIES for the Matrix… well. We are open for exploitation…!
    
    kc
    KF5QVL
  - http://robvincent.net/ Rob T Firefly
    
    They’d have to stop using GPLed code in their stock firmware to do that, it was being forced to open up after their use of free software was discovered which pretty much kicked off the whole custom-firmware thing.
- Paul Vixie
  
  i suggest checking out cerowrt, which is a fork of dd-wrt put on by the bufferbloat team.
  - Jim Gettys
    
    CeroWrt is not a fork of dd-wrt. The right way to think of CeroWrt is as a advanced feature, bleeding edge build of OpenWrt for researchers and open source developers to push the state of the art in home routers forward.
- Daniel Serodio
  
  Same here, but my next router won’t be Cisco/Linksys even thou I could install DD-WRT on it. “Vote with your wallet” is the only way to be heard by companies.
  - kc koellein
    
    Here here!!!
    
    Vote with your wallet is the ONLY way to vote!
    
    kc
    KF5QVL
  - a2326805
    
    CISCO = NO from now on for me and anyone who asks me for a recommendation. Lets all keep spreading the word about these a-holes so they can feel the pain!
    I will never buy a CISCO product ever again. All there corporate stuff is overpriced anyway!
    
    Enough said.
  - http://www.facebook.com/people/Gavin-Fielke/719127993 Gavin Fielke
    
    I feel that your idea is great and they will also see a lot of updated routers dropping off of their snooping system as people install different firmware on the devices they already own.
    I feel that the number of users dropping off of their radar will give them a warning that people will go elsewhere if they keep this up.
- http://technoergonomics.com/ Andrew Burcin
  
  Try www.polarcloud.com/tomato , better history of security updates and more open development than dd-wrt.
http://potentialeyetrauma.blogspot.in/ Dr. Roboto

I seriously think that within a few years here we run the risk that most people will not have local storage and that ownership of information is going mean something else.

Information “ownership” will be the temporal right to view and edit information, but the content “owner” will reserve the right to allow others to view the info, and keep sole power to delete it. Oh, and by content owner I do not mean creator, I mean the people with actual permanent local storage of a copy.

Or maybe that’s being too paranoid, but it sure seems like we have less and less control over what we view, edit, delete.
- mccrum
  
  You know, a few years back I looked into uploading a lot of stuff to the cloud and considered all the benefits that it would have.
  
  Then I realized that I wasn’t going to be doing all that work in multiple locations and wasn’t sure that even if I did I’d have internet access everywhere. So I went out and bought twice as much storage as I thought I’d want and never looked back.
  
  Now that things like this Cisco router are out there and large companies like Facebook being very interested in everything I do and post (and I think you’re extrapolating the way things are going correctly), I’m feeling like I made the right decision to keep stuff a little more closely held.
  
  It’s not paranoia if they really are out to get control over you.
- http://twitter.com/markmcan Mark McAndrew
  
  We will have terabytes of flash storage for the price of a keyring, don’t worry about that. Local storage will always be enough, size-wise.
  
  The real problem is your copies in the cloud.
  - fuzzyfuzzyfungus
    
    Your local device will always be happy to read from that local medium of yours, right?
    - Martijn Vos
      
      More so than from the cloud.
      - larrysdonald
        
        That’s already not always true. Both my phone and ereader will, of course, read local storage but they’re much less happy to do so than cloud storage. Sure, they do make a local copy, but that’s a little obscured too since most apps aren’t dying to just let you pick through the local directory structure. It’s significantly easier to upload something to dropbox (or wherever) and tap “Hey, get the new stuff off my cloud” even if it’s already hooked up to the USB for charging.
- http://paulbeard.org/wordpress paul beard
  
  We license things or buy access to them, as part of the atoms –> bits migration. And each access can be monetized/charged for. This was foretold a dozen years ago in The Age of Access: The New Culture of Hypercapitalism, Where All of Life Is a Paid-For Experience by Jeremy Rifkin.
http://tortoise-brand-pot-scrubbing-cleaner.myopenid.com/ Mister

I’m glad my router is not Cisco, because if it were I would have to drop what I’m doing right now to go videotape it burning in the middle of the street while cars run over it. Then I would have to go buy a non-Cisco router so I could post the video to YouTube.
http://rightcrafttool.blogspot.com/ Sign Ahead

Wow…that is extra creepy.

I have a Linksys router and after reading this, I would very much like to replace it. Which manufacturers have a better, more reliably privacy policy?

And since these policies are all (as far as I know) subject to change without notice, how can we take steps to protect ourselves without relying on the goodwill of a corporation?
- http://profile.yahoo.com/AS5DR2ABSGJK4DVPY5C5AX44AQ A Yahoo Super User
  
  You see DD-WRT above. Google it. Follow DIRECTIONS SLOWLY to load an Independent Operating system to your Linksys router and be free. Careful not to Brick it! But if you were planning to buy a new router anyway, try this first.
  - http://twitter.com/intensitystudio Antonio Carrasco
    
    It bothers me that after you buy something, you have to spend time and energy hacking, reconfiguring and meddling with it, just to get it to not spy on you.
    
    WILL NOT BUY CISCO. noted.
    
    Why isn’t this story getting more attention?
    - kraken17
      
      I agree completely, but I see this more as a way for people who already own the hardware to continue using it without being spied on. There are a few alternative firmwares available, most (if not all) of which are superior to the default Cisco/Linksys software.
      That said, I certainly will not be giving Cisco any more of my money.
- JamesMcDaniel
  
  I’ve had good experiences, high reliability and long lifespans from Netgear and Apple wireless routers, since switching from Linksys around 2006.
  - http://twitter.com/sqlrob Rob
    
    We have nothing but problems with the Apple we use in the office. Combine with a custom program for config instead of a browser and it’s a nightmare.
    - Gekko_Gecko
      
      Its an Apple product. The only reason you are having problems with it is because you are either doing it wrong, or you are holding it wrong.
      
      It is NEVER the fault of the Apple product.
      - David Carroll
        
        Don’t try using an apple products vpn to a remote windows server through an apple router. It will work for 3 minutes then disconnect (if that)
    - fuzzyfuzzyfungus
      
      Honestly, regardless of whether you’ve had good or bad results with their routers, Apple isn’t exactly the company to run to if you find Cisco’s hard-sell-and-mandatory-cloud distasteful…
    - http://www.jeremiahblatz.com/ Jeremiah Blatz
      
      FWIW, if you office has more than 10 or so people in it, you’re likely to have problems with any consumer networking equipment (except switches, which pretty much Just Work).
    - dabble53
      
      I had problems with netgear – the router kept resetting after running for some period of time. It seemed related to the amount of connections I was going through, as if it never recycled sockets/ports, eventually ran out and so rebooted.
      Been running a Linksys with DD-WRT installed for several years without a single hiccup.
- Robert
  
  I switched from Linksys to Netgear after Linksys was bought out by Cisco and I started seeing broken English in the Linksys menus. I knew what was going on, I’m no dumb-dumb. I’m pretty glad I did — the Netgear menus also look much nicer. Of course, now we’ll have to see if Netgear follows Cisco.
- Dan Johnson
  
  I’ve been using a D-Link router for several years without issue. They’re basic, but inexpensive and durable.
  
  I also have a Linksys router running DD-WRT (serving as a bridge), but I agree with kraken17 that NOT BUYING Cisco products is the best way to send a message from here on out.
  
