What's new

[R7800] RAE, cloudfront ??? Netgear snitch?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

HELLO_wORLD

Very Senior Member
I noticed that I have something named Rae that was downloaded and installed. It seems to be related to Netgear, but what is it?
I have readycloud, mediaserver, upnp, transmission, traffic meter, etc... disabled
In tmp:
Code:
root@HERMES:/tmp$ ls -la rae*
-rw-r--r--    1 root     root           32 Apr 15 03:13 rae_md5
-rw-r--r--    1 root     root           19 Apr 15 03:13 rae_name
-rw-r--r--    1 root     root          461 Apr 15 05:01 rae_ping_result
-rw-r--r--    1 root     root            0 Apr 15 05:01 rae_ping_result_error
-rw-r--r--    1 root     root            8 Apr 15 03:13 rae_version
root@HERMES:/tmp$ cat rae*
D048E665AB23E5BA15FEB07D3C0242DDRAE_R7800_V1.0.0.12PING d3jdtixm7cvu7y.cloudfront.net (13.224.227.2): 56 data bytes
64 bytes from 13.224.227.2: icmp_seq=0 ttl=237 time=29.5 ms
64 bytes from 13.224.227.2: icmp_seq=1 ttl=237 time=30.0 ms
64 bytes from 13.224.227.2: icmp_seq=2 ttl=237 time=29.7 ms
64 bytes from 13.224.227.2: icmp_seq=3 ttl=237 time=30.1 ms

--- d3jdtixm7cvu7y.cloudfront.net ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 29.5/29.8/30.1 ms
1.0.0.12
In /usr:
Code:
root@HERMES:/usr$ ls -la rae*
-rw-r--r--    1 root     root       633598 Apr 15 03:14 rae.tar.gz
And after untaring on a folder in usb:
Code:
root@HERMES:/tmp/mnt/sda1/RAE$ ls
RAE_Policy.json  policy_version   rae_version      usr
root@HERMES:/tmp/mnt/sda1/RAE$ cat *
{
        "raePolicyVersion":             "V0.1",
        "stage": "prod",
        "reportMethod": "IoT",
        "dailyUpdateMethod": "1",
        "updaterInternal":   "1440",
        "routerInfo":           "1440",
        "routerConfig":         "1440",
        "readyShare":           "1440",
        "mediaDevice":          "1440",
        "connectedDevice":      "1440",
        "wifiAnalytics":        "360",
        "trafficMeter":     "1440",
        "eventLogPolicy": [
                {
                        "cpuThresholdHigh":             "90",
                        "cpuThresholdDuration": "60"
                },
                {              
                        "memoryUtilizationsHigh":               "90",
                        "memoryUtilizationsDuration":   "60"
                }
        ]
}
V0.11.0.0.12cat: read error: Is a directory
root@HERMES:/tmp/mnt/sda1/RAE$ cd usr/sbin/
root@HERMES:/tmp/mnt/sda1/RAE/usr/sbin$ ls
aws-iot                   data_collector            subscribe_publish_sample
Is that a snitch?
 
Thank you.
I think you are right.

Now, I don’t like that some data are sent without my consent.
And this was updated by itself.

top shows a ra process as well as a aws-iot (Amazon analytics). I killed both processes... I would like to find how they are launched to prevent them to be loaded. This is disturbing that there is no mention or control over that on web GUI.

I would like to find a way to safely uninstall that totally.

I think the "RA" in "RAE" stands for "router analytics". Search for "rae" on the OpenWRT page for the R7800, and you will see references to it in the OEM Bootlog section. That URL is:

https://openwrt.org/toh/netgear/r7800

What it actually does is another question!
 
Last edited:
perhaps it is controlled by this toggle:
Router Analytics Data Collection
Enable collection of router analytics data that will help NETGEAR improve our services and products.

on the GUI -> Advanced -> Firmware Update page
 
In advanced / Adminstration / Firmware Update?
I don’t have that. I only have this (and it is disabled):
Router Auto Firmware Update
Enable router to automatically update to future firmware. This keeps your router up to date with the latest features and security fixes.
Select one of the following options:
I Agree
I Disagree

perhaps it is controlled by this toggle:
Router Analytics Data Collection
Enable collection of router analytics data that will help NETGEAR improve our services and products.

on the GUI -> Advanced -> Firmware Update page
 
I'm running latest Voxel firmware. You?
I checked the webpage scripts -> that toggle on my end controls the nvram variable "agree_collect_TC"
(0=disabled)

But I don't know if there's any script or process on the router actually looks at that variable.
Perhaps on stock firmware there is?
 
Yes, latest Voxel V1.0.2.75.2SF
Nothing in the web GUI...

However, in nvram:
Code:
root@HERMES:~$ nvram show | grep agree
update_agreement=1
agree_collect_TC=1
upg_agree_conditions=5992350511233212
agree_full_TC=1
agree_auto_up_TC=0
root@HERMES:~$ nvram set agree_full_TC=0
root@HERMES:~$ nvram set agree_collect_TC=0
root@HERMES:~$ nvram commit

Thanks.
 
In Voxel latest and with Kamoj add-on betas it looks like this (stock GUI is corrupt):

Router_analytics.png
 
I am missing that Analytics section.
New router only flashed with latest Voxel’s.
I don’t recall seeing that ever... Is this analytics html local on the router or some kind of Ajax from internet? If so, my dns ad block might stop it.
 

Attachments

  • Capture d’écran . 2020-04-16 à 20.04.56.png
    Capture d’écran . 2020-04-16 à 20.04.56.png
    157.4 KB · Views: 278
Yes, English and no, it definitely does not show analytics for me.

It's in /www/UPG_upgrade.htm
Tried English?
 
OK, found it...
You have the nvram variable: new_sold_board=1
So apparently Netgear forces new routers to "phone home"!
You can change it:
Code:
nvram unset new_sold_board
 
Last edited:
OK, found it...
You have the nvram variable: new_sold_board=1
So apparently Netgear forces new routers to phone home!
You can try to change it:
Code:
nvram unset new_sold_board
Thank you!

Holy ***!
It worked and I now have the setting. That means that in some routers with this setting enabled by default, users don’t even have the choice to accept or refuse data collection and being sent and used by NG via Amazon Analytics!
I really don’t like that, and I am not even sure it is legal in Europe with GDPR law...
 
Last edited:
Ok, I found more about it
There is a init.d script named aws related with RAE and aws-iot
I used the command disable that is killing all related processes, but they are respawned quickly.
I even made a backup of /usr/sbin/aws-iot and replaced it by a script doing nothing, but overnight, it was replaced by the original aws-iot!
So something is not only launching aws-iot but also making sure the binary executable is not altered.
However, RAE stays off since I was able to change that setting, and web GUI stays visible.

Apparently, from the source code of /etc/init.d/aws it is a part of openwrt?
What is the purpose of that AWS in our router? It is collecting data (cpu, memory), but why? Is it calling home somewhere? Can we get rid of it?
 
new_sold_board is unset, and it allows GUI to show RA option (and it works, so that’s great)
Commented the new_sold_board in boot. Thank you!

However, aws is never turned off. Is it running for you? ( ps | grep aws )

Suggestion: Change "new_sold_board=1" to "new_sold_board=0" in the boot script.
PS
I'll remove the possibility to hide the GUI to disable it, and add a function to completely disable it in coming add-on.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top