Belkin Routers Route Users to Censorware Ad

The Register has a story today about Belkin routers redirecting their users' network traffic. To me, this seems like the logical next step after top-level domain name servers piping ads to your browser. Now the routers themselves hijack the traffic they are supposed to, uh, route -- and you'll love where they send you instead. But it's OK because you can opt out. Incidentally, the Crystal Ball Award goes to Seth Finkelstein, who in 2001 quoted John Gilmore's famous aphorism about the internet, and asked "What if censorship is in the router?"

Good qoute

There is censorship in the routers. But there is also loose spare change that the system addy dropped in their too.

Here's the angle I would take...

The device is defective. Make product support give you one that works. While you're at it, send hate mail to the marketing team. I bet the support guy will give you the right email addresses...

Better yet, get the addresses and post them here.

Re:Here's the angle I would take...

I'll just quit buying Belkin products. Though I don't have any to beginning.

Re:Here's the angle I would take...

When I needed an access point, I bought a D-Link router because it was on sale (which was a mistake, because as an access point the D-Link router sucks). Fortunately for me, the Belkin wasn't on sale or I might have been stuck with one of these idiot boxes.

I just ordered a new laptop and I'll need a new Wi-Fi card for it. Guess what brand I'm not going to pick? Unfortunately, between Linksys violating the GPL [slashdot.org] and Belkin hijacking URLs [slashdot.org], D-Link [dlink.com] is about the only remaining choice. Unfortunate not becuase there's anything wrong with D-Link, but because choice is good.

Re:Here's the angle I would take...

I don't know how you feel about Netgear, but they are another option.

Re:Here's the angle I would take...

The same Netgear that hard-coded some unfortunate NTP server in their firmware, causing tons of grief for a university? These guys are faced with either throwing away a network segment, or adding tons of unicast-type hacks to try to service all of the traffic.

Re:Here's the angle I would take...

Once that came to light Netgear themselves provided enough networking hardware to handle the traffic load and techs to support it free of charge to the university.

there are other wireless routers

Here is one [http://www.microsoft.com/hardware/broadbandnetwor king/productdetails.aspx?pid=003]

Oh wait..we hate them too.

Re:Here's the angle I would take...

Get a Lucent Orinoco card. At least in the 802.11b days, they were *by far* the best, and they work great with Linux (if that's a concern for you).

Re:Here's the angle I would take...

ericd@belkin.com

You're welcome. :)

Re:Here's the angle I would take...

isn't it a little odd though that this [google.com] is the only usenet post he's ever made?

Re:Here's the angle I would take...

ericd@belkin.com [mailto] enjoys his peace and quiet. ericd@belkin.com [mailto] does not like unsolicited email. People should not send messages to ericd@belkin.com [mailto] unless they are personally affected by the issue. Spammers should not illegally harvest the email address ericd@belkin.com [mailto].

Exactly

This is a defective product. It doesn't route IP packets correctly. Return it for repair, replacement, or [preferrably] refund.

Boy did they blow this one. If they had stuck to something simple like your very first HTTP transaction brought up a configuration/advert screen only once, then there wouldn't even be a story.

What if I had bought this for an isolated network? Would it hang up for an appreciable amount of time trying to contact belkin.com?

Re:Exactly

>> Boy did they blow this one. If they had stuck
>> to something simple like your very first HTTP
>> transaction brought up a configuration/advert
>> screen only once, then there wouldn't even be
>> a story.

Actually this is pretty much what happens. Here is a snippet from usenet [google.com].

We elected to re-direct one http request to
the "Register Now" reminder page. (There is a link in a previous
posting if you want to see it) This page asks the user to register for
the service for a free 6 month trial. Now, granted this looks like an
ad. It should, it is intended to be informative and easy enough to
understand. At this point, the user can register or click "No Thanks".
Clicking "No Thanks" sets a flag in the Router to stop the Router from
re-directing every 8 hours to the reminder page.

In summary, you have to click 'no thanks' ONCE and you'll never see the thing again unless you do a hard reset of the router.

Re:Exactly

My fear there -- so now, when I click on a link and get re-directed to some arbitrary site, I'm supposed to click the "click here if you're not interested" link? Haven't we spent the last thousand posts making fun of users who fall for that?

--Tom

Re:Exactly

Waiter: "Hi, I'll be your waiter tonight."

Customer: "Great! I'd like a cup of the soup please."

[Waiter takes out a hammer, thwaps customer on skull]

Customer: "WTF was that for?"

Waiter: "Sir, I'll stop thwapping you on the head as soon as you TELL me to stop."

Customer: "Why the hell would I have to TELL you to stop?"

[Waiter thwaps customer once more]

Customer: "GOD DAMMIT!"

Waiter: "Just say 'Stop,' sir, and this will all be over..."

No... IN SUMMARY...

In summary you have bought a "router" that has its internal configuration updated by an external event.

That is, I (or anybody on the inside of my net, not just an administrator) can click on a link delivered from outside my area of control and that link SETS A FLAG IN MY ROUTER....???!

So now I have my router with its optional firewall support watching the data transport and reconfiguring itself in response.

This is such a bad idea it is unspeakable.

What if the first guy to see the web page and who isn't the rightful administrator, accepts?

How long until a nice buffer-overrun attack lets a malicious server reporgram my router?

How much of the CPU in the router is wasted looking at each HTTP request in search of this flag setting?

Belkin is "stealing" cycles and security from their customers.

Not smart.

Re:Companies like Belkin...

... Comcast, and others will eventually turn the internet into a cesspool - they're the ones with the hardware, the network infrastructure, and they will do whatever they can to wring extra money out of anyone they can. I predict that not far out, your bandwidth charge will be sold just like cable TV channels - for a basic fee, you have access to the HTTP channel (one way), FTP channel (one way), and the SMTP channel. For an extra fee, they'll provide access to the telnet channel. For even more, access to ssh/VPN/IPSEC channels. Eventually, I suspect they'll reign in all the ports that are used dynamically to facilitate certain kinds of connections, charging for access to them.

