(Disclaimer: I work for the same former-division-of-Google-and-now-Alphabet-subsidiary that built this, though I don't work on OnHub.)
I think you need an account for cloud-based configuration, credential sharing, etc. Maybe it's not for everyone, but I think it makes sense as a product. I highly doubt they added a Google account requirement to improve ad targeting.
It's a wirless bridge, and it assumes you already have a router with an internet connection(i.e. your cable/dsl/fiber box). Setup instructions are here:
That's bullshit. It should use something like Thread or Bluetooth 4.0 to let you configure it from your mobile device, which already assumes you'll be in the same room with the router in 99% percent of the cases.
There's no reason for this to be sent over the Internet, when you're both in the same room.
I wouldn't phrase it so negatively but I do share the same sentiment. I think this is the craziness that seems to be so widespread that people don't notice how crazy it is - the primary way for two devices sitting few meters from each other to communicate should not be routing packets around half of the planet. I get it's easier, but it's bad engineering, unnecessarily wasteful energy-wise and I bet the only reason this is the default is for companies to lock people down and make money on data.
The general point is "local direct communication is hard and unreliable". Your phone falls back to 3G - connection broken. You're on "HouseWifi" and the other device is on "HouseWifi_5Ghz" - connection broken. You have a router with a guest mode and stops guests accessing the local LAN - guest can't print or chromecast or whatever.
This then assumes that authentication is handled by some combination of device proximity, physically pushing a "grant admin access" button on the device, or falling back to password management (possibly on a sticker on the bottom of the device).
There is something to be said for tying the device into an existing strong authentication infrastructure.
If you can debug the device remotely, you can debug the device remotely without trusting a third party.
There's absolutely no reason your private home router should be a slave to whatever remote configuration, monitoring, or intercept that some third party may be under legal orders to implement.
IMO these devices are nothing but parasites. On the positive side, Google has no track record with selling this kind of device and hopefully they will fail badly at it.
Google Fiber is one of the most wanted things in the tech world. You think having your traffic go through their router is bad? I don't even want to know how you'd feel about every internet thing you do being on their network.
Is guest access on a private SSID? Is my traffic separate from theirs? What about VPN support? I was getting ready to by an Asus router because I'm in the market for one, and it's at a similar price point. The three features I'm most interested in are QOS (which it looks like you have), having guests segregated from my network, and VPN access to my server
Asking for an explanation or complaining or criticizing a product is good and should be encouraged. Companies should expect negative feedback if they release products that consumers do not like. In fact this helps the Companies too in making products that people want.
I don't quite see why you're telling people to "take it or leave it". That applies to every single product in existence, and I would hazard a guess that most people here are aware of it.
I understand the sentiment but I can see a certain logic to using a Google Account.
It gives some protection against an attacker using a default password (as with every other router in the world). Also the hardware could be locked to a particular account in case the firmware is reset and you return to a welcome page.
Also it seems preferable that Google should use it's existing infrastructure instead of creating something new just for this.
"I highly doubt they added a Google account requirement to improve ad targeting."
I find that a highly optimistic statement given advertising is pretty much Google's only significantly profitable product and is supporting the entire conglomerate.
It doesn't seem very plausible that Google made OnHub just to sell lots of them at the $200 price point. I think the official stance on this will be that they want to make the internet work better and be easier to setup. I do think that's plausible.
Plus, unless Google can snoop into HTTPS connections, how would this help them with ad targeting? (since HTTP will be phased out within the next few years)
If you're able to tell, which division is that? Is this really inner-Google product development, or mostly/partial/somewhat outsourced via a prod-dev consultancy?
Not directly, but they would certainly have included it as an entry point to bring users into Google's account-driven services, and to make a Google account "stickier".
That indirectly does increase ad revenue and targeting, and you can be sure that over time different people in the company will keep having the "bright idea" that if they correlate OnHub data with data from Analytics, DNS, and location services, they can improve ad-targeting by 0.x%, leading to $Y million in additional revenue, and within a few years it will be.
Not really. If the router auto-updates, it has to get that update from somewhere. If anything, being able to push firmware is more powerful than being able to push configuration.
Their privacy policy seems open ended enough to indicate otherwise. Using this router allows Google to collect a HECK of a lot of data about your Internet usage.
Well, privacy policies are weaksauce and in general haven't been legally tested that much.