  So!
  1) If you have a perfectly functional Linksys/Cisco router, flash it with DD-WRT.
  2) If you have a Linksys/Cisco router in need of replacing anyway, D-Link would be my anecdotal recommendation.
http://twitter.com/Epers Eddie Perkins

Thank goodness my router is apparently too ancient for Cisco to care about.
- xzzy
  
  That will be taken care of in their next rollout. All Cisco harware for the past 20 years has had a small capsule of sulfuric acid installed next to the main processor. Next to the acid capsule is a device one would normally identify as a fuse, but it’s actually a completely self sustaining biodome that houses a pixie.
  
  When Cisco decides they need to force you to upgrade, they will activate a backdoor on their enterprise routers that sends a single ICMP “time exceeded” packet to all addresses on the internet. The pixies will see this message on their tiny pixie sized computer, and use a hammer to crack open the acid vial.. destroying your router.
mccrum

Well, that was a quick turnaround:
http://blogs.cisco.com/home/answering-our-customers-questions-about-cisco-connect-cloud/

https://www.networkworld.com/news/2012/070212-cisco-changes-privacy-policy-for-260636.html?hpg1=bn

http://www.theregister.co.uk/2012/07/02/cisco_router_firmware_update_too_cloudy_for_some/
- Robert
  
  That statement from Cisco wasn’t a turnaround. That’s Cisco saying “Sorry you feel that way. If you want the old software back, call us, and we’ll tell you how. But going forward, we’ll still violate your privacy and control your stuff.”
  - sincarne
    
    Exactly. And they reserve the right to upgrade you at any time. Wingo’s post was a “Lots of people totally love what we did. But some whiney nerds didn’t. Here’s why they’re wrong, but we’ll pretend to help them out.”
    
    Notice how comments are closed on that post, but open on most others?
  - fuzzyfuzzyfungus
    
    Isn’t ‘I apologize to anyone who was offended by their misunderstanding of my innocent and blameless conduct” the gold standard in sincere contrition?
  - Paul Renault
    
    No need to call them. Instructions here:
    http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&docid=227c9e6286124532ac52a643ca4122a5_Rolling_back_the_Cisco_Connect_Cloud_firmware_of_Linksys_Sma.xml&pid=94&respid=0&snid=2&dispid=0&cpage=search
- traalfaz
  
  It doesn’t matter. If they’re bent enough to do this once, they’re bent enough to do it again. As for me, confidence will never be restored, and I will never install another router without open source firmware, and I won’t buy Cisco/Linksys again unless every other manufacturer that makes decent hardware has gone down the same road and they’re all equally bad.
http://profile.yahoo.com/3XLUOLFYZCOGKXHLV4PJBPF47E Larry

Well, fortunately home routers aren’t that expensive. Maybe Cisco is tired of being in that market.
- fuzzyfuzzyfungus
  
  They already managed to put both the “Flip” and the “Flop” in “flip-flop” after acquiring that previously prosperous company…
  
  Nuking Linksys for no obvious reason would be approximately as sensible.
traalfaz

Damn, I’ve been buying and recommending Linksys routers for years. That ended today. Even though I always recommend installing DD-WRT or Tomato, that doesn’t matter. Companies that pull crap like this do not get a penny from me, ever again, even if they back out of this decision tomorrow, it’s over. I haven’t bought so much as a cable from Belkin since their asinine router firmware decision a decade ago.
http://twitter.com/DavidMcCulloch David McCulloch

Hi Cory,

We recognize that the introduction of Cisco Connect Cloud did not meet our customers’ appropriately high expectations of the Cisco/Linksys customer experience, and we’re sorry for the inconvenience this has caused.

Respectfully, I do need to correct a couple of points you’ve made.

In response to our customers’ concerns, Cisco has provided all customers with the option to revert back to the previous instance of their set-up and management software. No-one is being forced to operate a Cisco Connect Cloud account if they wish not to do so. Again, we apologize for the inconvenience of this process, but no customer need be locked out of their router.

It is very misleading to say that we are requiring customers to give “Cisco the right to spy on your Internet use and sell its findings,”. This is not true, and it’s an issue we’ve addressed in the blog post (below) by our Home Networking GM. The blog also explains how customers can get help reverting back to the previous instance of their router management software.

http://blogs.cisco.com/home/answering-our-customers-questions-about-cisco-connect-cloud/

Sincerely,

David McCulloch
Director, Corporate Communications
Cisco
- Guido
  
  You are pulling unwanted updates on your customers without asking permission, and then putting the burden on them to revert that, taking their time and attention to correct your extremely bad judgement.
  
  No matter of damage control and PRspeak is going to change the fact that you had mistakenly or not, the great idea of opting-in your customers into your latest commercial project, no questions asked. Despite the fact they bought your hardware, they are not renting it.
  
  I hope to never buy a Linksys router again. Mistake or not you have shown no respect for your customers. Never again. And I hope your company never recovers from this.
- Josairus Beuford Monkeythumper
  
  Weaselly worded blog post is weaselly.
  - fuzzyfuzzyfungus
    
    I adore the part where he talks about “our customers’ appropriately high expectations of the Cisco/Linksys customer experience”. Beautiful.
    
    The only reason those whiny customers are upset now is that our previous excellence has created such high expectations for future product rollouts…
    
    Should I someday find myself passing through the special hell reserved for PR flacks, I will sincerely shake Mr. McCulloch’s hand.
  - Cowicide
    
    Thanks, Monkeythumper. I was about to say basically the same thing about his post and saw that you beat me to it.
    
    We recognize that the introduction of Cisco Connect Cloud did not meet our customers’ appropriately high expectations of the Cisco/Linksys customer experience
    
    Wow… just wow…
    
    http://en.wikipedia.org/wiki/Newspeak
- http://twitter.com/peterleonard peterleonard
  
  That blog post is chock-full of corporate doublespeak. Taking responsibility for actions? Not a chance. Acknowledging the sheer creepiness of your decisions? Nope.
  
  I also find it extremely interesting that there’s a reply here, yet Cisco has yet to reply to the ExtremeTech article that blew this thing open, and took apart every aspect of your decision. Too afraid?
- Andrew Singleton
  
  Thank you Sir for directly addressing the audience. While I have my doubts that this is more than a secretary it is still an appreciated gesture since too often when people see things going on they dislike in the corporate world there is at best a hands off ignore the problem strategy in place.
  
  Of course given my temperament I have severe trust issues with any large entity (corporate, political, or otherwise) so my disbelieving this to be more than just backpeddling and public relations salvage work shouldn’t be taken personally.
  
  The cloud management concept honestly does seem like a neat idea. It really does. However swapping most of your user options from being local to needing to use the cloud manager for does seem a bit sketchy at best. Then again to me it looks like this move is aimed less at the individual/home network and more at the enterprise/business.
  
  Not technical enough to chime in with specifics since i haven’t bought a router in years (The good old 54G) and haven’t had a need to upgrade. So I will leave specific complaints to others.
  
  I just wanted to let you know that even if we disagree with the latest bit of business Cisco/Linksys is up to we don’t want you feeling like a conversation can’t be had. I mean if we can’t sit down and talk there won’t be anything done to fix our problems yes?
- sincarne
  
  “Again, we apologize for the inconvenience of this process, but no customer need be locked out of their router.”
  
  However, customers did find themselves unable to use their router without an account. Therefore they were locked out of their routers, and Cory’s characterization was not misleading.
  
  “It is very misleading to say that we are requiring customers to give “Cisco the right to spy on your Internet use and sell its findings,”. This is not true, and it’s an issue we’ve addressed in the blog post (below) by our Home Networking GM.”
  