You may wonder how this happened: A Story.

One day, Belkin's router project manager Eric Deming was sitting around thinking, "How can we get $5,000,000 worth of bad publicity for free, and sink the company in an afternoon?"

Then he had an idea: "That's it! We'll abuse the trust of our customers, and get a story on Slashdot!

Re:You may wonder how this happened: A Story.

Here's my e-mail to sales@belkin.com
QUOTE
Hi,

I just want to let you know that I'm suspending purchase of several
accessories made by Belkin for my 30G iPod because of your blatant abuse of
customer trust (the router rerouter fiasco). Furthermore, I shall engage in
an active campaign among friends and family to make sure none of them buy your
products for the same reason. Being a geek by profession, a lot of my
non-tech friends take my advice for tech purchases. Since you've been
featured on /. already, you can be sure there are many others who'll take
similar course of action.

I sincerely hope your bottom line will suffer enough for you to make an
official pledge never to ream your customers again. Or that you go bankrupt
(financially, because morally you obviously already have).

I feel betrayed, having recommended your products (even when priced above
competition) for corporate and personal purchase so many times in the past,
because of build quality I can count on. However, build quality is not
enough; integrity and ethics are just as (if not more) important, especially
at times of Good Enough Syndrome.

Is this (http://slashdot.org/comments.pl?sid=85076&cid=741 9620) what really
happened?
ENDQUOTE

There's a class-action suit brewing, I'll bet

I agree that if I'd bought one of those things and it started redirecting my traffic, I'd consider it defective and demand my money back. Belkin's really moronic to think that this won't backfire on them and result in an expensive class-action lawsuit. Maybe they can defuse a lawsuit by offering refunds to anyone who's upset at the feature, but I'm guessing they're too sold on their own flawed logic to understand that what they did is not going to be seen as anything other than making the product do something its owners didn't ask it to do, and that Belkin didn't tell them it would do.

I can smell the class-action attorneys lining up now.

Re:Here's the angle I would take...

Try their public relations manager (fitting, since this is a public relations nightmare). Be nice.

Contact:
Melody Chalaban,
Public Relations Manager
Belkin Components
501 W. Walnut Street
Compton, CA 90220

melodych@belkin.com
(310) 604-2347 direct
(310) 898-1107 fax
www.belkin.com

Here's my letter to their PR rep

Good afternoon.

My name is [name deleted], and I work as IT department manager for a medium sized company in [place deleted]. I write to you in light of the recent unveiling that Belkin are knowingly shipping routers that show commercials to the end users by hijacking HTTP connections.

I am not sure if the product manager, Eric Deming, who designed the product to not work as expected did so understanding the full consequences if - or, rather, when - this information would become public. The one reason Belkin's name has been held in high regard at the company I work for is because of dependability. When it turns out that Belkin is actively designing products to not work dependably, but instead display advertising at the user; that reputation of dependability... well... there's not much left of it. And, as you are aware, for every one of Belkin's products, there is a competing product.

It becomes much worse. It also turns out that Belkin has the ability to remotely modify the behavior of these routers. When I showed this fact to our network security people, they went ballistic and drove straight off to the local equipment store, only to come back two hours later with a bunch of boxes. 30 minutes later, there was a heap of discarded equipment in a disorderly pile in one corner of the networking room. The discarded items all carried the name "Belkin". I signed the receipt for the new equipment with a look, a sigh, and a nod.

To top it off, it seems that your Mr. Deming who designed this behavior believes that every outbound hijackable connection originates from somebody sitting at a computer and browsing the web. However, more important are the automated connections. What would happen if the backup for our commercial data, which is transmitted regularly over the Internet, instead was pushed to Belkin, due to this behavior? What would happen if virus or operating system upgrade connections were the ones hijacked? Heart defibrillating equipment has been mentioned - what would happen if the heart defibrillation monitor, trying to trigger the impulse with the charging equipment, is instead redirected to a Belkin advertisement? You know, telesurgery exists and does depend on a reliable Internet infrastructure, consisting of such boxes as yours.

This product has been designed to not work, despite charging good money for it. I lack words to describe how shameful this behavior is.

Additionally, if the Belkin corporate culture is one that allows such a technical atrocity to make it to the shelves for one product, then it is obvious it may happen again, or has already happened, for other products. However, rest assured that this company will never again buy another Belkin product as long as I run the IT department.

[signature]

Re:Here's my letter to their PR rep

Heart defibrillating equipment has been mentioned - what would happen if the heart defibrillation monitor, trying to trigger the impulse with the charging equipment, is instead redirected to a Belkin advertisement? You know, telesurgery exists and does depend on a reliable Internet infrastructure, consisting of such boxes as yours.

ANYONE stupid enough to do telesurgery over the common internet shouldn't be allowed to operate anyway. Think about the consequences of this for a second... Yes, the whole hijacking a connection is a bad idea, but this device is used almost exclusively by home users/very small businesses. Anyone thinking they are buying the equivilent of a cisco catalyst router with this $40 POS needs their head examined (preferrably through telesurgery over the common internet!)

Re:Here's my letter to their PR rep

Actually, this isn't a great idea anyway, but there are all *kinds* of things that have soft real time requirements on IP networks (granted, probably shouldn't be, but are).

Actually, I can think of a couple of reasons this is still an issue. What if it isn't on the Internet...does the connection just get dropped?

Does this device send out DNS queries to determine where to redirect stuff to?

What happens if you have a test suite for a web-based application and IT just added a Belkin piece-of-junk router? Bam, mysterious failures. You could spend a week trying to figure out what the sporadic errors you're getting are from.

What if you're using SOAP or similar software, and the software you're using doesn't deal well with mysterious crap coming back from the server?

Belkin is a piss-poor company that sells lousy hardware and overpriced cables.

