
Belkin Explains Why Its Routers Stopped Working - pjl
http://techcrunch.com/2014/10/08/belkin-explains-why-its-routers-stopped-working/
======
0x0
Wasn't it Belkin that got caught doing MITM shenanigans with HTTP connections
in their routers some years ago as well?

[http://www.michaelhanscom.com/eclecticism/2003/11/07/belkin-...](http://www.michaelhanscom.com/eclecticism/2003/11/07/belkin-
routers-hijacking-websurfing/)

~~~
wglb
Yes.

------
finnn
I don't get it... why would a router block access to the entire internet
because it can't talk to the manufacturer's servers? Why is it talking to the
manufacturer's servers at all?

~~~
sp332
It didn't shut off all internet access. The DNS resolver on the router checked
for connectivity. If it couldn't resolve Belkin's domain, it disabled the DNS
service because it assumed the Internet wasn't really connected.

Edit: see the workaround here
[https://belkininternationalinc.statuspage.io/](https://belkininternationalinc.statuspage.io/)

~~~
smsm42
OK, this is much less scary than I thought reading the article. Probably
wouldn't hurt to diversify it a bit and use some major provider like Google or
Amazon (or both?) for the check, but at least it doesn't look as bad as the
vague description in the article that made me think some vital router
functions and not simple DNS check depend on external infrastructure.

~~~
andyjohnson0
Amazon/Google might be a little annoyed if every Belkin router on the planet
started pinging them.

~~~
smsm42
They probably get much more legit traffic than that. Router doesn't need to do
it that frequently, only when it needs to find out if internet connection is
alive. Which is usually on boot and maybe on infrequent occasions after that.
So they wouldn't even notice.

~~~
davidu
No. Terrible idea: [http://pages.cs.wisc.edu/~plonka/netgear-
sntp/](http://pages.cs.wisc.edu/~plonka/netgear-sntp/)

------
shamsulbuddy
[http://www.amazon.com/TP-Link-TL-WR703N-Wireless-
iphone4-and...](http://www.amazon.com/TP-Link-TL-WR703N-Wireless-
iphone4-android/dp/B005VEJ3GM) .. This small little fella works perfectly for
me with OpenWRT and even if you are not a techie you can use the chinese
default firmware which works well as well .. More info on
[http://wiki.openwrt.org/toh/tp-link/tl-
wr703n](http://wiki.openwrt.org/toh/tp-link/tl-wr703n) in case you want to
install OpenWRT .. Plus this little fella just costs $30

~~~
joshu
i managed to eventually brick one of these so be careful.

~~~
plaes
Little soldering and serial-uart makes unbricking them quite easy.

------
aw3c2
Source might be this. TC adds nothing:
[http://community.belkin.com/t5/Wireless/Belkin-Routers-
Inter...](http://community.belkin.com/t5/Wireless/Belkin-Routers-Internet-
Outage/m-p/5796)

------
tantalor
> caused a false denial of service

Huh? Does this mean "the service thought it was DoS'd but it really wasn't"?

~~~
lucb1e
Yeah, the article is extremely vague, not an explanation at all like the title
says.

Another comment in this thread explains:

> It didn't shut off all internet access. The DNS resolver on the router
> checked for connectivity. If it couldn't resolve Belkin's domain, it
> disabled the DNS service because it assumed the Internet wasn't really
> connected.

By sp332,
[https://news.ycombinator.com/item?id=8429287](https://news.ycombinator.com/item?id=8429287)

------
julie1
1) there is still no explanatation for the rational of doing so, and the
origin of the black out ! 2) there is still no valid reason to add a useless
point of failure. 3) talking about security, the continuity of service is AS
important as anything else (imagine you had two belkins set up for redundancy
and multihoming, because internet is used to check credentials, you have a
loss of a critical services. A useless SPOF IS a security risk! ) 4) It is not
Belkin role to make sure «internet» is available and take measure when not
working. A router needs an IP connectivity including a DNS resolver, these are
clearly checks that are the ISPs responsability. 5) there is no arm in letting
a router not being able to resolve a DNS server (they can be statically
configured on the hosts or by a DHCPd server, routers at best acts as a DNS
cache and they are less efficient than tons of other solution even a stupid
dnsmasq). 6) it means blackholing the IP to the cloud of Belkin is an
efficient way to disconnect any user from the internet using their router. Is
it a feature made for Russia, China and USA (I mean any place where privacy is
considered a crime)?

Clearly Belkin has been bricking their gears when they are not connected to
internet. Why? Why have a killswitch of the internet?

I cannot see any good reason for spending THAT much money in terms of
investment and recurring cost. Someone planned this feature, and found smart
to spend recuring money on obviously unneeded feature.

Facts don't add up. Companies are here to make money. They spent a hell lot of
money to insert and plan and release this feature in their equipment. What do
they gain of bricking any devices not able to contact their «cloud»?

------
rockshassa
I cannot fathom why this kind of "phone home" behavior is necessary to operate
a router. Lets call it what it is, a kill switch.

