I installed a firmware update on my router, and discovered it both adds telemetry and breaks the navigation in firefox. 🤦‍♀️

It also started complaining that my password isn't secure (despite its length) because it doesn't contain a symbol.

Good freaking job.

Ah yes, proprietary software

Even on router level, damn! In the Netherlands (and the EU as well, I think) you could sue their asses big time over this 😄

How about https://openwrt.org/

or https://dd-wrt.com/ or https://advancedtomato.com/

"telemetry" as in it started reporting your location to some place? How do you even detect that?

Imagine living in 2020 and some dumbfuck 'developers' of router firmware still think symbols are necessary to a secure password.

@Demolishun The new firmware collects and transmits usage data, apparently (location is easy enough with geoip, wifi ssid tables, etc.). Fortunately the router displayed an opt-in page for it (defaulting to yes, naturally) or I never would have known. I don't have a monitor between my router and the isp, though it might be a good idea :/ freaking everything spies now.

Reminds me of the "samsung account" notification my phone still gives me every 10-60 minutes. The terms/privacy policy on a samsung account says it collects basically everything and sends it to samsung. i don't remember what benefit this gives you as the end-user, if any. but the best part: there is no option to say no. there is a back button, but it just sends the notification again 😅

I hate the state of the world today.
Basically everything is trying to screw you over or spy on you in some/every way.

@Root I never sign up for the samsung shat. I hate their apps.

@Demolishun Neither, and same.

To be fair, a blind bruteforce's search space is gonna go way up if they have to do symbols too.

Not that it matters as MAC whitelisting is *supposed* to prevent blind attacks pretty well, but a deauth from nearby kinda makes the whole fucking system collapse.

I wonder if I can make a box that detects MAC spoofing through further IDs sent on join like hostnames or something similar and if something reconnects and stops having the right names for other things it either deauths it or saturates it with traffic or force-proxies it or something