They aren't on my "buy" list anymore, either (and I *have* purchased Belkin products in the past).

Re:Here's the angle I would take...

Uh, "spam" is not a feature I should have to turn off... Can you point to the RFC for this "feature"? No? Then it's defective...

Re:Here's the angle I would take...

If the router failes to take you to the requested address randomly it fails. This is oen of the worst ideas ever

Re:Here's the angle I would take...

I believe any router that knowing hijacks any connection *by default* is broken as designed. End of story. Does not meet my definition of a functional router. I don't care if I can turn it off. It's an abomination before God.

I think Belkin deserves every bit of abuse on this issue. They knowingly did something annoying to their customers only because they couldn't figure out how to sell this POS censorware service any other way. Screw them.

Meanwhile In Court...

"So Mr. Stevens, you are saying that you ordered an Extra Value Meal, and the cashier instead hauled off and punched you in the face."

"That's right."

"And so you are charging the cashier with assault."

"That's right."

"All right. Mr. Defense lawyer, what do you have to say to that?"

"Mr. Stevens: Did you specifically ask my client NOT to punch you in the face?"

"Huh?"

"What did you tell him exactly?"

"Um.. I told him, I would like a number three meal and a Dr. Pepper."

"I see, and that was all?"

"Um, yes."

"Not that you wanted a number three meal, a Dr. Pepper, and to not be punched in the face?"

"Uh.. no, just the #3 and the Dr. Pepper."

"Your honor. How can my client be expected to be held responsible for this when Mr. Stevens was unclear about what he wanted? Had he configured his order correctly, my client would not have punched him in the face. So why is my client the one to blame? What do think Mr. Stevens expected to have happened?"

"Hmm, excellent point. Case dismissed."

Re:Here's the angle I would take...

machines on his network redirected to an ad for Belkin's new parental control system, following a software update.

And Belkin can turn it on again just as easily.

From Belkins response:
"I know the manual could do a better job explaining it."
Badly worded by design.

Amazon (eBay?) did the same sort of thing. "We rewrote the privacy policy recently"
(Oh, and in doing so, we reset your privacy settings. You now will get spam from us. To change it, visit blahdeblah.com). They never proactively told anyone, until it was found out and published.

Some other ideas...

What's next? Will the phone you buy occasionaly redirect your call to a telemarketer? Will your TV remote automatically switch channels to an infomercial? Maybe your car radio could redirect your listening to a clear channel station every
8 hours. These are business models I need to patent...

Re:Some other ideas...

I'm looking forward to to car that randomly turns left when you turn the steering wheel to the right.

Re:Some other ideas...

I'm looking forward to to car that randomly turns left when you turn the steering wheel to the right.

Come to WA state: it appears that most drivers here are already using them, if their apparent road-sense is anything to go by...

Re:Some other ideas...

Judging from the general mood of this formerly great nation, far more likely, I think, that there'd be a car that steers to the right even though you're trying deperately to bear left.

Re:Some other ideas...

I heard Diebold already has a patent on that.

Re:Some other ideas...

Actually, with GPS and some online maps that show restaurant locations, you might want to turn right, but your car thinks you'd much rather pull in for a Big Mac... or maybe it's time for an oil change? Of course! The big republican party pep-rally is only a few blocks away, you wouldn't want to miss that, would you citizen?

Re:Some other ideas...

What's next? Will the phone you buy occasionaly redirect your call to a telemarketer? Will your TV remote automatically switch channels to an infomercial?

My TV does change channels automatically to infomercials. I have a TiVo, and one of the "features" is that at the top level menu you'll often see ads that you can choose to watch. The TiVo grabs these late at night when it thinks nobody watches TV... unfortunately if you watch live TV around 1 or 2 in the morning you'll find yourself having to opt-out of a channel change to record "TiVo enhanced content" every ten minutes or so.

(annoying, and I wish there was a way to opt-out of this once and for all, but I'm still a big TiVo fan, and they gotta make money to stay afloat, so I put up with it)

Re:Some other ideas...

Will your TV remote automatically switch channels to an infomercial?

Not my TV, but my cable TV set top box does. Telewest (UK) just upgraded their menu systems. Now, whenever I select the [GameZone] menu option, whichever cable channel I listen to (even the BBC World News radio) is automatically switched over to the FrontRow trailer preview - No negotiation. As soon as I leave the GameZone, the channel is automatically switched back to whatever channel was playing when I started, even if the FrontRow channel is now playing a trailer I want to see.

It's good to see that cable TV system developers really know how to design good user interface.

Re:Some other ideas...

The difference here is that your TV remote is not sending any confidential information. HTTP requests often contain all kinds of secret info (in the form of POST requests). The analogy with the TV remote doesn't go far enough.

Imagine that that you are about to post a message on your private blog about some hot sex session you had a few nights ago (yeah, unlikely I know). As is the norm, the information will be transmitted in an HTTP POST request. This request is the one that happens to get rerouted to Belkin. Now Belkin knows all about your hot sex escapades.

Where I come from, this is known as wiretapping, eavesdropping, snooping, or something like that. It's highly fucking illegal and whoever at Belkin thought this was a wise idea should be clapped in irons. I'm seriously considering writing a letter to a law enforcement agency about this, I'm just not sure which one to pick!

Usenet thread

Here's the usenet thread [google.com] where this was first discussed. Especially noteable are the initial discovery [google.com], the response from Belkin [google.com] and the first response [google.com] to Belkin. After that it it's pretty much the same thing you can expect to see here on /.