  Perhaps not “sell findings”, but ExtremeTech quoted the part of your terms that explicitly stated you could be tracking the user’s internet history: When you use the Service, we may keep track of certain information related to your use of the Service, including but not limited to the status and health of your network and networked products; which apps relating to the Service you are using; which features you are using within the Service infrastructure; network traffic (e.g., megabytes per hour); internet history; how frequently you encounter errors on the Service system and other related information (“Other Information”).
  
  You are now stating that you would never do that, but your own terms have it right there. Was this an error your part? Or have you now changed your position?
  - http://twitter.com/DavidMcCulloch David McCulloch
    
    Sincarne. Yes, this was an error on our part. The supplemental privacy statement specific to Cisco Connect Cloud did not accurately reflect Cisco’s privacy policy. We’ve now changed it.
    - sincarne
      
      Thank you for addressing that. I’m sure you would agree that that is a very egregious error, considering it goes directly against what Wingo states are core Cisco practices.
    - http://www.nunoncastors.co.uk/ James
      
      And you’d have gotten away with it, too, if it weren’t for those pesky kids.
    - wysinwyg
      
      Yes, this was an error on our part. The supplemental privacy statement specific to Cisco Connect Cloud did not accurately reflect Cisco’s privacy policy.
      
      Not terribly credible. My tiny fly-by-night company with no in-house lawyers is apparently more careful about their privacy policies than is Cisco. Even if that were true it wouldn’t be very reassuring.
    - Guido
      
      So, you are basically calling Cory a liar, even if your “mistake” would have allowed what he claims. You have a lot of nerve, Mr. McCulloch.
      
      Is that what passes for professional PR these days?
      - ultranaut
        
        A lack of self-awareness just isn’t enough anymore, it takes straight up villainy these days.
    - fuzzyfuzzyfungus
      
      Does Cisco’s Legal team have an unstoppable enthusiasm for improv comedy as a technique for drawing up documents company-wide, or do these ‘mistakes’ only occur when you get called out on things?
      
      From the news releases on this ‘Cloud Connect’ stuff, it would certainly appear that this wasn’t some update that the crazy kids in some satellite office dreamed up in their spare time. Reasonably long time between announcement and rollout, partnerships with 3rd-party application developers and consumer electronics manufacturers, a coherent logo/branding, distinct from the standard Cisco one, across the service, etc.
      
      I find it difficult to escape the conclusion that if this was a ‘mistake’, it was a product of alarming incompetence and if it wasn’t, it was a product of self-serving malice.
    - fourcharacters456
      
      Yeah, and I bet having the “unmitigated gall” to dupe US and Canadian prosecutors into your vengeance campaign against your former exec was an “error” too.
      - Sanjaya Kumar
        
        Context?
      - fuzzyfuzzyfungus
        
        For those unfamiliar:
        
        http://www.channelregister.co.uk/2011/06/03/cisco_charged_with_duplicity/
        
        Peter Alfred-Adekeye, ex-executive, files anti-trust suit against Cisco. Cisco files 97 charges of unauthorized computer intrusion, a series of rather audacious shenanigans on the part of the US prosecutor and Cisco, roundly condemned by the Canadians, begins…
    - That_Anonymous_Coward
      
      What privacy?
      You updated equipment belonging to people without so much as a by your leave.
      Then you attach a “privacy policy” giving you carte blanche to begin wholesale spying on your customers.
      
      Either this program was dashed off in 15 minutes, or you expected no one to actually read the terms.
      
      Attaching the “wrong” privacy policy to a massive roll out like this shows a lack of planning or a massive lack of concern for your customers. Is this how Cisco does business? Just throw it all together, shove it out the door, and pray you can spin the PR after the fact and make it all better?
      
      This is a massive failure on the part of Cisco, it shows contempt for the users of your products.
      
      Even Microsoft and Apple, the 2 giant big boys of sneaky trick updates, give people some notice before making changes.
      
      Here is a semi flawed analogy so you can even begin to understand the ire you have raised from some of your users…
      We decided to update your Sub-Zero fridge, so when you weren’t looking we came into your home and changed how it operated.
      We then told you to find out how it operates you have to give us control, sign up for yet another web service (that can go poof at the drop of a hat leaving you with a brick), and we get to see everything your maid buys for you at the grocery.
      Oh and until you give us control, you can’t open the fridge.
      
      While I am sure you can show us all of the people who are so very pleased to have you manage these things for them, are they worth as much as the geeks people always ask well what one should I get?
      - t3kna2007
        
        > While I am sure you can show us all of the people who are so very pleased
        
        I’d like to see a list. The Cisco blog post uses the word ‘customers’, which, being plural, means there are at least two of them.
- Bahumat
  
  Resign, sir. Clean that house, and then resign.
- steveboyett
  
  I especially like that comments are closed on your allegedly explanatory blog entry.
  - fuzzyfuzzyfungus
    
    Now that the Truth is available, any further comment would simply be redundant and potentially confuse the issue…
    - kraken17
      
      Lol, awesomesauce.
- fuzzyfuzzyfungus
  
  I see that the really juicy section: “When you use the Service, we may keep track of certain information related to your use of the Service, including but not limited to the status and health of your network and networked products; which apps relating to the Service you are using; which features you are using within the Service infrastructure; network traffic (e.g., megabytes per hour); internet history; how frequently you encounter errors on the Service system and other related information (“Other Information”).” has disappeared into the aether as quietly as it appeared in the first place. It is so nice the legal verbiage can be unilaterally updated when it proves convenient. Thankfully ‘Cloud Connect’ users needn’t worry their pretty little heads about any future changes happening as quietly as that one did…
  
  However, that little change occurred after you were caught with your hand in the cookie jar. Best case, this might actually be the policy you take toward your Linksys customers in the future. Worst case, you are following the time-honored ‘do something invasive, temporarily back off if called on it, repeat once it blows over…’ strategy.
  
  In any case, what you are doing now, under the glare of adverse publicity, cannot change the fact of what you were doing in order to cause that publicity in the first place, and any judgement of you for what you have done is entirely fair.
  
  Incidentally, is it difficult to use a keyboard when you exude a slime trail wherever you go?
- http://twitter.com/Epers Eddie Perkins
  
  And, is the information on the revert option being offered to your customers in a way they will see it, for example being emailed to everyone who had to make a Connect Cloud account to access their router, or is it only on a blog post they might never see? Just curious.
- wysinwyg
  
  Until today if anyone asked for advice on what kind of router to buy, I would have unhesitatingly told them “Cisco/Linksys if you want it to work well and reliably.”
  
  Now I can’t recommend any of your products. I don’t believe that Cisco should be able to tell me what I do with my router after I buy it. I don’t think Cisco should interfere with the network administration I do in my own home. The fact that any of this happened at all is enough to put me off buying Cisco products for a very long time…assuming Cisco’s behavior is largely above board that whole very long time.
  
  You guys screwed up. PR noise isn’t going to help you. Doing right by your customers is the only thing that can help you.
- stasike
  
  Dear Mr. McCulloch
  
  I appreciate you trying to clear those few points.
  
  But I have to note that you only let people go to the previous firmware after a storm of bitter complaints from very angry users. And you still have that troubling sentence in your licence agreement that you reserve right to update my router even when I disable automatic updates.
  
  Originally you only let users to do a reset to factory defaults and that gave them firmware without that cloud password, but with limited functionality. I am computer technician and I used to recommend Linksys brand to all users. That ended yesterday when I first read about this sorry débâcle.
  
