TP-Link Router Owners Warn That All Web Traffic Is Being Sent to Third-Party Servers

The FPS Review may receive a commission if you purchase something after clicking a link in this article.

Image: TP-Link

If you’re someone who likes to live dangerously and doesn’t care about their web-surfing habits being out in the wild, TP-Link has the perfect products for you, as the company is selling routers that send all web traffic to third-party servers, according to owners. As brought to attention by a user on r/hardware who has seriously regretted hooking up one of the company’s AX3000 routers to their network, the problem seems to center around HomeShield, an Avira-powered, subscription-based kit of security features from TP-Link that comprises real-time IoT protection, network protection, parental controls, and other tools. This service seems to always be running and sending all router traffic to be analyzed—even when the user has explicitly turned it off and/or never signed up for a subscription.

[PSA] Newer TP-Link Routers send ALL your web traffic to 3rd party servers… (r/hardware)

Join the discussion in The FPS Review Forums...

Discussion (17 replies)

Join Discussion →
Brian_B

I always wondered why they were so cheap

Grimlakin
Grimlakin 👍 3

Thats scary.

Elf_Boy

That's legal?

Brian_B
Brian_B 👍 1

"Elf_Boy, post: 50123, member: 438" wrote:

That's legal?


If it's disclosed somewhere in the EULA fine print that no one reads, it would be.

Space_Ranger
Space_Ranger

Riccochet

you get what you pay for with that garbage

Brian_B

Wouldn't be surprised to see if this isn't some anti-virus/malware scanning or some such that it's doing "in the cloud"

Grimlakin

"Brian_B, post: 50136, member: 96" wrote:

Wouldn't be surprised to see if this isn't some anti-virus/malware scanning or some such that it's doing "in the cloud"


I didn't notice a feature like that on TPlink. I do use this on my ASUS router.. AI Protect. So far seems to work well.

Peter_Brosdahl
Peter_Brosdahl 👍 1

"Brian_B, post: 50125, member: 96" wrote:

If it's disclosed somewhere in the EULA fine print that no one reads, it would be.


Should be renamed to EOLA since if we all took the time to read all the ones we get for every new device, service, firmware or device update, etc., we'd be at end of life by the time we're done. I used to read them but in the last couple of years I barely blink and suddenly there's one on the screen for something. It's the new mortgage.

Zarathustra
Zarathustra 👍 3

As I say every time something like this comes out, it is time collection of user data gets regulated.

The practice needs to be permanently ended. Make sure fines are so punitive that the world is forced back to a "contextual" model of advertising that does not rely on collecting data on users and creating profiles on them.

I understand that right now, these don't provide as much revenue to sites, but that's only because there are more lucrative options to advertisers out there. If you remove those more lucrative options, then they will be forced to come back to contextual ads, which will raise the value of contextual ads.

Elf_Boy

"Brian_B, post: 50125, member: 96" wrote:

If it's disclosed somewhere in the EULA fine print that no one reads, it would be.


Not always.

Contracts can agree to some things but not make an outright illegal act ok.

I am betting this is a hazy, borderline, situation.

U

I have 2 tplinks. That model is highly rated in pc mag. I usually looked reviews and tplink can rank high for the price, which is why I brought them. I dont have a newer model though.

Riccochet
Riccochet 👍 2

I don't trust "consumer" grade products from anyone. My EdgeRouter X-SFP has been ridiculously stable for 6 years. But, it's not for everyone. Setup is a lot more complicated. But the features and performance are hard to beat. And it was only $60.

Brian_B

"Riccochet, post: 50203, member: 4" wrote:

My EdgeRouter X-SFP has been ridiculously stable for 6 years.


Same, that and my Unifi APs have been rock solid.

Maybe latest hardware has changed, or there's something better out there by now - but these have been running strong for ~years~ and I've had zero need to upgrade. They were really nice when I was first setting up Starlink and I could setup failover parameters with no problem at all. I haven't needed any VLANs, but I've toyed with the idea so I could set up various QOS parameters and Pihole configurations and the ERX can certainly do it. And adding additional WiFi coverage is as easy as plugging in another AP and adopting it - it meshes right in.

Really the only thing I can really complain about the UBNT stuff is that the APs require a java program on a PC to setup, and there isn't a way to do it via their router or to run the program on the router (there is a phone app, but I could never get it to work). It's nice that you can use the AP's without needing a same-branded router, but I don't get how there is absolutely zero integration on any level.

I've spent less on my setup than a "Gaming" router for sure. Way cheaper than a mesh WiFi router as well. Might be a bit more than your standard TP-Link consumer router though

Zarathustra
Zarathustra 👍 1

"Riccochet, post: 50203, member: 4" wrote:

I don't trust "consumer" grade products from anyone. My EdgeRouter X-SFP has been ridiculously stable for 6 years. But, it's not for everyone. Setup is a lot more complicated. But the features and performance are hard to beat. And it was only $60.

That has been my position over the last 10-15 years.

Increasingly I avoid any consumer stuff like the plague, and if I have to use it I firewall it off, or run it on a dedicated offline VLAN.

My choices are Open Source first, Enterprise second.

I have been using pfSense as my router for over a decade and couldn't be happier. I was a little bit unhappy with the direction they went with netgate, and had intended to transition to OPNSense, but I think I dragged my feet too long and missed the window in which config files were compatible.

With all my VLANs and firewall rules it would be a PITA to transition manually now, but maybe you still can. I don't know. I'll have to do some more research.

If I ever start from scratch, I'm definitely switching to OPNSense though.

Tsing Mui
News poster at The FPS Review.

Recent News