Re:Usenet thread

From: ericd@belkin.com (Eric Deming)
Newsgroups: news.admin.net-abuse.email
Subject: Re: [OT-evil marketing] Belkin does Verislime one better - router spam!
Date: 5 Nov 2003 15:25:28 -0800
Organization: http://groups.google.com
Lines: 70
Message-ID:
References:
NNTP-Posting-Host: 67.98.73.254
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Trace: posting.google.com 1068074728 22743 127.0.0.1 (5 Nov 2003 23:25:28 GMT)
X-Complaints-To: groups-abuse@google.com
NNTP-Posting-Date: Wed, 5 Nov 2003 23:25:28 +0000 (UTC)

"JerryMouse" wrote in message news:...
> Mr. Uh Clem wrote:
>
> [...]
>
> What does Belkin say when you complain?
>
> I'd make their life miserable until they removed the offending software from
> my machine.
>
> You did not conset to this aspect of your machine's modification - this is
> nothing less than malicious.
>
> Raise hell.

I was made aware of this posting by an e-mail that was sent to
Belkin's tech support e-mail box. Since I am a product manager for
Belkin's LAN products and was very involved with the development of
the Parental Control feature, I feel that I can shed some light on
this subject. Firstly, without trying to sound too stand-offish, we
are not talking about SPAM here. For me to clarify, an understanding
of the Parental Control service will really be needed.

Since Parental Control is a subscription service, Belkin wanted to
make registering for the service very easy. Since the router actually
will work in tandem with an outside server (Cerberian,
www.cerberian.com) registration information needs to be collected and
sent to Belkin and Cerberian to activate an account. Traditional
methods of registration, such as asking the user to go to a website or
navigate to the Router's internal Web page to enter information didn't
meet the ease-of-use goal. We elected to re-direct one http request to
the "Register Now" reminder page. (There is a link in a previous
posting if you want to see it) This page asks the user to register for
the service for a free 6 month trial. Now, granted this looks like an
ad. It should, it is intended to be informative and easy enough to
understand. At this point, the user can register or click "No Thanks".
Clicking "No Thanks" sets a flag in the Router to stop the Router from
re-directing every 8 hours to the reminder page. (Again remember, only
one http request every 8 hours). Admittedly, there is no controlling
which computer on the LAN this message will pop up on. If the user
just closes the window without clicking "No Thanks", then the flag is
never set, and the reminders will continue. Now, if you are the type
that doesn't want to click the "No Thanks" button, then no problem.
Navigate to the Router's internal web interface (default IP =
192.168.2.1), click on the Parental Control menu. In the Menu, select
"Don't Remind every 8 hours" (This phrase actually varies a bit, but
you get the idea) then click "Apply Changes". DONE. Nothing to it. By
the way, this procedure might have to be done if your router is behind
a firewall. Reason: filter.belkin.com sends a response to the Router
to set the flag. Firewalls will block the response. This might explain
the problem in a school for instance.

We did this not to be evil, we did this to make sure that any
non-techy person (part of our target audience) would have ample
opportunity to opt in or out of the free 6 month trial of the Parental
Control feature. The Router doesn't collect information on you and
send it to Belkin. We don't have the ability to SPAM you at a later
time if you select "No Thanks" or turn off the Reminder manually. I
know this feature might be misunderstood and might PO some people. I
know the manual could do a better job explaining it. These are all
things that we at Belkin are working to remedy.

Re:MOD PARENT UP

...will greatly reduce the amount of uninformed comments in this discussion

no it won't. this is slashdot.

That is insanity

Ok if I buy say a Book from my favorite online bookstore and get it shipped UPS, I'd expect it to arrive as a book right?

But what if every one in 100 times, UPS thinks I might like a corporate logo bumper sticker instead of my book, they throw my book into the eternal void, and give me a UPS bumper sticker instead. I'm supposed to like this?

Bottom line: When I ask a package to get delivered, and for a certain package to be received, I WANT that package, not what they think I want. Whether it's a TCP/IP packet, or a book. I fail to see the difference here.

Bottom line, thanks to Slashdot I'm not buying my routers from Belkin (not that I'm a telecom person, but still I'd be careful if I ever had to).

Re:That is insanity

Bottom line, thanks to Slashdot I'm not buying my routers from Belkin (not that I'm a telecom person, but still I'd be careful if I ever had to).

This is their wireless router -- it's made for home use, not for telecomm use.

And don't just not buy routers from Belkin. Don't buy anything. No routers, no cables, no USB hubs, no keyboards, nothing. Belkin makes a great deal of stuff -- boycot all of it. There's not a single product they make that they don't have competition for.

And let them know about it too. Email them (look here [belkin.com] for the appropriate regional sales address) and tell them that you will no longer purchase their products until they apologize for doing this, put out a patch to fix it, and promise to never do anything along these lines again. Yes, I've already sent my email.

I've got a decent number of Belkin products... they're decently made, and often available for a good price. But there's no way I'll purchase anything from them at this point if I can't actually rely on the product to do it's intended purpose. And that's what this boils down to -- you have a router that doesn't route properly.

Re:That is insanity

This brings up an interesting point, though I don't know if the parent intended to make this point or just a joke/analogy out of it.

Since the router doesn't descriminate over whith HTTP request it overrides, what happens if it intersects a privacy-sensative transaction?

For example, if someone goes to pay thier bills online, enter thier biling info, click "submit"... then suddenly get an ad... what ramifications might that have?

That's a little more worrysome than getting an ad instead of some random page I might be trying to visit...
=Smidge=

great quote

In response criticism, a Belkin product manager came forward this week to confirm the behaviour was designed into the products as a way to make it easier for consumers to sign up to a free trial of its parental control software.

Also in the news: the American council for airbags has been hitting people randomly in the streets to make it easier to appreciate their products. Thanks!

Seriously, though, I don't 'get' how a company could think this would endear themselves to their customers. If Cisco pulled this shit on its customers and made all their routers randomly direct to their brand-new VPN product I think it'd make people stop using Cisco FAST

Re:I could see this coming

IHBT...

Bullshit. Slashdot is bombarding me with ads because I'm a cheap bastard and refuse to pay them for the content they provide me. Belkin's got the money I gave them for their router, they don't need to be sending me ads I don't want to see to make more money.

I couldn't disagree with you more...