  I solemnly swear that I will never EVER use Cisco Connect Cloud. I have already informed my friends that I know use Cisco gear about this story, in case they missed it yesterday when it was posted on Slashdot.
- Henrique Olifiers
  
  Dear Mr. McCullough,
  
  Thank you for the patronizing read and the amusing reply to the topic. Perhaps, in the future, in the spirit of avoiding ‘very misleading’ press coverage, you could refrain from submitting customers to draconian Service Agreements. You know, not being evil and all.
  
  I’m certain that you lawyers are very sharp ones. As such, labeling those T&Cs as an ‘error’ is, quite frankly, calling us stupid.
  
  Perhaps on some other forums this might stick. Here? Hardly so. It’s a good thing you can’t disable these comments like you did in your corporate blog. Well, at least not yet… Perhaps in the future, if we all keep accepting your T&Cs, you will actually muster the power to do so.
  
  Until then…
- marc anthony
  
  Why is a call to customer service required? No call was required to push the update. Post the information online or push another update to undo the damage.
- http://www.facebook.com/washingtonia.filifera Washingtonia Filifera
  
  Pure comedy gold, Mr. McCulloch. From one marketing flack to another, I salute your mealymouthed cynicism.
- Joel Hruska
  
  David,
  
  As the author of the ExtremeTech post Cory linked to, I’m supremely unimpressed by the statements released thus far.
  
  1) You removed a paragraph from the Privacy Supplemental — a paragraph you can put back any time you want.
  
  2) You say Cisco won’t force people to operate a Connect Cloud if they don’t choose to do so. Does that mean you’ll be offering both Cloud and non-Cloud versions of your current upper-tier routers? Will new customers who buy an EA2700 or above still be able to downgrade to the non-cloud flavor, or is this reserved for those of us who kicked up a major fuss to start with?
  
  3) How long until all of your routers, including the eventual replacements for the E1200 and E1500 (currently cloudless) all use this connectivity “upgrade?”
  
  4) You have a “Usage Policy” in place which states that Cisco may terminate my service for a variety of reasons, including pornographic ones. Alternatively, it authorizes you to terminate my service at the behest of a third party, with no mention of arbitration, discussion, evaluation, or defense.
  
  Porn is legal. So’s a great deal of other content people would deem offensive. And your willingness to play lapdog for the RIAA/MPAA couldn’t be more clearly illustrated.
  
  Show me where Cisco pledges to respect the rights of its customers to access the equipment they purchase, and promises to keep routers Connect Cloud Free, and I’ll write a retraction.
- Don
  
  Cisco has blown its credibility with me, permanently, and your post above does nothing but nail the coffin lid down tighter. Buh bye, not buying any Cisco product ever again.
- SoItBegins
  
  ”It’s better to ask forgiveness than permission” does not apply if the issue is a privacy one!!
- http://www.facebook.com/ron.ellenbecker Ron Ellenbecker
  
  The problem is that your company should have never stepped over the line to tell the people/force people who ALREADY paid for the product. THEY own it and the data that transfers through it. At no point in time did your company have the right to take their access away from their product they paid for. Want to do it in the future to future products, let that be the death of your company. Look for a lot of law suits in the future if this remains the policy. Companies are getting bolder and bolder and dumber and dumber. Trying to squeeze every dime out of consumers even by using the force of government. Tomorrow, as today is the 4th, you know Independence Day (that should mean something to your company but I see it does not), I will be throwing my Cisco router away. Yes, I am one of those people who can afford a new one, will not deal with a company that stands for removal of rights and freedoms, and tries to impose this kind of invasive theft. Yep, I think what your company attempted is theft. Theft of services and theft of a product that people have already paid for.
- Rod Sullivan
  
  McCulloch, what exactly was the purpose of your posting here? If you’re going to engage with sensible and intelligent customers and potential customers in a well-known forum like BB, you cannot do so with boilerplate corporate doublespeak. That’s many times worse than maintaining silence.
  They say that a good customer tells a few people about their experience, while a bad one tells a dozen.
  
  You can be sure that I will be one who doesn’t simply wait to be asked by friends and colleagues my opinion of Cisco, but that I will actively seek out the many dozens of those that I’ve helped in the past, and will specifically communicate to them my absolute distrust of Cisco in light of this decision.
  
  This is the rankest stupidity I have seen from Cisco in many years of your expert wankery in the computing business.
  
  How on earth could the executive team have implemented this decision without _anyone_ of substance pointing out the obvious, widespread, and market-share eroding backlash that would immediately follow?
- seanbergmanrules
  
  From the blog post:
  
  “We take feedback very seriously.”
  “Comments are closed.”
- Michael Graff
  
  Respectfully, we should not have to switch back. You violated my privacy the moment you upgraded my router without my consent or action.
- http://twitter.com/MartianEmpress Rezeya Montecore
  
  The natives seem restless, Viceroy McCulloch. I don’t think they’ll be satisfied with beads and trinkets this time.
- http://www.facebook.com/profile.php?id=100002387027709 Alex Kuster
  
  Thanks, I’m not buying from Cisco … and I won’t never-ever-ever recommend it.
  I’ll recommend something that respects the ownership and rights of customer and user.
  
  This is exposinga set of mind inside Cisco that I don’t respect at all (really? forced updates? having control of what could be a production system? that if we ignore privacy concerns)…
- Gerard ter Beke
  
  Hi David,
  
  You just created a beauty of a legal case.
  
  Analogy: you buy a television, and the manufacturer retroactively decides what you can or can’t watch. Your phone manufacturer suddenly decides who you can or can’t call.
  
  Personally, I think this is criminal behavior. You significantly changed the workings of the router after you sold it.
  
  And still you have the nerve to appear here and defend your crime and label your customers as liars.
  
  Corporate Communications….what a joke. Communication is where you interact. Where did you communicate what you were planning to do? Where are you communicating on your corporate blog? You’re just pushing your ideas.Have fun defending this in a class action lawsuit.
- mystrdat
  
  Opt-out, haha. Fucking trash.
- CISCObigbrother
  
  Hi Cory,
  You are a PR guy, that is your job… that is what Directors of Corporate Communications do, you put out fires. No amount of PR spinning will cover up the fact that your company deliberately created the cloud updating system and deliberately locked people out of their routers and deliberately decided to strong-arm Cisco customers into accepting draconian CISCO TOS that granted CISCO the right to spy on customer internet usage.
  
  Your posting history with that account of yours shows you calling it “a mistake” or error or whattnot. Let me tell you this… that is pure PR BULLSHIT and you know it.
  
  Software does not get programmed by mistake. Firmware upgrades do not get programmed by mistake. A functional inherently insecure CISCO “cloud” system that somehow seamlessly integrates with said Firmware on Routers that WE OWN does not happen by mistake or by accident. That TOS is not something that gets churned out willy nilly.
  
  Your Corporation took its customers and attempted to ram them all up the nethers with this cloud-sidegrade and you guys were too busy planning on how you were going to pump us from behind and how good that level of big-brother-like control would feel to realize that your precious CISCO corporation has revealed its true colors.
  
  You seem to think that you can make this go away with some PR spinning and backtracking. Have you fired the leadership of the company responsible for this… fuck no. But you have backtracked like a mo-fo and now we are to believe that the leadership who planned the Big-Brothering is no longer interested in such things and that CISCO is trustworthy in the future. What a load of BS… and you know it.
  
