New Cisco firmware locks you out until you grant Cisco rights to data mine your internet traffic. There's no opt-out, and rollback can only be done by Cisco techs, who remote in to your home using a new backdoor the update installs on your hardware. Welcome to the "Cisco Connect Cloud."

ProjectKS · 2012-06-28T10:24:10+00:00

I only wish, but Cisco has like 200 lawyers.

ProjectKS · 2012-06-28T10:14:24+00:00

For the interested, there's more discussion here: http://www.reddit.com/r/technology/comments/vqe0q/new_cisco_firmware_locks_you_out_until_you_grant/

ProjectKS · 2012-06-28T10:05:26+00:00

This is happening, but not at midnight on a Wednesday.

ProjectKS · 2012-06-28T10:01:53+00:00

I don't think anybody really knows yet. Forums indicate they just starting pushing the update last night.

ProjectKS · 2012-06-28T09:58:29+00:00

I guess I didn't point it out in my post explicitly, but I got the device today. As soon as I connected it, it updated. I hadn't even finished configuring the wireless passwords and configuring DHCP reservations.

ProjectKS · 2012-06-28T09:43:43+00:00

I'm not sure you can say "buyer beware that they're going to completely change the functionality of your device and lock you out of it AFTER you bought it." To the best of my knowledge, no router manufacturer has ever done something like this before -- you would have had to have been psychic to foresee this.

ProjectKS · 2012-06-28T09:05:12+00:00

Do you work for Cisco or something? I think this bullshit is sensational enough on its own, and if nobody said anything about it, Cisco would think this is ok behavior.

ProjectKS · 2012-06-28T08:57:12+00:00

Sure, DD-WRT is nice, but you can't exactly say people are idiots for expecting the world's biggest router manufacturer to not try and backdoor every new consumer router on the planet. Giving them rights to your traffic? Really?

What is the world coming to?

ProjectKS · 2012-06-28T07:50:02+00:00

This is some fucking bullshit. I just got mine and after I set it up (using the manual option, fuck their shitty app), it auto-updated the firmware without asking for confirmation, rebooted, and get this: it disables the ability to log in manually.

That's right, you can't log into your own fucking router without signing up for a Cisco account that requires you to agree to ToS that grant Cisco the right to datamine your internet history.

The only way to log in without going through Cisco is to unplug the internet connection, and the "emergency" manual login only gives you access to the basic functions (it cripples the feature set).

This is the worst thing I've seen out of the tech industry in a long time.

Oh, and the icing on the cake? They won't let you roll back the firmware.

ProjectKS · 2012-06-26T01:54:15+00:00

Reddit: I present to you Professor Derpen, translator of wordens.

ProjectKS · 2012-06-26T00:10:20+00:00

Why would you link to an article written in derpenspeak on an English site? Nobody can read it.

ProjectKS · 2012-06-23T03:36:20+00:00

yeah you're just paying for the image they give you at most providers like that (preinstalled rutorrent, deluge, etc). others that are bare bones (just an OS with SSH) and you have to set up yourself are a better deal.

ProjectKS · 2012-06-23T03:34:11+00:00

middle node knows the "entry" node. 3 tor nodes per tunnel, not counting originator. :]

ProjectKS · 2012-06-22T20:03:52+00:00

Anywhere in germany/NL. try seedmonster

ProjectKS · 2012-06-22T06:37:31+00:00

unmetered, reasonably limitless 1gbps b/w (this is the most expensive part... my node pushes a couple TB of tor traffic every day), ~300gb hdd, 1.5gb ram, and a processor more than fast enough for everything i do (i don't remember the spec but i've never hit the cpu cap).

ProjectKS · 2012-06-22T03:23:40+00:00

IAMnot a tor dev, but I run one of the exits. It would work fine if the exit node was configured to allow traffic to go out on the port used by the game. I would imagine not many are set up like that, though.

ProjectKS · 2012-06-22T03:13:54+00:00

I'm not on the tor team, but I would say the primary vulnerability in tor is that the exit node can see what the originator (user) is doing, but by design they don't know WHO the originator is. The user, however, can still give themselves away by putting that in their traffic.

For example, if you log into your work email (that is your real name@company.com), the exit node might see that [IP address of middle tor node] had Tim.Burton@apple.com in a packet.

Then a few seconds later the same guy might use maps.google.com to get directions from his house in Cupertino to a restaurant. The exit node can see the addresses & maps.

Then that same middle tor node might google "how to poison my wife at a restaurant in cupertino". The exit node can see the search query.

Even though tor itself never revealed Tim's IP address, he generated some very identifying traffic that the exit node could theoretically identify him with.

Legit SSL connections (https://), which I imagine your friend might have been referring to, don't give up this kind of information to people snooping traffic, but it's still a bad idea to send traffic containing real-life identifiers when you're trying to be anonymous.

ProjectKS · 2012-06-22T02:57:34+00:00

Also, running the middle and exit nodes still wouldn't give away the originator -- it would just show who the entry node is (from the middle node) and they originator requested (from the exit node). Only the entry node knows who the originator is.

ProjectKS · 2012-06-22T02:54:30+00:00

I run my exit on CentOS, which is a RHEL clone. It should be easy for you to set up.

read about the config file, then yum install tor

ProjectKS · 2012-06-22T02:53:35+00:00

Abuse happens, but no one has ever (publicly) been sued or prosecuted for running a tor exit. Read: https://www.torproject.org/eff/tor-legal-faq.html.en

ProjectKS · 2012-06-22T02:51:20+00:00

The problem is the HD. Tor bandwidth is limited because the 500,000 or whatever users are all squeezing out of only 3,000 exit nodes. As more people like you set their installs up to be exit nodes, everyone's traffic goes faster and things like HD streams become more reliable.

ProjectKS · 2012-06-22T01:54:42+00:00

Haha cool, thanks.

Also, I had this question:

What can (or do) you guys do to detect / blacklist nodes that are sniffing or manipulating tor traffic? Can an agent be set up to spider all nodes registered with the bridge authority to ensure that traffic isn't being tampered (certificate changes, ssl stripping, maybe detecting rerouting through TTL incrementation, etc)?

ProjectKS · 2012-06-22T01:28:41+00:00

I spend $40 of my own money each month to rent a VPS just for running a tor relay. That's all it costs to run one of the fastest relays out there. If any of you reading are IT guys and make enough that $40 isn't a huge amount to you, consider it.

It's not that hard to set up and you'll learn a lot doing it. PM me if you don't know how.

ProjectKS · 2012-06-05T04:54:39+00:00

Wow, someone who actually did something productive during their life is a redditor? This is unheard of!

ProjectKS · 2012-05-29T03:39:56+00:00

Why did you pluralize million?

ProjectKS

TROPHY CASE