It's a ROUTER. By design, it's supposed to deliver traffic to it's intended destination, to the best of it's ability, 100% of the time. Not route a request to some other place- that's not it's design (well, in the case of Belkin's routers, unlike everyone else's, that is...).

Unlike popups, etc., this is redirecting randomly selected packets going to port 80 (and probably the HTTPS port as well...) to thier server. Take a wild guess how many different things that just broke (SOAP, XML RPC, etc.). Like someone said, I hope nothing mission critical for you is on the inside of this stupid router- because it's BROKEN by design (And "configuring" the Router doesn't include turning frigging adverts off, either...).

It's got to be one of the stupidest things I've heard of in a long time done for the sake of marketing.

use a real router

Take an old Pentium I and put Smoothwall [smoothwall.org] on it. No more Belkin and Netgear routers you get for $50 at Circuty City.

Re:so..

Yes, it is a big deal.
First, the original poster on Google said that he got it, unannounced, as part of a router firmware upgrade. No warning or explanation.
Second, Belkin sells a product that is supposed to route Internet traffic, including HTTP. At certain, random points, it does not do that. Instead it sends out an advertisement to a user who has made a valid HTTP request. If Sony started selling a CD player that played a commercial for Coke once every 8 hours, would that be "no big deal"?
I'm not spending another cent on Belkin gear until they reverse the upgrade and pledge not to do it again. Otherwise, simple gear like routers will become spam engines.

Re:so..

..if you can disable it, and the instructions mention that you can and explain how to, is this really that big a deal?

Yes. Because routers route, period. And when they route, they're supposed to route correctly. Opt-out is bullshit, because it's saying "our product ships broken, until you unbreak it."

Re:so..

It's the difference between opt-out and opt-in. If Belkin's routers shipped with this "feature" disabled, who in their right mind would turn it on?

Re:so..

I have one of these gems and it redirects the three PCs going through it about once every two weeks. Incidentally, I have clicked the opt out href probably 5 times and each time it gives me an error message saying my request did not go through then I keep getting the redirects.

I was incensed enough about this that I read all the usenet posts in NANAE about it.

In the post by the Belkin employee he notes that clicking the opt out link won't wotk if you're behind a firewall, because the response won't get through your firewall and back to the router. To turn this off, you'll have to go to the local http page hosted by the router, and opt out there. (And I'm not sure even that would work for me; my firewall is set to block localhost (127.0.0.1) to localhsot connections too, unless I've explcitly allowed them for specific applications.)

Also, the Belkin employee proudly states that the hijacking occurs once every eight hours, so if you're only seeing it every two weeks, it may mean that applications other than your browser that make requests to port 80 (http downloaders such as emusic's, rss readers, various applications auto-updating or calling wget, perl scripts, python scripts -- all of these things on my system might make http requests) may be failing silently.

If you see one hijack in your browser every two weeks, that means there are 41 (3 * 14 - 1) http requests in those two weeks being hijacked that are not browser traffic. Given that silent failure, who knows what's been lost, corrupted, or delayed on your computers.

Naturally, I'll never purchase a Belkin product again, unless Belkin certifies that whoever thought this up, and whoever approved it, have been fired.

Selling me a product, claiming it does something, and then making it intentionally fail, in order to sell me another product? Then you'll never sell me anything again.

Redirect hardcoded?

Is the address it redirects to hardcoded, or can the router get hacked and a new address put in? Now that would be good PR for Belkin, someone hacks the router and redirects all web traffic to some porn site.

Re:Redirect hardcoded?

According to a unet link posted earlier in this thread the router gets a request from 'filter.belkin.com' that will enable/disable the 'feature'. So apparently there's a call that you can make over HTTP that will manipulate the router w/out a login. Now that's secure!

Re:Redirect hardcoded?

Totally theoretical, yet based on a hundred browser hijackers we've discovered at my site.

1.) Send a spam mailing which loads a java applet when opened.

2.) The java applet exploits the ByteVerify hole in an older version of M$ Java VM to drop a bad HOSTS file on the now-infected machine.

3.) Belkin router hijacks an HTTP request to their site, but the HOSTS file redirects that hijack to the second hijacker's site.

4.) The new hijacker's site can either be a pay-per-click search portal, or it can host more trojans to exploit a machine already proven to be out of date on its security patches.

This is not an extreme example at all and could be done very easily. I see this shit every day at my site's support forums.

When Verisign hijacked all mis-typed domain name queries, we started seeing a large number of trojans dropping bad HOSTS files that redirected sitfinder.verisign.com to their own sites.

Not in my house

Well, guess I won't be using any Belkin routers.

From the article:
"In response criticism, a Belkin product manager came forward this week to confirm the behaviour was designed into the products as a way to make it easier for consumers to sign up to a free trial of its parental control software."

Soooo.. it's spam, then. What a way of putting it mildly.

Should read:
"In response criticism, a Belkin lackey admitted a confirmation this week that the router will hijack an HTML request in order to advertise their product, for your convenience!"

Oh, this is bad

I really cannot believe this. This doesn't concern me as a censorship issue (doesn't appear as if censorship is built into the router itself... but without details on exactly how this parental control works, don't really know). It concerns me as a pure *annoyance* issue. I would absolutely flip out if my router dared to do this!

Everyone at Belkin should be ashamed of themselves. How could an engineer do this? He should be flogged with a cat-o-nine tails of twisted pair wire... this is evil, evil, evil.

Oh, and to the Belkin Marketing Department: Kill yourselves. Suck a tailpipe, hang yourself, borrow a gun... rid the world of your evil machinations. [ Just planting seeds [billhicks.com] ]

Wasn't this mentioned awhile ago?

I recall an old arguement against censorware was just this kind of intrusion.

The next step, of course, is for a hacker to hijack this "feature" and dump all of a routing companys customers to child porn, warez sites, or nigerian scams galore.