  Brand permanently tainted. GRATS
http://gspirits.com/ Zod

Yay Monowall!
Andrew Singleton

See this is exactly how not to do the cloud thing.
http://www.darkphibre.com MrScience

I’ve been quite happy with my D-Link GameFuel routers (automatically prioritizes gaming traffic), after my Linksys devices kept failing. Haven’t looked back since!
http://mordicai.livejournal.com Mordicai

Hey, when I talk about corporate feudalism, I’m not joking! Not only do the workers not own the means of production, they don’t own the products they buy anymore, either.
Patrick Nielsen Hayden

From what Network World reports https://www.networkworld.com/news/2012/070212-cisco-changes-privacy-policy-for-260636.html?hpg1=bn_ , it appears that Cisco has hastily deleted the language in their EULA that gave them the right to spy on their users and do whatever they liked with the results, and that they don’t have a very good answer to questions about how that language got there in the first place.

Good on them for deleting the language, but somehow I’m not finding myself full of trust in their good intentions.
- steveboyett
  
  No, no, everyone has it all wrong. In a groundbreaking cost-cutting move, Cisco has brilliantly elected to crowdsource its legal proofreading department. Kudos and free Cisco Connect Cloud accounts to all who participated!
- Charlie B
  
  They don’t have good intentions. They don’t have bad intentions. They have responses to stimuli. Be careful about providing all stick and no carrot; if there’s no profit in bowing to users’ complaints, then they won’t do it any more.
  - http://profile.yahoo.com/7T7OFCJKYKYML4ZIQMIH3I7RGM rawtape
    
    Why should I provide Cisco with a proverbial carrot? I prefer to let the stimulus of me and other customers buying routers made by Cisco’s competitors (ones who don’t indulge in similar shoddy practices) do the trick.
    
    Frankly, after this move on their part, I am not likely to ever trust Cisco again. And I don’t particularly care whether they bow to users’ complaints or not, since I don’t plan on using their routers again.
- http://drwho.virtadpt.net/ The Doctor
  
  That which can be deleted can be un-deleted. Check back in a week and see what the text reads.
http://www.nunoncastors.co.uk/ James

You’d have thought that CISCO would have heard of the internet and how it enables people to tell the world that a big company is acting like a dick.
- fuzzyfuzzyfungus
  
  Apparently, Cisco’s not-at-all-nauseous-advertising-puffery tells us that, not only are they familiar with the ‘internet’, they are familiar with the “Human Network”.
  http://www.cisco.com/web/about/humannetwork/work.html
  
  Apparently, this “Human network” consists of happy consumers happily consuming Cisco-Enabled(tm) data services, rather than messy, real-world ‘human network effects’ like the Streisand; but Cisco is Totally Down With Kids These Days and Their Internet Jive Talk…
  - http://www.nunoncastors.co.uk/ James
    
    I’ll be honest. That website was so effective I’ve just purchased an ASA and a dozen layer 3 switches for my homies.
    - http://www.facebook.com/joel.white.311 Joel White
      
      You couldn’t give me an ASA! Last one I owned went to the gun range for an armor piercing round upgrade. Maybe that’s my next Linksys upgrade version 7.5X55 Swiss. True story.
http://twitter.com/EylerWerve Jonathan Eyler-Werve

Ima just going to leave this here:

http://www.dd-wrt.com/site/index
fuzzyfuzzyfungus

For extra fun, even if we take Cisco’s(no doubt completely trustworthy) word for it that the really juicy surveillance language was just a slip of the tongue, not an actual statement of policy(because the legal team of a major multinational corporation would totally allow phrasing mistakes so significant as to entirely alter the apparent meaning of the ToS for a program whose rollout has been planned for months, at the least, to just slip through the cracks, right?) there is still a fun little problem…

Cisco’s umbrella privacy policy has this little gem: “As a global company, we may transfer your personal information to Cisco in the United States, to any Cisco subsidiary worldwide or to third parties acting on our behalf located outside of the country where the data is collected where data protection standards may be different.”

Dear EU customers, I’m sure that you are 100% A-OK with the data protection standards here in the land of the free, right? And you definitely expected that your choice of cheap-plastic-router-box brands would include the potential of having a device on your network subjecting some of your data to the same?

We might as well start buying our routers from Facebook, at this rate…
- Simon Bradshaw
  
  On the face of it, that term may mean that anyone in Europe using such a router to process other people’s personal data (and that covers a very wide range of material) could be exposing themselves to substantial legal liability.
  
  8th Data Protection Principle: “Personal data shall not be transferred to a country or territory outside the EEA unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.”
  
  That’s written into law in all EEA states. And the US is specifically a country whose data protections standards do not meet EEA standards (which is why there are special provisions such as “safe harbor”, although if Cisco has terms like the one above it’s not exactly complying with them.)
  - fuzzyfuzzyfungus
    
    I’m guessing that US customers may or may not be happy with having their data shipped off to Bangalore to be handled by the most upstanding people that low wages and call-center sweatshop hell can attract, as well; but, yeah, I picked the EU because that sort of thing is occasionally actually illegal there, while it rarely even rises to the level of ‘news’ on this side of the pond…
http://twitter.com/brashley46 brashley46

So glad I use a Belkin.
… Anybody know whether that company is contemplating the same shite?
- fuzzyfuzzyfungus
  
  Been there, done that, got the T-shirt, I’m afraid. Belkin was downright ahead of the curve: They introduced their ‘our router firmware hijacks random HTTP connection attempts in order to redirect you to advertising’ program back in 2003…
  
  http://www.theregister.co.uk/2003/11/07/help_my_belkin_router/
  
  OpenWRT that sucker ASAP.
Jules Anderson

Anything to do with the recent purchase of NDS? A company with a less than stellar record and formerly part of the Murdoch empire?
http://potentialeyetrauma.blogspot.in/ Dr. Roboto

Question for everyone: Presuming my ISP runs Cisco routers, couldn’t they do this already? My ISP, in the US anyway, gets to spy on everything I do (has to I believe thanks to new copyright law [edit: agreement with RIAA, not law]) so, why wouldn’t Cisco just send all that info to their magical cloud? Surely they can link my name to IP address either by my ISP selling it or simply monitoring for me typing it in some form…

Am I wrong?
- http://www.nunoncastors.co.uk/ James
  
  There’s a marked difference between your typical home router and those used by ISPs and businesses. Not the least of which are the legal departments that sit behind them :p
  - http://potentialeyetrauma.blogspot.in/ Dr. Roboto
    
    No doubt, but now that ISPs are straight-up telling us they’re monitoring everything (in the US anyway), and that they report this to another private entity (RIAA), why couldn’t they do this previously? (Started July 1st if this http://news.cnet.com/8301-31001_3-57397452-261/riaa-chief-isps-to-start-policing-copyright-by-july-1/?tag=mncol;topStories is correct.)
    
    It used to be the common response was, “Why would they waste their time paying attention to you?” but then with Google and Facebook and umpteen other companies making a fortune doing just that…isn’t it safe to assume the ISPs are gathering then info and selling it?
    
    [Edit: Is it possible this was just a move by Cisco to skip paying the ISPs and getting the info of their users for free?]
    - http://www.nunoncastors.co.uk/ James
      
      It’s more likely that it was just a move to guide users into their super new service, tie them in, score some email addresses and cull some stats for market research and future product design. Can’t have people using dropbox et al when there’s a “user experience” to be had, right?
      
      As for the rest, legal issues.
      
