Sure, we made your Wi-Fi routers phone home with telemetry, says Ubiquiti. What of it?
You didn't ask for it, we didn't tell you about it, but hey, it clears GDPR so what you gonna do?
Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wireless routers to quietly phone HQ with telemetry.
It all kicked off when the US-based manufacturer confirmed that a software update released this month programmed the devices to establish secure connections back to Ubiquiti servers and report information on Wi-Fi router performance and crashes.
Ubiquiti told customers all of the information is being handled securely, and has been cleared to comply with GDPR, Europe's data privacy rules. Punters are upset they weren't warned of the change.
"We have started to gather crashes and other critical events strictly for the purpose of improving our products," the hardware maker said. "Any data collected is completely anonymized, GDPR compliant, transmitted using end-to-end encryption and encrypted at rest. The collection of this data does not and should not ever impact performance of devices."
In its current state, Ubiquiti's EdgeSwitch won't have much of an edge on anyoneREAD MORE
The assurance was of little consolation to UniFi owners who bristled at the idea of any of their data being collected, particularly without any notification nor permission. In particular, enterprise customers were less than thrilled to learn diagnostic data was being exfiltrated off their network.
"Undisclosed backdooring of my network is completely unacceptable and will result in no longer recommending, using, or selling of Ubiquiti gear," remarked one netizen using the alias Private_.
Ubiquiti has offered an olive branch of sorts to its upset customers, as the biz said there are plans in place to release another firmware update that will allow customers to opt out of the data collection. No release date has been given, and Ubiquiti did not respond to a request for comment on the matter.
In the meantime, however, punters are going to have to deal with knowing that Ubiquiti will be slurping some of their data, and that is not going over particularly well. One mitigation is to use DNS or IP address filtering to block connections from the devices to Ubiquiti's servers, though this may interfere with the equipment's operation.
"Despite our good experiences with the hardware and our clients' satisfaction, this is absolutely a step too far," said user sillyrat. "We're through buying Ubiquiti products unless and until they go back to doing only what we set them up to do." ®
Thanks to Reg reader Kevin Campbell for the tip.