Image: TP-Link

If you’re someone who likes to live dangerously and doesn’t care about their web-surfing habits being out in the wild, TP-Link has the perfect products for you, as the company is selling routers that send all web traffic to third-party servers, according to owners. As brought to attention by a user on r/hardware who has seriously regretted hooking up one of the company’s AX3000 routers to their network, the problem seems to center around HomeShield, an Avira-powered, subscription-based kit of security features from TP-Link that comprises real-time IoT protection, network protection, parental controls, and other tools. This service seems to always be running and sending all router traffic to be analyzed—even when the user has explicitly turned it off and/or never signed up for a subscription.

[PSA] Newer TP-Link Routers send ALL your web traffic to 3rd party servers… (r/hardware)

Go to thread

Don’t Miss Out on More FPS Review Content!

Our weekly newsletter includes a recap of our reviews and a run down of the most popular tech news that we published.

17 comments

  1. Wouldn't be surprised to see if this isn't some anti-virus/malware scanning or some such that it's doing "in the cloud"
    I didn't notice a feature like that on TPlink. I do use this on my ASUS router.. AI Protect. So far seems to work well.
  2. If it's disclosed somewhere in the EULA fine print that no one reads, it would be.
    Should be renamed to EOLA since if we all took the time to read all the ones we get for every new device, service, firmware or device update, etc., we'd be at end of life by the time we're done. I used to read them but in the last couple of years I barely blink and suddenly there's one on the screen for something. It's the new mortgage.
  3. As I say every time something like this comes out, it is time collection of user data gets regulated.

    The practice needs to be permanently ended. Make sure fines are so punitive that the world is forced back to a "contextual" model of advertising that does not rely on collecting data on users and creating profiles on them.

    I understand that right now, these don't provide as much revenue to sites, but that's only because there are more lucrative options to advertisers out there. If you remove those more lucrative options, then they will be forced to come back to contextual ads, which will raise the value of contextual ads.
  4. If it's disclosed somewhere in the EULA fine print that no one reads, it would be.
    Not always.

    Contracts can agree to some things but not make an outright illegal act ok.

    I am betting this is a hazy, borderline, situation.
  5. I have 2 tplinks. That model is highly rated in pc mag. I usually looked reviews and tplink can rank high for the price, which is why I brought them. I dont have a newer model though.
  6. I don't trust "consumer" grade products from anyone. My EdgeRouter X-SFP has been ridiculously stable for 6 years. But, it's not for everyone. Setup is a lot more complicated. But the features and performance are hard to beat. And it was only $60.
  7. My EdgeRouter X-SFP has been ridiculously stable for 6 years.
    Same, that and my Unifi APs have been rock solid.

    Maybe latest hardware has changed, or there's something better out there by now - but these have been running strong for ~years~ and I've had zero need to upgrade. They were really nice when I was first setting up Starlink and I could setup failover parameters with no problem at all. I haven't needed any VLANs, but I've toyed with the idea so I could set up various QOS parameters and Pihole configurations and the ERX can certainly do it. And adding additional WiFi coverage is as easy as plugging in another AP and adopting it - it meshes right in.

    Really the only thing I can really complain about the UBNT stuff is that the APs require a java program on a PC to setup, and there isn't a way to do it via their router or to run the program on the router (there is a phone app, but I could never get it to work). It's nice that you can use the AP's without needing a same-branded router, but I don't get how there is absolutely zero integration on any level.

    I've spent less on my setup than a "Gaming" router for sure. Way cheaper than a mesh WiFi router as well. Might be a bit more than your standard TP-Link consumer router though
  8. I don't trust "consumer" grade products from anyone. My EdgeRouter X-SFP has been ridiculously stable for 6 years. But, it's not for everyone. Setup is a lot more complicated. But the features and performance are hard to beat. And it was only $60.

    That has been my position over the last 10-15 years.

    Increasingly I avoid any consumer stuff like the plague, and if I have to use it I firewall it off, or run it on a dedicated offline VLAN.

    My choices are Open Source first, Enterprise second.

    I have been using pfSense as my router for over a decade and couldn't be happier. I was a little bit unhappy with the direction they went with netgate, and had intended to transition to OPNSense, but I think I dragged my feet too long and missed the window in which config files were compatible.

    With all my VLANs and firewall rules it would be a PITA to transition manually now, but maybe you still can. I don't know. I'll have to do some more research.

    If I ever start from scratch, I'm definitely switching to OPNSense though.
  9. That has been my position over the last 10-15 years.

    Increasingly I avoid any consumer stuff like the plague, and if I have to use it I firewall it off, or run it on a dedicated offline VLAN.

    My choices are Open Source first, Enterprise second.

    I have been using pfSense as my router for over a decade and couldn't be happier. I was a little bit unhappy with the direction they went with netgate, and had intended to transition to OPNSense, but I think I dragged my feet too long and missed the window in which config files were compatible.

    With all my VLANs and firewall rules it would be a PITA to transition manually now, but maybe you still can. I don't know. I'll have to do some more research.

    If I ever start from scratch, I'm definitely switching to OPNSense though.
    I too have gone the route of PFSense and UnifiAPs for my solution. I have both PFSense and the UniFi Controller running on a miniPC that's running ESXi as the host OS.
  10. Same, that and my Unifi APs have been rock solid.

    Maybe latest hardware has changed, or there's something better out there by now - but these have been running strong for ~years~ and I've had zero need to upgrade. They were really nice when I was first setting up Starlink and I could setup failover parameters with no problem at all. I haven't needed any VLANs, but I've toyed with the idea so I could set up various QOS parameters and Pihole configurations and the ERX can certainly do it. And adding additional WiFi coverage is as easy as plugging in another AP and adopting it - it meshes right in.

    Really the only thing I can really complain about the UBNT stuff is that the APs require a java program on a PC to setup, and there isn't a way to do it via their router or to run the program on the router (there is a phone app, but I could never get it to work). It's nice that you can use the AP's without needing a same-branded router, but I don't get how there is absolutely zero integration on any level.

    I've spent less on my setup than a "Gaming" router for sure. Way cheaper than a mesh WiFi router as well. Might be a bit more than your standard TP-Link consumer router though

    The USG has the Unifi controller built in. But I think it's been discontinued. Dream Machine also has the controller built in.

    I pretty much never touch my access points, so, it's not really an issue.

    Another nice feature of the ERX is IPSec VPN support. Rarely see that on consumer products. It's something I need.

Leave a comment

Please log in to your forum account to comment