      Monitoring-wise. Foreign vpn services are nice and cheap, TOR’s easy to use (though not without flaws) and so on. No need to make it easy for ‘em.
- http://dandascalescu.com/ Dan Dascalescu
  
  If you’re lucky enough to be located in the San Francisco Bay Area, you can switch to Sonic.net. They hold logs for only two weeks (vs. 18 months at Verizon and other ISPs).
  
  http://www.forbes.com/sites/andygreenberg/2012/06/22/ceo-of-internet-provider-sonic-net-we-delete-user-logs-after-two-weeks-your-internet-provider-should-too/
- http://twitter.com/alexvonthorn Alex von Thorn
  
  The issue is: you should not be trusting upstream networks to protect your privacy. You should have an expectation of being able to secure your own network with equipment you purchase. You can encrypt communications that leaves your local network, so that it doesn’t matter what’s upstream, but you need to be able to control the equipment on your side.
noah django

Way to give me a heart attack, Cory. I just logged in like normal, no firmware update, no “join our cloud” pop-ups. Is it just because they don’t care about a router as old as mine?
- fuzzyfuzzyfungus
  
  Pretty much. At present, only three relatively recent models (EA3X00) have been given this beneficent boon.
  
  Better head to Best Buy and upgrade, or you’ll be left out of a Cloud Enabled Digital Home!
Taniwha

Um – dumb question ….. who was it that decided you had to log in to the cloud to access the one thing you need to access to fix problems with your network when it can’t access the internet?
- http://pulse.yahoo.com/_A7GYUCE6ZDNEB2LNT5QSWCFP6I Joseph
  
  the cisco genius patrol i believe.
Dolphin Bunnywolf

Soon it will be a crime NOT to own a cloud-surveiled Cisco router.
- http://profile.yahoo.com/BQGXK3NY5VEOZODJ4TE7IHO26M LUAVULCARDS
  
  Not really a crime…Guv’ment will just assess you a tax for not having it. That seems to be the direction we are heading.
pfooti

I’ve got an asus rt-n16. It’s awesome; great signal all over my (chickenwire wall) house, and it has a very decent firmware out of the box. It’s easy to upgrade to DD-WRT (the factory firmware is, I believe, a fork of DD-WRT) if you should want to do so.
- Ty Myrick
  
  I have an Asus RT-N56U and I have really enjoyed it. After reading this, I like it even more.
http://www.facebook.com/people/Michael-Driver/100001568136916 Michael Driver

I REFUSE to use the so-called “cloud”. I don’t want my files, etc. sitting on someones server. I can store my stuff on my multi terabyte drive without paying monthly fees.
Cowicide

Oh, and Cisco reserves the right to continue to update your router, even if you set it not to allow automatic updates.

I hope they get sued out of business for every penny they cost customers in downtime along with the invasion of privacy.

Goodbye, LINKSYS and CISCO products.
Ty_MY

Sooner or later, the only safe option we have will be… Huawei.

dadadum
- ocker3
  
  I’m like a clown, crying on the inside…
http://www.facebook.com/michael.gee.184 Michael Gee

Using a linksys router but I do not have the supplied programs installed. No way to talk to the Cisco server. Glad I did this on accident…
- Charlie B
  
  If you’re running a linksys router by plugging it into the wall and praying, you’re most likely owned. I hope you at least changed the default password.
William Hurley

Seems to me that Cisco’s using their global install base as demonstration points to the Chinese government toward securing Party approved access to the world’s largest population.
James Campanella

A couple of years or so, I purchased a Cisco wired router to put between my DSL modem and Linksys WRT54GL router. Wanted to update the firmware on it. Their site listed newer firmware than what I had, but then when I went to the link the link was pointed to older firmware. I contacted support about it. They said they no longer supported that router it was too old. I said I understand that but what I am saying is the link on your website is pointing to the wrong file. The link may SAY it’s going to the newer firmware but the version number on the file and the date did not match the proper link. But apparently they could NEVER be wrong on a link from their website, so I ended up ditching having an extra router between me and the Internet and instead just placed my Tomato firmware installed 54GL.
SimonRain

As mentioned by many other people, being the family/co-worker/friend with the most knowledge in computers, I was always said Linksys over anything else.

I feel bad for all the people I have recommended Linksys routers to. I have always recommended these routers for their reliability and how long they would last before breaking (based on my experience and the ones who used the routers I told them to buy).

With each new person asking me which router to buy, none ever came back with a negative experience. This only solidified my loyalty to the brand.

This amounts to about 5 new happy customers per year for the last 5 years. I can say I was a pretty good unpaid salesperson.

It all changed now.

Unfortunately for your company, we have alternatives.

It is not like ISPs in certain areas where these poor people can only get Comcast for a decent internet connection. When people are stuck with only one option, they will complain but the companies can allow themselves to do these kinds of tricks since they know there is no competition.

I am a proud owner of the old yet still capable wrt54g. An electronic product lasting more than 3 years these days is a rare thing. I dread the day it will break since I will no longer be able to walk into a store and come out with confidence with a Linksys router in my bag.

I hope your company will learn from this. People are pretty fond of their Internet. Do not mess with it.
John Maple

Do not buy Cisco products. Case solved.
http://twitter.com/msgeek93 Michelle Hass

Cisco…Hey! You! Get offa my cloud!!!
jhwhiteh

Easiest thing to do with your existing device is to download dd-wrt and overwrite the Cisco firmware. It’s powerful and offers all the features of the factory firmware plus some. Doing this will give you your privacy back without having to replace the hardware.

Want the best wireless router in the business for your home ensuring yourself of a solid device with unparalleled protection? Pay a little more and get a SonicWall. You won’t be sorry.
Nix_Nightbird

My day job involves selling routers to customers in a national chain store.

Cisco/Linksys just made it much easier for me to decide which brand of router to offer customers, and I will, of course, be informing them of the risks of using a Cisco router before they pick one up and leave the store with it.

This was a severely bad move, Cisco. I’m more than happy to sell Belkin and Netgear to customers when this sort of thing happens.
- http://courry.myopenid.com/ paul courry
  
  Just tossing the obvious out there, but you do realize that any necessary hardware changes needed to implement their TOS changes still exists on that router you bought so long ago? It seems like a change to an Open Source OS (dd-wrt, et. al.) for your router is mandatory to shut the door on Cisco. Until you do, the barn door is open.
http://www.facebook.com/profile.php?id=1243425300 David Lucas

This whole thing sounds like a scare tactic farce. None of my Linksys or Cisco routers have downloaded new software. If you go to the Linksys site, they have some new routers that are cloud enabled and some that are not. This sounds like a marketing scam from the dd-wrt people.
- SimonRain
  
  In the comments above, an official PR person (David McCulloch) from Cisco informed us on an article they wrote to clarify this situation.
  
  It is only certain recent routers that have gone under the update.
  
  You can read their official response here
  
  http://blogs.cisco.com/home/answering-our-customers-questions-about-cisco-connect-cloud/
- http://twitter.com/crenelletech MichaelBrianBentley
  
  Older Linksys consumer grade devices don’t automatically check home base for updates nor allow updates to be pushed to the device from home base. Cisco, in my experience, also doesn’t provide firmware updates for devices that are no longer for sale.
http://pulse.yahoo.com/_A7GYUCE6ZDNEB2LNT5QSWCFP6I Joseph

If you are looking to upgrade to a Cisco, it is definitely time to go with DD-WRT. There are a few palces you can find pre-flashed DD-WRT models like FlashRouters (https://www.flashrouters.com) that will ensure you don’t run into these issues.

Plus DD-WRT crushed the stock firmware in features and capabilities pretty much across the board especially for the E4200.
http://andrushka.net/ Scott Cushman

This seems like the perfect opportunity for a competitor to step in and publicly sign on to a code of ethics that forbids similar actions. Whatever company does that will get my money when I’m ready for an 802.11ac router.
- Rod Sullivan
  
  How sad for all of us that despite hundreds of examples of companies behaving unethically, very few other companies (hardly any in my recall), have specifically and clearly seized the obvious competitive advantage and made strong and verifiable claims to behaving ethically in a forthright and testable manner.
  
