
Cisco Changes Privacy Policy for Linksys Routers After Uproar - brk
http://www.pcworld.com/businesscenter/article/258694/cisco_changes_privacy_policy_for_linksys_routers_after_uproar.html?autoStart=0
======
pilif
There is so much wrong with this, that the usual EULA blunder is but the tip
of the iceberg:

For a long time now, I'm using small fanless Linux boxes as routers for my
home network, so clearly, I'm somewhat of a home router power user.

If there is one thing I have never ever in my life done with said routers, it
must be changing their configuration while not at home.

This is incidentally the only reason why you would ever even want to consider
using a cloud based home router management as an end-user.

IMHO a totally unneeded feature which also opens up a whole ton of other
issues - privacy being one of them, security being a huge other part.

These linksys boxes are so far removed from even having having an acceptable
security record... At least up until now, they would not respond to
administrative commands from the outside. Now they clearly have to. Even if
they got security significantly better than they did up to now, this is such a
bad idea.

Oh, and I believe it's absolutely crazy to push an update like this as part of
an automatically installed firmware update: when you alter functionality in
such a broad way, the only thing you achieve is that people begin distrusting
silent updates.

After years in which Chrome and Firefox finally managed to convince the public
that silent updates might be a good thing (they certainly are for security -
and web developers, I guess), stuff like this goes great lengths in destroying
that trust again.

~~~
mwexler
Let's see a couple of plausible use cases for a home router with a remote
config capability:

* Husband calls wife who is at work: "Joey is visiting for a day, but he says our network is locked. Can you let him on? I don't know how to use this thing."

* Grandma calls her son the Dad who's away on a business trip: "I know you've blocked Facebook from your daughter's machine, but it's also blocked on my laptop. Can you unblock it for me? I'm trying to make plans!"

Sure, one could try to walk someone through the steps over the phone, or even
remote desktop into a box to make the changes... or just tell them "wait til I
get home, too bad!". But theoretically, both of these scenarios could be fixed
with a cloud oriented mgt system.

Look, Cisco made a total clusterF out of how they handled this, but it's also
easy to see what they were trying to solve for. They just hamhanded it, in a
huge way. Also, these scenarios are potentially rare, so they made people
change everything about the router just to solve these edge cases, agreed.

But I suspect many more products will have cloud/external management before
long, whether they should or not. When something is hot, it becomes solutions
looking for problems beyond the few they may actually solve.

~~~
SpikeDad
I think you're giving them too much credit. To me, this screams of marketing
driven decision. It seems transparent to me that Cisco was trying to get some
synergy with their current marketing "Cisco Cloud" advertising.

I can just hear the marketing droids speaking now - "Wouldn't it be great if
we could bring our little home users into the great cloud so they think
they're important to us. Why would anyone object to that, I mean they already
have opt-in to automatic updates so they are saying it's OK, they really want
it".

Sheesh.

------
nodata
Cisco is reframing the issue.

The privacy policy was half of the problem. The other half was taking
everyone's internal-only routers and making them accessible through Cisco.
This is the opposite of what most people want.

Make Cisco Connect _opt-in_ on existing routers, make it opt-out on new
routers.

------
ihsw
Yet another case of 'It's better to ask forgiveness than permission.' Their
capitulation is only natural considering the negative PR mess this has become,
however it's hard not to imagine this being entirely intentional.

~~~
reddit_clone
It is distressing how many companies do this now a days.

"Lets do it and see what happens. If the shit storm is too strong, we can
always apologize and take it back"

Everyone wants to get away with whatever they can. I suspect it will only get
worse.

------
bane
I smell an unusually large and justified lawsuit over this.

------
earl
So basically, cisco was going to collect their own behavioral targeting
dataset for sale or to get into the adtech business. Better yet, they were
going to backdoor this in via an automatic update most users wouldn't see onto
a physical device the users paid for. Some dbag there saw NebuAd and Phorm and
get jealous, I guess.

Whatever else you may think of cisco, they sure do have big ole brass balls.

~~~
bane
Don't forget they were also going to monitor what you were surfing to ensure
it was safe and moral content.