~~~
danudey
iOS (and presumably Android) has a similar functionality, but at least in
iOS's case it's to find out if the device should consider this wifi to be
'working' (and send traffic via WiFi) or 'blocked' (and continue using the
mobile data network).

I can't think of any reason to have this failover behaviour on a consumer
router that isn't multihomed. It's not the router's job to ensure that my
internet is working according to some predefined rules, when there is no
tangible benefit to doing so.

------
shostack
One thing I cannot tell is that Monday my Belkin n600 router started crapping
out intermittently every few minutes. I would unplug and plug in the router
again, and it would work until it went down next.

Was I actually affected by this issue?

The description of this issue makes it seem like the routers were completely
unable to make a connection vs. the intermittent behavior I experienced so I'm
really confused.

I reflashed by firmware at Belkin's advice later that day and it seemed to
resolve the issue, but this can't just be coincidence...

~~~
MiguelHudnandez
If your computer was using a combination of working DNS IPs and your Belkin
router's IP, it's a plausible explanation for intermittent outages.

So if you had 8.8.8.8, 8.8.4.4, and 192.168.1.1, 1/3 DNS lookups would time
out. Specifics are up to your operating system and lookup configuration, but
you would almost certainly notice the problem, even if it was just minor
annoyance. Lookups will usually be retried after a few seconds, so it might
have just seemed like everything was extra laggy.

------
Animats
"“One of our cloud services associated with maintaining router operations was
negatively impacted by a change made in our data center that caused a false
denial of service."

Well, that's a non-explanation explanation. What "cloud services associated
with maintaining router operations" are being performed? "Lawful
interception", perhaps? Somebody needs to record the traffic between the
router and Belkin HQ.

~~~
DannyBee
While the conspiracy theories are fun, what actually was happening was that
the router pinged a heartbeat server they had to detect whether it was
connected to the internet, and when it wasn't, it would shut off the dns
resolver so browsers would get the "internet is not connected" error messages,
rather than some other random one.

~~~
Animats
That's what Reddit says.
([http://www.reddit.com/r/technology/comments/2ik43h/belkin_fi...](http://www.reddit.com/r/technology/comments/2ik43h/belkin_firmware_update_1072014_crashing_many/))
Belkin, though, didn't say that. Some people thought that Belkin did a remote
firmware update on the device. Belkin's own site indicates that firmware
updates must be performed through the device's web interface, which,
hopefully, can't be reached from the outside network.

Belkin routers apparently talk to "heartbeat.belkin.com", which is really an
Amazon AWS instance.

~~~
jauer
Apparently they moved it to AWS in the past day, perhaps to recover from the
outage.

During the outage heartbeat.belkin.com resolved to 67.20.176.130 which is held
by Sungard.

We (and several other ISPs) got our customers back online by putting
67.20.176.130/32 on a loopback interface on one of our routers so it would
always respond to pings. Other ISPs put overrides in their caching DNS servers
so heartbeat.belkin.com always resolves to 127.0.0.1 (belkin.com doesn't roll
DNSSEC).

------
pduszak
[http://www.dd-wrt.com/site/index](http://www.dd-wrt.com/site/index)

Problem solved.

~~~
plaes
[https://openwrt.org/](https://openwrt.org/)

Though, dd-wrt's website looks a bit more user-friendly. Though, OpenWRT is
where the most of the development and porting is happening.

------
j45
Totally creepy and unacceptable that a private piece of equipment can be
affected remotely. What's not to say that many routers (and the devices
attached to them) couldn't be attacked if (or now when with this information
coming to light) Belkin was compromised by an external party?

~~~
zanny
They can, they are, and that is what you get for buying a proprietary black
box and centering your network around it, in most cases.

openwrt / ddwrt / that fsf firmware project / etc exist for a reason, and
nowdays hundereds of routers support open firmware to such a degree it is your
fault to buy some backdoor infested unworkable disaster.

~~~
fest
I'd make that statement the other way around- open source firmware supports
hundreds of routers. It doesn't look like the openwrt folks and others get
much help from the router manufacturers.

------
makeset
Great. I thought my Belkin router croaked the other day, so I'm already out of
$200+ for a new router plus overnight delivery. I was going to return it when
I saw the old one was working again, but after reading this I'm getting rid of
the Belkin on principle.

~~~
nextw33k
Did you remember to buy a router that can have open firmware?

------
robertfw
This gave me a hell of a time the other day - I was perplexed as to what was
happening and equally perplexed when it started to work again.

This has definitely spurred me to take another look at my home networking,
this kind of thing simply should not happen.

------
nathanvanfleet
What the hell are they doing? How is this added value in any sense? I'm very
glad that I run OpenWRT which avoids me a lot of the worry.

------
plaes
Hey... has everyone forgotten the Smart TV issues that were unable to connect
internet due to the company service went down due to fire.