  What does this tell us? That leadership across many industries and many, many companies is irrevocably compromised. Individual leaders have prostituted their integrity over and over, and these so-called leaders move from firm to firm and engage in the same disgusting practices again and again until huge swaths of global business are infected with this ineradicable virus.
  - Charlie B
    
    That, or consumers don’t know and/or don’t care.
John Layson

Doesn’t that infringe on the copyrights of videos and music stored.
http://twitter.com/ScaredyCat Andy Powell

Seriously Cisco? WTF are you on.

Why on earth are any of you still using Linksys? Get yourself a MikroTik RouterBoard*. Extremely powerful and cheap enough too. Get one for your parents, remotely manage it – properly.
*only if you’re a techie – they do require much more knowledge than a plug and play router.
Martijn Vos

I see a lot of people complaining, but isn’t this sort of thing simply illegal? If someone takes away something you paid for, and then blackmails you if you want to have it back, isn’t that time to call the police?

If you bought a perfectly fine working product, and then the manufacturer issues an update that intentionally disables it, and demands extra payment (in the form of information) from you to enable it again, is that not also time to inform the authorities?
- reneemjones
  
  Unfortunately Sony did exactly that and got away with it. I am sure that Cisco will claim, like Sony, that your “purchase” gave you no rights to anything but a paperweight and they are completely free to “brick” your product any time they like. What is worse is that our corrupt courts go along with this nonsense. The advertisement says “BUY this product” you say “Gee, yes I would like to BUY that product, here is some money.” In any rational world that is a contract to BUY. But the companies want to get your money and still retain total control, so they bribe the courts to agree that you did not actually “buy” the product after all. You don’t own it. You don’t have any rights. It is a “license” despite all the BUY wording EVERYWHERE. The corruption and dishonesty of corporations and judges is breathtaking!
http://twitter.com/librtee Sasha@librtee

Smells like Class Action…
- http://www.plan8.tv Roanhouse
  
  Here we are now, litigate us.
  
  Here we served you, advise your client
  
  Are you stupid, I will counter sue you.
  
  Here we served you, advise your client
  
  Hello, hello, hello, hello, hello, hello, hello law suit
  
  Helloooooo, hello, hello
  
  YEAH!!!
Palomino

“if you’re not paying for the product, you are the product.”

Eerily reminiscent of:

“”I’m not in the business. I am the business”.

~Sean Young as Rachael, Blade Runner.
- http://bhtooefr.org/ Eric Rucker
  
  Except you ARE paying for the product in this case.
Palomino

For me the big question is, who supersedes who, the router manufacturer or the I.S.P?

Sounds like Cisco is cock-blocking an ISP’s contract with their customer. Maybe ACTA isn’t dead after all, the customer just needs to purchase extra lube.
Thomas B

I have an old Linksys router, but I run Linux. I think I’m safe. :) Am I?
- http://twitter.com/crenelletech MichaelBrianBentley
  
  I believe your router is.
  - Palomino
    
    Thanks for the 7 a.m. laugh, it’s a great way to start my day.
Kaleberg

Isn’t this criminal unauthorized access to a computer system. If I installed software on a router, even an open router, I might get prosecuted. Shouldn’t Cisco face criminal sanctions.
http://larry.garfield.myopenid.com/ Larry Garfield

So how long before there’s a class action lawsuit? There needs to be one, and it needs to hurt.

Companies that try to pull this stunt need to HURT as a result. That’s the only way they’ll stop doing it. Otherwise we’re just boiling frogs.
http://www.chairthrower.org/ mrfantasy

I too was locked out of my router this week. More annoyingly, the Cloud Connect service wasn’t working properly and I couldn’t “validate” my account to get back into my old router settings.

I recently bought a new EA4500 and an EA2700 to upgrade my home network to full gigabit and high speed 802.11n. I thought I was buying the best of breed that would allow me the most flexibility, performance and power. Well, the performance is not what I had hoped, and now with this stunt, flexibility and power are gone too. Unfortunately, I’ve not found any open router firmware that yet supports the EA series routers–they have a different chipset, and I don’t know if the firmware is signed or otherwise unlockable. There are no working dd-wrt, OpenWRT or Tomato builds for these routers as far as I know. If someone has knowledge of working open firmware for the EA series routers I’d like to know so I can install it ASAP.

On last point–I use the 4500 as a wireless bridge, and the 2700 as my gateway router to my ISP. The 4500 did not do an automatic update–in fact, automatic updates do not work on it at all. I actually naively tried to engage Cisco tech support to fix this, and they of course immediately told me to use their Windows-based setup program, which not only did I not use to configure either of my routers (using the stock web interface only) but simply does not work if the router you’re trying to configure is not your internet gateway (and I wouldn’t be surprised if it didn’t work unless your router’s IP ends in .1). I literally abandoned the support chat once they instructed me to do this, and now I’m glad that the 4500 is still on the old firmware and stock web interface. If you have one of these devices and it hasn’t updated, using another router as your gateway will seemingly stop automatic updates. I will be reverting the 2700 shortly and waiting for either updates that do not enable the cloud functionality or an open firmware that does not lock me in to a Cisco EULA. I may be putting my old Netgear router (running DD-WRT) back as an Internet gatway in the meantime as well.
- Reuel Mark Delez
  
  Post it in their forums.
  http://homecommunity.cisco.com/
- TiredMemeCat
  
  Exactly. The hide-bound router corporations have finally woken to the existence of alternative open firmware and are now willfully designing their tawdry wares to be open to no alternatives. But still wide open to their own nefarious nature and more than willing to give it to any scumbag government that has a lucrative no-bid contract in hand.
  
  UEFI is just the thin edge of the wedge: corp/govs will ensure that not only ‘Other OS’ is not available to install on modern hardware, neither will alternate drivers or firmware be recognized at all – down to the level of silicon.
  
  About 15 years until we’re all fucked. The true Internet will be like a fading dream along with true freedom and democracy. Turns out the only thing that was stopping any ‘democratic’ society from turning itself into a panopticon was the fucking transactional costs.
http://www.lightning-rose.com/ LightningRose

Since corporations are people, my friends, all I can say is:

Christ, what an asshole.
ericball

Cisco has proven the statement I made when Sony won the OtherOS lawsuit:

“The lesson everyone should take from this is: you don’t own something which requires a network connection and can be updated via the network.”
TiredMemeCat

I’m about convinced to build my own router with iptables, pfsense, etc. whenever we finally change over to IPv6. I think Boing Boing should do a how-to in conjunction with, say, Instructables. We can no longer rely on the charity or courage of router corporations; there is too much on the line.
Bink Binkerson

Until not long ago, I controlled the budget for a decent-sized internet operation, that threw millions at Cisco. I will encourage my peers to never send them another nickel. What a bunch of useless marketroids, with no soul whatsoever. Chambers can go blow Ballmer behind the dumpster in the alley. Or vice versa.
Fideia

Nothing to discuss NO MORE CISKO and anyone who follow their policies.-
GreyGeek77

I find it impossible to believe that the management at Cisco did not realize that their decision to unilaterally, without permission, install ”Man-in-the-middle” tracking on their home wireless routers would not be detected and overwhelmingly rejected.

