

Belkin Breaks Its Routers Worldwide, Issues Temporary Fix - nkrumm
http://techcrunch.com/2014/10/07/belkin-acknowledges-its-routers-cannot-access-the-internet-and-issues-workaround/

======
makmanalp
Want to hear a fun story?

You remember dyndns.com ? Well, it used to be a small app run literally from a
dorm room at WPI. Well, after a while, it became one of the largest dynamic
DNS providers in the world, and router manufacturers around the world started
supporting it in the UI. Dyndns used to provide an address (an olden-days
plaintext web API of sorts) to check the external IP of a router. Eventually,
manufacturers realized that even if they didn't have a deal with dyndns or
even formally support them, they can use their IP address to check the router
WAN IP. Major manufacturers like linksys and d-link (I think, don't take my
word for it) jumped on the bandwagon and everyone started pinging the crap out
of that page and if they took it down, these routers would break in
interesting ways. So they built it up and kept it running.

That API runs to this day, at checkip.dyndns.org.

edit: Today that company is dyn.com, bootstrapped pretty much all the way, and
provides DNS to twitter, etsy, fastly, the guardian etc.

------
bitJericho
More reliable news source: [http://arstechnica.com/information-
technology/2014/10/borked...](http://arstechnica.com/information-
technology/2014/10/borked-belkin-routers-leave-many-unable-to-get-online/)

~~~
drcross
To break it down- the routers use a Belkin IP address as a DNS relay, when it
couldn't reach that address the router responded with the error. So the
problem was that their internet facing DNS server went down. It's pretty poor
that they dont have backup DNS servers but it's not the end of the world it's
not as if their backdooring fubarred firmware onto the routers.

~~~
halviti
Not according to the article. Belkin claims that it was a problem with the
server they used to allow the router to check for internet connectivity.

If it comes out that Belkin is actually routing their users through their own
DNS, I would hope it would be a huge privacy scandal.

There is no reason for them to run a DNS infrastructure for their clients, and
doing so provides them no direct benefit, has no clear applications for
building routers at all, costs money to maintain, and is a huge point of
failure.

I can't imagine them doing such a thing for a few advertising dollars.. the
only reason a router company would do that is if they were paid by the
government or something. This way Belkin could reroute your internet traffic
through whoever's servers whenever they wanted, and you would likely never
know.

Anyway, that sounds a bit far-fetched, so I'm going to hope that Belkin is
telling the truth.

------
arbernat
It's very easy to cause a ton of problems with commodity routers. The
University of Wisconsin - Madison CS department got DOSed back in 2003 by
Netgear routers using the CS NTP server because it was hard-coded into the
router firmware. Full story is linked below:

[http://pages.cs.wisc.edu/~plonka/netgear-
sntp/](http://pages.cs.wisc.edu/~plonka/netgear-sntp/)

------
abluecloud
Am I correct in thinking they use a single site hosted by them to decide if
the router is connected to the internet? Did noone not think this might not be
the _best_ idea?

~~~
drewcrawford
What would you suggest? Placing the question of whether or not their products
continue to work in the hands of third parties?

I think there is a conversation to be had here about the proper way to tie
add-on services (which are inevitable) with one-time-purchase products.
Consumers want some indication of whether they can reach the Internet, but
this really requires some ongoing cost on the router manufacturer's part,
which cannot be recouped indefinitely from a one-time hardware sale.

we face a similar crisis in mobile apps. Apps increasingly require backend
services to provide core functionality, which just isn't sustainable
indefinitely with a fixed-price model. Inevitably when these companies are
acquired, the backend shuts down, and people lose the product that they "paid"
for.

I think in the long-term, we are going to have to move to a subscription-based
model where people are paying regularly for things they used to buy one-off.
But in the short-term, you can have an endless stream of VC-backed companies
who can afford to take on that cost for short periods. So anyone who actually
broke rank would get beaten back pretty hard by the market.

~~~
blueskin_
>I think in the long-term, we are going to have to move to a subscription-
based model where people are paying regularly for things they used to buy one-
off.

i.e. renting software.

People don't want to rent software. Look at the (un)popularity of Adobe CC
etc. to show that.

This is why online activation/backend is just a bad idea in general.

~~~
PhantomGremlin
> People don't want to rent software. Look at the (un)popularity of Adobe CC
> etc. to show that.

Something I stole from the Internet a while ago:

    
    
            "What is it with these customer-oriented
            companies that forget where their money
            is coming from?"
    
        Look up the words "Monopoly" and "Oligopoly"
    
        Short answer is, they don't *have* to care.
        You want them more than they need you.
    

To further the point, Adobe stock hit an "all time high" earlier this year, on
better than expected revenue and earnings.[1]

 _YOU_ might not like Adobe CC, but they're making plenty of money renting it
to you.

[1] [http://247wallst.com/technology-3/2014/06/17/adobe-
earnings-...](http://247wallst.com/technology-3/2014/06/17/adobe-earnings-
brings-all-time-high/)

------
cesarb
This event reminds me of an old definition for "distributed system":

"A distributed system is one in which the failure of a computer you didn't
even know existed can render your own computer unusable." (source:
[http://research.microsoft.com/en-
US/um/people/Lamport/pubs/d...](http://research.microsoft.com/en-
US/um/people/Lamport/pubs/distributed-system.txt))

In this case, the failure of a system most people didn't even know existed
(Belkin's heartbeat server) rendered their router unusable.

------
al2o3cr
My guess? Belkin was routing DNS queries from these boxes through their own
infrastructure. For what purpose, who knows.

Evidence is the "workaround" posted on their status page:

"We have identified a workaround that will enable some users to get back
online. The workaround requires that you set a static DNS address on the
device trying to access the internet."

~~~
mzs
Nah, this is the best explanation from a reddit thread, looks like it was
pinging heartbeat.belkin.com to verify network connectivity after getting DNS
servers from DHCP:

[http://www.reddit.com/r/technology/comments/2ik43h/belkin_fi...](http://www.reddit.com/r/technology/comments/2ik43h/belkin_firmware_update_1072014_crashing_many/cl2u41n)

10:40 AM <Duiwel> Just got an e-mail from someone on our Wireless ISP mailing
list: We found the routers are sending icmp to heartbeat.belkin.com. Even
though we could get a response here at our NOC, the belkins are not receiving
it. We added the ip for heartbeat.belkin.com as a loopback address on a router
on our network and it becomes

10:40 AM <Duiwel> reachable to all the belkins on our network. Lo, and Behold!
They all work again.

10:40 AM <Duiwel> May have to try that