Terms of Service [1] is the real deal. For e.g. - (I've removed examples given in brackets)
--
When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works communicate, publish, publicly perform, publicly display and distribute such content.
The rights you grant in this license are for the limited purpose of operating, promoting, and improving our Services, and to develop new ones. This license continues even if you stop using our Services.
Our automated systems analyze your content to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.
--
So yeah, the Terms of Service is filled with so many legal loopholes that only a lawyer would love.
Sure! What else doesn't it do "for now"? You should make a list. Subliminal messaging out of the speaker, ad hoc mesh for coordinating kill-bots...
More seriously, one nice feature of that page:
If changes are made to this article (which should be rare), a revision history will be available on this page to let you know what has changed and why.
> I highly doubt they added a Google account requirement to improve ad targeting.
Ad delivery networks, and google is one of the biggest, have one core business: delivering ads. Everything is setup to make that as big and as solid as possible. Whatever it takes (and we all know how far ad delivery networks will go: almost infinitely far).
Now they ship a piece of hardware, require signing up with an account, and it's not for prolonging / helping their core business? If you believe that, I have a piece of land I want to sell to you, special price.
I'm not going to say you're wrong, but Google has an interest in maximizing the number of people who have consistent, reliable, enjoyable internet experiences. If this hardware does not collect data to help them target ads (and that may very well be the case), but causes more eyeballs to spend more time online where they will find Google-hosted ads, it helps their core business AND the customer.
Believe it or not there are a lot of teams at Google that don't think about ads. I worked on Geo for over three years and had plenty of discussions about how various things should work, and ads never came up. (There was one case where we pushed pointless login requirements on the user, gating Zagat reviews behind a G+ login, and I (along with many others) argued against it.) Like I said, I'm not on the OnHub team, but knowing how these sorts of things work my educated guess is that they did some market research and found that the best way to have the best UX for the median user was to do cloud-based configuration.
On top of which, the privacy policy (linked elsewhere in the comments)_ makes it clear that your actual web browsing data isn't tracked.
At a strategic level, if we make wifi better and people use the internet more, sure, we can show them more ads. Maybe that and/or other strategic concerns are part of why the project got funded in the first place. But the people actually designing the features are probably a disjoint set of people from the ones thinking about that kind of strategy.
> default credentials, which are stickered or engraved on their routers.
Which having a seemingly random admin and wifi password with WPA pre-configured is better than no password.
I remember a story where an individual connected to an open AP, scanned the network, found a windows network share with everyone read access, that had NES roms and their tax returns. The sad part, and still is true today, you couldn't help them without admitting that you committed a crime (a felony I believe).
This is too funny - why would you admit, to a cop, what you are doing??? You just say you are sitting in your car enjoying a nice day - and it wouldn't be a lie because technically you are. It just so happens you are doing other things as well.
> He had been accessing the Internet through a nonprofit agency's network from a car parked nearby and chatted with the police officer about it.
If you are thinking "but surely the legal system should understand this concept, right?"
> "I had a feeling a law was being broken, but I didn't know exactly what"
Or how about the library who didn't mind a patron was using their wireless system - but the police still wanted to press charges:
> The library director said that Tanner had not broken any rules, and local citizens criticized police for their actions.
From one of the news articles:
> The police officer confiscated Tanner's laptop in order to inspect what he may have been downloading,
That is a big NO. If a police officer ripped my laptop from my hands - I guarantee it would be a decision we would both regret.
No - you said drop off a file somewhere. Connecting to their open AP is a crime in itself. I was trying to point out that the legal system has no idea how to deal with the legalities of accessing APs. Of course, they would have prove I had a malicious intent (assuming they could track me down).
I used to work there, and one eternal subject of lunch-table conversation was how interesting it would be to make consumer routers with the same ease of management... but how the consumer market is such a hellhole to work in because margins are so low and consumers are more sensitive to price than to management complexity in their purchasing decisions.
A good brand like Google's can get around that, though.
Yeah, Wave was a great tool for remote collaboration/project management. There's the Apache Wave bundle you can self-host, but it's not as simple as just linking someone to wave.google.com.
I was just being snarky. A router requiring you to have a Google account seems needlessly complicated. We could crank it up a notch and allow only the users of an esoteric and obsolete messaging system use it.
Wave was a cool idea, though. But refusing to integrate it with e-mail under the assumption everybody will stop using it was a tad optimistic.
[1] https://on.google.com/hub/support/#get-started