Then there is the temptation of the companies themselves, "You can turn this feature off only by submitting a valid e-mail address." Then they sell off these addresses to spammers worldwide for a profit.

This kind of stuff is worse than big brother. At least in 1984 they didn't force commercials down your throat.

Coming soon to a Belkin product near you!

Keyboards that occasionally type "www.belkin.com" when they detect you're typing a URL. (But you know, not more than once every eight hours, so it's OK.)

USB mass-storage devices that randomly delete files and replace them with .jpgs of happy people using Belkin products.

PC Speakers that say "Shop at Belkin!" every couple of minutes.

etc...

Thank you Belkin.

With the dizzying array of routers available for purchase, I've often been befuddled by the sheer number of choices that I have when buying new equipment. Which one is better? Why is this router $10 less than this other one when they appear to do the same thing? Which manufacturer should I trust with my data? With razon thin profit margins, and fierce competition in the IT hardware industry, such choices have become extremely difficult.

It's comforting to to know that Belkin has recognized my problem, and has stepped forward in an effort to solve it. They make it so much easier by saying...

"If It's Belkin, You Don't Want It!"(tm)

Thank you Belkin. With your new forward-thinking "Don't Buy Our Stuff" policy, I will be sure to stay on the lookout for other products that you offer, so that they can assist me in making difficult purchasing choices even easier.

This is typical.

This is your typical "Tech vs. Non-Tech" argument. The manufacturer did something to appeal to Non-Techs, and it offended many Techs. Hmm.. wonder if the whole Windows vs Linux thing falls into this category...

I just wish Belkin would offer firmwares/hardware *without* the "feature". Any hijacking of routed packets is wrong. Sort of like saying ... well, when you first buy your car, at some point it will drive itself to McDonalds, unless you tell it "no thanks". Oh and it might randomly do this in the future unless you turn the feature off. Regardless of wether you like McDonalds or not, we had added the feature out of popular demand...

Let me imagine this...

Emergency rescue team takes a patient to hospital. The patient is in critical state. Suddenly the driver pulls over and exclaims: "We're at the bar that is owned by our hospital manager. Would you like a hamburger?" "For god's sake, I'm dying! Do I look like I wanted a hamburger?!" "Okay, as you wish, but remember, that are best hamburgers in town!" and the driver resumes his way to hospital...

_Might_ PO some people?????

"I know this feature might be misunderstood and might PO some people. I know the manual could do a better job explaining it. These are all things that we at Belkin are working to remedy."

Oh please.

[grabs crotch] Remedy this!

Re:_Might_ PO some people?????

[grabs crotch] Remedy this!

Snip.

This Breaks web sites...

Consider that a user is in the midst of filling out a long string of forms. After hitting the submit button, the next HTTP request directs them to this AD instead of the intended web form. Their form chain is broken, and there is potential data loss, as the customer has to start the forms over again. This is a VERY bad precedent to set. If it was the very first page served by the router, that could be different... the first time I tunred on my home router it directed me to a welcome and setup page... which is quite different.

just my $2/100

In related news...

After a 18 hour operation, a router was removed from a belkin representative's rectum. When asked how the hardware device got there, all the man could say was "No. More. Spam. I. Promise...."

During the operation, the heart monitor seemed to have contracted a strange glitch; every 100th heartbeat a message about "Herbal Penis Enlargements" would pop up, blocking the stats"

Belkin belongs on fuckedcompany.

Belkin can modify your router settings?

I found this quote from Eric Deming in response [google.com] to the original newsgroup posting [google.com] quite interesting...

[quote]
By the way, this procedure (disabling the nagware in the router web-config) might have to be done if your router is behind a firewall. Reason: filter.belkin.com sends a response to the Router to set the flag. [/quote]

So Belkin deliberately left a configuration on the router to be modifiable by someone without proper authorization (the owner of the router or the network admin)? Absolute genius. Destroy your company's reputation 100% in one easy step: the backdoor(s) will piss of the geeks, and the nagware-advertising will piss off Joe Sixpack.

I suggest a new verb:

Belkin (verb) - To serreptitiously alter a product in such a fashion that legitimate use is hijacked to the benefit of the manufacturer or associated beneficiaries, usually in a crass self-promoting fashion.

It's a decent start at a definition. One could say "I installed this topdesk thing which totally belkined my browser". Let's make their name synonymous with bad behavior.

The ISP I used to work at did this

The ISP [dowco.com] I used to work at did this. They made a deal with a company called Adzila (one L, as I recall) that routed dialup traffic through a caching proxy web server. Stuff like Google's page would have a Dowco (or someone else's) ad at the bottom of it, or one of (say) the New York Times' ads would have one of ours susbstituted.

I was pretty unhappy with this, but was unable to convince my bosses that this was evil or risky. The company had apparently convinced them that they had checked it out with their laywers, and because they weren't changing the site's HTML -- they were putting outside Google's final </html> -- they were safe. (Never got an answer about substituting ads.).

I don't work there anymore, but last I heard it's still going on, and there's a few ISPs, at least in Vancouver, that are doing this. Scary.

I'm a Belkin Wireless router owner

I'm a Belkin Wireless router owner and I've never seen this problem. To be fair, one reason I might not have seen this problem is that I could never get the router to keep working long enough to see it. Even for the wired connections it would lock up frequently and completely lose track of time (important for this router since it supports time of day options, but you gotta figure something is wrong when it suddenly jumps back to the last century). Belkin "support" is worthless and would not even acknowledge several e-mails.

The device was replaced with another brand that works fine. Off line and collecting dust, I've never had a problem with it hijacking my HTML and inserting ads. Now I have another reason to not buy a Belkin product again, but I hardly needed one.

This could suck for automated HTTP

It's annoying enough to know that when you're sitting at a computer using a browser to surf the Web, a couple requests a day will get hijacked to the spam site.