One has to ask why? Tell sell demographics that Microsoft and Google are collecting daily in the multi TB range? That market is saturated already. So is the “cloud” server market. Besides Cisco what other agent would benefit from an MIM vector? Federal agencies. Are we seeing the tip of an iceberg?
- Ty Myrick
  
  I read it as evidence that the RIAA/MPAA are paying them for information about what Cisco customers transfer across their home networks.
http://www.facebook.com/psuliin Paul Suliin

I haven’t read every comment, so pardon me if this has been covered already. I have two related questions.

1) Do I understand correctly that Cisco is reserving the right to lock you out of your router (that is, to block you from changing its settings), but is not threatening to shut the router down?

2) If they ARE threatening to shut the router down, then won’t Internet Service Providers object to that?

If I were (for example) AT&T and Cisco started cutting off my customers’ Internet access, then my first step would be to issue non-Cisco routers to my customers, and my second step would be to sue Cisco’s pants off.
Doug Graham

Step 1. Buy large sledgehammer, padded shipping envelope, Sharpie, and broom.
Step 2. Apply sledgehammer to Cisco/Linksys router repeatedly.
Step 3. Sweep up what’s left of Cisco/Linksys router into padded shipping envelope.
Step 4. Use Sharpie to address envelope to Cisco/Linksys as printer prints out 17-page letter to the company, complete with explicit and highly-detailed instructions as to where remains of Cisco/Linksys router can be placed.
Step 5. Leech off neighbors’ unsecured wi-fi.
- Robert Halasz
  
  ROFLMFAO!! This was worth reading all the posts thus far. I used to install Cisco routers all over the country that tied independent phone switches to the network. I don’t have any of this stuff, but I am learning alot here. Thanks to all you folks for the lessons. I just wish I knew more. I intend to find all the info I need, one way or another. But, I saw back up the page, that someone figured out the true cause for this: THE US GOVT HOMELAND SECURITY. Obama is going to try to take complete control of the country by faking an assassination attempt, and he wants to be able to completely disconnect the internet, so no one can communicate what is going on. Look for this to happen before the next election.
Larry Johnson

more likely .. this is part of the stuxnet self distruct order. Microsoft was not the only commercial player in this process.
Robbie Honerkamp

Disabling automatic updates would also disable firmware updates for my router that would contain bug and security fixes. So, the penalty for opting out is to have an orphaned, unsupportable device. I’m looking in to how I can either return the router I just bought or install dd-wrt or some other firmware on it. This is the last time I buy a Cisco consumer product.
http://pulse.yahoo.com/_MATJVE4GOH4MYSTT5GTBIMHZWM whos_He

The Digital Bill of Rights:

1) The right to a free and uncensored Internet.
2) The right to an open, unobstructed Internet.
3) The right to equality on the Internet.
4) The right to gather and participate in online activities.
5) The right to create and collaborate on the Internet.
6) The right to freely share their ideas.
7) The right to access the Internet equally, regardless of who they are or where they are
8) The right to freely associate on the Internet
9) The right to privacy on the Internet
10) The right to benefit from what they create.
- dusanmal
  
  And all that can be done by Constitutional amendment extending existing free speech protection by adding to it modern technology, in one line: All packets of information exchanged over the Internet are expressions of free speech. That’s it. Trivial. Now to make our representatives put it in place… another question.
  However, that would not resolve Cisco (and similar Apple, Google,…) issue. There we suffer from founders mistake not to include, as originally planned, property into essential human rights. Now that evil of slavery in the US is removed, it is time for another amendment – one adding fundamental right to ownership of property. That is the only way to permanently disable Cisco-type scams. Good luck with passing that one too.
  In the while – make noise and do not buy products with TOS.
reneemjones

Cisco hacked into the hardware of millions of people, disabled their devices and demanded ransom. How is this not a crime? If I did the same thing to Cisco, I would be in jail in an instant!!!! The face that our own government protects thugs like Cisco when they commit theft and blackmail like this just shows how thoroughly corrupt our entire society has become.
- Robert Halasz
  
  My bet is that this was done at the behest of our own Homeland Security as part of Oscumbag’s plan to take complete control of the country, and the internet. He wants a “kill switch” so he can shut off the lines of communication for all of us. I’d invest in an old HAM radio set if I was you guys.
  - reneemjones
    
    Might be, but they already have the full-country Internet taps installed by GW and they are still sucking up everything that passes through ATT Internet routers.
    
    We will have to setup an encrypted version of FIDONet over Ham radio!
http://www.facebook.com/brian.sparrow Brian Sparrow

This is why you flash your devices with DD-WRT.
- Reuel Mark Delez
  
  If supported. Word is, that these new EA routers cant be flashed with DD-WRT due to hardware restrictions.
http://www.facebook.com/profile.php?id=1790617312 Mike Carter

What are you talking about? I have a Cisco/Linksys E900 router. I administer it through the 192.168.0.1 IP with no problems. What is this cloud stuff? I see no reference to it on any of the router admin screens. The admin screens have no provision for updating the firmware. I have never had any sort of communication with Cisco.
- Reuel Mark Delez
  
  Only applies to App Enabled routers, currently, EA2700, EA3500 and EA4500. E900 is not app enabled as well as the older Linksys home routers.
http://oxwall.se Carl Oxwall

I’ll certainly think twice before I hook my E4200 up link. This device is affected, right? Also in Europe and Scandinavia?
http://twitter.com/patrikalienus Patrik Alienus

I have a Cisco RV220W at home. It has not downloaded any new firmware and I can get into it just fine. And it’s still doing what I’ve told it to do. So I’m a little confused; is it just some Cisco Routers?..
http://twitter.com/m2pt5 Emtu

Buying a router is not buying a service, it’s buying a damn piece of hardware.

See if I ever buy another router that can’t be reflashed with DD-WRT or other custom firmware.
http://twitter.com/jaspio Jasper Rijkeboer 

There is sadly no way to install DD-WRT on the new routers affected by this update. I have a newly bought EA2700 and the build status on the DD-WRT wiki is “Work in Progress”. Wish BrainKiller had better news…
http://www.offertalk.in/ Prashant Chourdia

I am using Dlink, Its Good but now will think for Cisco too
Alan Miron

Cisco quickly realized that it had a problem on its hands. On June 29th, before most of the uproar began about the change, Cisco’s Brett Wingo, VP and general manager of home networking, wrote, “We apologize that the opt-out process for Cisco Connect Cloudand automatic updates was not more clear in this product release, and we are developing an updated version that will improve this process. While we hope this reminder of our standard company practices will allay any concerns, customers who do not wish to establish a Cisco Connect Cloud account and would prefer to revert back to the traditional Linksys setup and management software can do so by calling the Linksys customer support line at 1-800-326-7114. One of our agents will walk you through the process.”
steve donovan

I haven’t got a clue what any of this geek stuff means but I have a belkin, have had for 4 years and it works perfectly
http://www.facebook.com/people/Greg-Jones/587483859 Greg Jones

Time to switch routers… and why is a box on my desk policing what I download? Porn is legal.
http://www.facebook.com/dane.ferrell Dane Ferrell

Everyone who has a linkseys Router needs to go and purchase one from a different manufacturer,then take your Linkseys Router to the store purchased from or send it to them and demand a refund, that is the only way we can shut these fascists down.
http://profile.yahoo.com/6JFOYUGNKBPLC62WBILRCRPCRU David

What if you have a Cisco/Linksys router and you never got the sign up thing to even do it? Cause i got one and i never got one… but thats bs thou!
Kyle Zillner

http://tools.cisco.com/WWChannels/LOCATR/performBasicSearch.do
cisco pranters