ASUS ROUTERS TRENDMICRO SMARTHOME NETWORK SOLUTION == BIG BROTHER?

[hggomes]

After the already known EULA file.

Source files:

asuswrt-merlin/release/src/router/bwdpi_bin/datacolld
asuswrt-merlin/release/src/router/bwdpi_bin/bwdpi_bcm6/datacolld
asuswrt-merlin/release/src/router/bwdpi_bin/bwdpi_bcm6_smp/datacolld
asuswrt-merlin/release/src/router/bwdpi_bin/bwdpi_bcm6_smp_pptp/datacolld
asuswrt-merlin/release/src/router/bwdpi_bin/bwdpi_bcm7/datacolld
asuswrt-merlin/release/src/router/bwdpi_bin/wred
asuswrt-merlin/release/src/router/bwdpi_bin/bwdpi_bcm6/wred
asuswrt-merlin/release/src/router/bwdpi_bin/bwdpi_bcm6_smp/wred
asuswrt-merlin/release/src/router/bwdpi_bin/bwdpi_bcm6_smp_pptp/wred
asuswrt-merlin/release/src/router/bwdpi_bin/bwdpi_bcm7/wred


CISCO...BW..LS..WG..PHION...NETGEAR.ZYXEL...ANCHIVA.BRCM....ELFIQ...ASUS

nvram get upnp_enable
nvram get ddns_enable_x
nvram get wl0_auth_mode_x
nvram get wl1_auth_mode_x
nvram get wl0_wep_x
nvram get wl1_wep_x
nvram get wl0_key_x
nvram get wl1_key_x
nvram get wl0_key
nvram get wl1_key
nvram get wl0_wpa_psk => 2.4GHZ BAND WIRELESS PASSWORD
nvram get wl1_wpa_psk => 5GHZ BAND WIRELESS PASSWORD
nvram get wl0_radius_key
nvram get wl1_radius_key
nvram get misc_http_x
nvram get misc_ping_x
nvram get http_username => WEBUI/SSH USERNAME
nvram get http_passwd => WEBUI/SSH PASSWORD
nvram get dmz_ip
nvram get autofw_enable_x
nvram get vts_enable_x
nvram get enable_ftp
nvram get st_ftp_mode
nvram get enable_samba
nvram get st_samba_mode

Is this only an internal check on Trendmicro Network Protection? Or its also sent to their servers address listed inside the file "data collect daemon"??

ntd-asus-2014b-en.fbs20.trendmicro.com
rgom10-en.url.trendmicro.com
backup21.url.trendmicro.com
wrs.trendmicro.com
activeupdate.trendmicro.co.jp
gslb1.fbs.trendmicro.com.akadns.net

data_colld: ntd-asus-2014b-en.fbs20.trendmicro.com (ALIAS) slb1.fbs.trendmicro.com.akadns.net

wred: rgom10-en.url.trendmicro.com (ALIAS) trendmicro.com.edgesuite.net
wred: backup21.url.trendmicro.com (ALIAS) trendmicro-g.georedirector.akadns.net
wred: wrs.trendmicro.com
wred: activeupdate.trendmicro.co.jp

Something that would worth some time to investigate.

 

[RMerlin]

To be able to evaluate the key strength, the program needs to retrieve that key, and analyze it. That does not mean that it gets sent anywhere... This is for features such as the security evaluation that's shown on the webui.

You can put away your tin foil hats now.

 

[hggomes]

Yes, thats already known, the code belongs to TM Networks Protection but it also doesnt mean it doesn't send the info out.

 

[RMerlin]

Yes, thats already known, the code belongs to TM Networks Protection but it also doesnt mean it doesn't send the info out.

Every nvram that you list here can be directly matched to what's shown on the webui Security summary page. DMZ, UPNP, password and key strength evaluation...

There's no reason to think that TrendMicro would send that info back to their servers - this is pure speculation, with no arguments to support it.

 

[hggomes]

So far... Thats why the topic was created, we hope it keeps that way.

But by the way you are talking it seems you have arguments to proof the opposite, but i get your point here.

Thats unknown, it can be YES or NO.

 

[RMerlin]

So far... Thats why the topic was created, we hope it keeps that way.

But by the way you are talking it seems you have arguments to proof the opposite, but i also get your point here.

Thats unknown, it can be YES or NO.

You don't make that kind of public accusations without having the smallest element of proof to back it up. I'm already seeing one person publicly claiming "There's a backdoor!" out there. That kind of FUD spreads quickly, and gets distorted very easily. I don't feel like having to answer those kind of accusations in paranoid emails and PMs sent my way.

Otherwise, I'll bring you back to a few months ago when you were distributing your builds without source code, and people started publicly asking if you were adding backdoors to your releases. See what I mean?

SNB is not Reddit. We are all technical-minded members, who don't deal in speculations and unbased accusations, we deal with solid, hard facts. We'd rather not see this spread everywhere, where people take everything out of context, and assume that "It's on the Internet, therefore it must be a true fact".

The presence of those strings does not prove anything, and I gave you a logical explanation for their presence - they directly match what's shown on the health report on the webui.

(EDIT: don't quote this entire message, the moderation system dislikes something in it)

 

[hggomes]

Sure i get your point, but TM is closed source code, theres no way to check it ever, so i dont see the direct relation in here.

 

[eddiez]

Yes, thats already known, the code belongs to TM Networks Protection but it also doesnt mean it doesn't send the info out.

You being out on the streets at 4AM does not make you a burglar, right?

 

[hggomes]

I hope not.

 

[eddiez]

I hope not.

You get the point I hope

 

[L&LD]

You being out on the streets at 4AM does not make you a burglar, right?

Great point!

Now, to find the best time to be out burglaring, without raising suspicion.

 

[hggomes]

LOL thats also a good point.

 

[L&LD]

Oops! Did I type that out loud?

 

[hggomes]

BUSTED!

 

[eddiez]

You might want to change the title of the post to less capital font... you're kinda shouting