But what about automated HTTP requests? You might be running some script to wget the latest greatest kernel source and instead it downloads a piece of spam. The hijacked HTTP request might come in the middle of a Gentoo build, or as you mirror a Web site and have a page replaced with an advertisement. You could be tunneling some other protocol over HTTP, and then who knows what this would do.

Very stupid and annoying of Belkin. If they wanted to make their parental control thing so easy to use, just include a CD that says "Put this CD into any computer on your network to enable parental control on your new Belkin router!" Newbies can figure that out. I don't want my own router launching some kind of spoofing attack on me three times a day just so I can view more spam.

Ease of use?

What I love is Belkin's claim that they did this because having somebody visit a page violated their "ease of use" requirement. What a joke! As if people can't type in a URL after reading a leaflet included in the box? Are they aware that people type URLs all the time without trouble? They could even install a desktop shortcut to make it even simpler.

Then their letter goes on to explain how to disable the feature in the router (so you don't have to wait to be randomly redirected to the ad), and the instructions are quite vague: navigate to 192.168.2.1, find the setting which says something like (they don't give exact wording or where to find it, just vague directions), and turn it off. Where's the "ease of use" in that? Are they suggesting that this should only be turned off by advanced users and that naive users should simply sign up for their services?

Why can't they just admit that they wanted to prominently promote their subscription-based service? It's not like it isn't obvious what they're up to or anything.

Belkin support

"Belkin support, how can I help you?"

"My router every once in a while replaces my URL with one for Belkin parental controls."

"That's correct."

"But I just spent half an hour filling out the web form, and it doesn't cache, so I have to do it all again."

"You can turn off parental controls by clicking on 'No thanks!'"

"So this is intentional?"

"Yes sir, it's a service to you, provided at no extra cost. It also comes with a free 6 month trial."

"But a router is supposed to ROUTE."

"It can do that, if you change the configuration."

"So, it comes intentionally misconfigured to fail once every eight hours?"

"It's not failing, it's offering a service."

"So it's spamming me."

"It's not spam."

"Why not?"

"Because we're offering you a service you might not know about."

"So it's intentionally misconfigured to send me spam on something I didn't request any information for, dropping my URL and information in the process?"

"Well, yes."

"You should really just kill yourself."

"You're right. Goodbye."

*BANG*

"Dang, should of told him to kill the marketting department first. Well, I can always call back..."

=Blue(23)

I called 'em up months ago...

...and spoke to someone in India who had no clue what I was saying and even less clue why I was upset about it. She kept telling me how to turn it off. I told her, "I've already turned it off! My issue is that it happened in the first place!" She told me how to turn it off. I hung up.

Glad to see someone else is pissed off about this. I turned it off in my router, got mad for an hour or so, and went on using my router.

Coincidentally, Belkin routers can't work with arbitrary MTU's over PPPoE, in case anyone needs further reasons not to buy them. I won't be buying another, even though mine works okay, sort of (I'm the netadmin for my ISP, so I can futz with things to make it work despite itself).

Jouster

Solution to all these problems

Sleazy tactics like this aren't going to end. Theres only one solution. We need to sit around and think up every sleazy, disgusting, wrong, and dishonorable tactic someone could use to pervert the internet and it's standards to make a buck. We take that list, and patent it.

Interesting!

So here's the sequence of events as I understand it:

1. Client initiates a connection to www.my-private-site.org on HTTP port.

2. Client is silently redirected to Belkin's site.

3. Unknowing client sends the HTTP request, a POST request which contains some sensitive information.

4. Belkin has now hijacked a connection and received sensitive information that was not intended to go to Belkin.

Logically the thing to do is prosecute Belkin under federal wiretapping and computer crime laws.

Two words: software updates

I swear to $DEITY, if 'apt-get dist-upgrade' ever gets me a Cisco-branded version of Mozilla by way of an HTTP hijacking, Jon Katz will be compiling a book of Slashdot comments about how I walked into their front office with a shotgun.

Did they even consider the potential liability issues when they came up with this scheme, or did they just say, "hey, let's roll with it"?

We're all part of the public, aren't we?

We're all part of the public, aren't we?

Contact:
Melody Chalaban,
Public Relations Manager
Belkin Components
501 W. Walnut Street
Compton, CA 90220
melodych@belkin.com
(310) 604-2347 direct
(310) 898-1107 fax
www.belkin.com

(this is (unless you get redirected by your router) publicly available information at www.belkin.com)

Re:A programmer is to blame...

The point is that geeks are to blame for this. The marketroids may come up with some stupid ideas, but who actually implements them?

Let me explain what might have happened at Belkin:

Middle Manager: "Hey, Geek-boy. Marketing have come up with a new feature they want in the wireless router."

SWEng: [reading Powerpoint slides] "An ad every eight hours? That's not what a router is for!"

Middle Manager: "I admit it's unusual, but Marketing really wants this, and legal says there's nothing in the law that prevents us from doing this."

SWEng: "You can't be serious. It's an affront to civilized behavior! It's a very bad idea."

Middle Manager: "Do it or you're fired."

At this point, the room becomes very quiet. The engineer thinks very carefully about this ultimatum. The economy is in a shambles, especially the tech sector. There is no shortage of people who would take his job in an instant. And he has a new wife with a child on the way.

Assuming the above scenario, and assuming the engineer capitulated, he has perhaps unwittingly caused the loss of his own job, anyway, once the full force of market backlash hits Belkin's revenue.

I agree that techs should stand up for what they see as ethical behavior, and refuse to perform work that violates it. But not all of them have the same degree of flexibility in enforcing their sense of ethics.

Schwab

Sorry Belkin

You have just guaranteed that I will never buy one of your products. Furthermore I'll make sure I tell anyone I know who is interested in consumer gear of your utterly slimy behaviour along with my recommendation to give you a wide bearth.

