If you’re someone who likes to live dangerously and doesn’t care about their web-surfing habits being out in the wild, TP-Link has the perfect products for you, as the company is selling routers that send all web traffic to third-party servers, according to owners. As brought to attention by a user on r/hardware who has seriously regretted hooking up one of the company’s AX3000 routers to their network, the problem seems to center around HomeShield, an Avira-powered, subscription-based kit of security features from TP-Link that comprises real-time IoT protection, network protection, parental controls, and other tools. This service seems to always be running and sending all router traffic to be analyzed—even when the user has explicitly turned it off and/or never signed up for a subscription.
[PSA] Newer TP-Link Routers send ALL your web traffic to 3rd party servers… (r/hardware)