Another exploit using this "feature"

One thing that bothered me when reading through the descriptions of what this "router" does that nobody seems to have mentioned yet: what if some 31337 hax0r manages to crack Belkin's ad server? It wouldn't be difficult to change the page to exploit an IE bug and slip a Trojan onto unsuspecting users' machines - bingo, every new Belkin customer (and all those who haven't turned off the "feature") becomes a DDoS zombie, spam mailserver, or something else unpleasant.

Belkin hasn't just abused customers' trust and falsely advertised this piece of trash as a router, they have also opened up security holes for no other reason than advertising censorware. This behavior isn't just wrong, it's despicable.

A binary dump of the firmware reveals...

Some of the settings they're using....

OS parameters
os_name=linux
os_version=3.00.07
lan guage=English
user_conf_ver=1.01
kernel_mods=et wl slhc ppp_generic pppox pppoe ppp_async mppe
fw_src=http://networking.belkin.com/update/f iles/5 4g_router.html
route_check_host=heartbeat.belkin. com

NTP Default
ntp_dst_enabled=1
ntp_enable=1
ntp_time zone=5
ntp_sync_interval=1
ntp_server=192.43.244 .18
user_time_yr=1970
user_time_mo=1
user_time_ dd=1
user_time_hr=0
user_time_mn=0
user_time_up date=0

Cerberian
ceb_enable=0
ceb_email_enable=1
ceb _subsc=2
ceb_timeout=10
ceb_unavail_block=1
ceb _report_enable=0
ceb_expire=0

iapp daemon
iappd_oid=00:30:bd
device_type=1

DRM == "Censorship in the Router" (and the desktop

There seems to be a dearth of comments about the censorship possibilities mentioned in sethf's article, but it is a reality that is clearly in the works.

The DRM technology promoted by Microsoft, the MPAA, the RIAA, and our legislators (in the U.S.) are all that is needed to implement a network wide censorship of content on the web, in our email, and on any document or media file that traverses the web.

People asking Congress to regulate email, usually using spam as a justification, are asking Congress to assume the right to regulate the content of our private communications. The Patriot Act has already given the government the "right" to monitor it.

If Microsoft's DRM facilities are capable of the user control that they claim they are, then it would also be possible to block the transfer of any document that was not made with that technology, to track the origin of any document to the users computer and userid, and to filter traffic at the router for any specific document. Palladium would enable similar "features" to be implemented as well.

I believe that this is and always has been the motivation behind DRM, and that the censorship will be implemented not only to protect the media giants that currently enjoy monopolies on entertainment, but also to ensure that the message put forth by these companies as "news" will be able to continue unchallenged by smaller sources who are either more concerned for the factuality of what they are reporting, or are unfettered by the necessary allaiances between government and our large corporations and are thus not obligated to report only the sanctioned viewpoint.

Before anyone recommends the tinfoil hat, I'd just like to ask you to consider:

Is it a safe enough bet to allow to chance?

Can we assume that despite this capability being built into the network and our software it will not go unused?

Is a government that seems desiring to curtail our rights (while promissing the payoff of lower taxes) going to show enough restraint to not censor once it is capable?

Are the software and media companies actually idealistic enough to prevent this? or would they willingly participate with an opressive government as long as that government promisses to protect thier market position in the face of growing competition?

Am I overly paranoid for considering this to be a possibility?

Is paranoia justified in situations such as this?

New reply from Eric Deming

Just got this from Eric Deming. Funny, he's working late tonight!

From: Eric Deming [mailto:EricD@belkin.com]
Sent: Friday, November 07, 2003 10:05 PM
Subject: RE: defective router

Please be advised, we are working on this issue. Here is text from our latest posting to NANAE on google. It just went up, so it may not show up for a while.

All,

We at Belkin apologize for the recent trouble our customers have experienced with the wireless router/browser redirect issue. We unintentionally overlooked the effect this feature would have. We never intended to compromise the trust of our customers, and we never intend to do so in the future.

We are taking responsibility for this, and we will be offering firmware fixes early next week. We do not have exact details yet as we are still working on them, and will continue to work on them over the weekend. What we can tell you now is that each Router's firmware that incorporates Parental Control as an option will be changed.

I'll keep posting as things develop. Stay tuned...

Re:IT'S ON THEIR WEB PAGE, TOO!

That's my take on it too. They got bitchslapped for implementing a Dumb Idea, and they're now saying, "You're right, that WAS dumb... give us a few days and we'll fix it."

If a company makes a mistake, or even a major blunder, but owns up to it and fixes it, that tells me they really DO care about their customers. This is a far cry from a company that tries to excuse their behaviour and wants US to live with the consequences.

So while I won't buy this *particular* Belkin product, their behaviour is NOT deserving of an across-the-board boycott.

What people also forget in their rush to find "some other product, ANY other product" is that other companies may have implemented naughties that you don't yet KNOW about. So in your haste to punish the erring company, you may well be jumping out of the frying pan and into the fire.

Sometimes I think people who go off the deep end like this should be cast into the outer darkness the first time *they* majorly fuck up. That'd teach 'em a little restraint. ;)

Eric Canceled His Post!

Well, it gets better and better. It looks like Eric Deming canceled his original reply [google.com] (MessageID: c91e821d.0311051525.70aa9920@posting.google.com).

Wow, that was not the smartest thing to do. I mean, when you have a bunch of techies chasing you don't try and throw them off the sent with Usenet trickery. Use their weakness against them and throw pictures of naked women at them. :)

Belkin responds -- and digs a deeper hole

In response to my letter of indignation to Belkin, I received the same form letter many of you have received, signed by

Kannyn MacRae,
Business Unit Manager, Networking
Belkin Corporation

The letter makes it clear that Belkin still doesn't get it. The letter isn't an apology, it's an explanation, an excuse for Belkin's reprehensible conduct, and it's full of spin - that's the polite way of saying misinformation, which is the polite way of saying lies.

The letter begins by claiming that "a group of privacy advocates have targeted Belkin Routers". That's not the case at all - a single user posted [google.com] an explanation of Belkin's router's hijacking, and asked if anyone knew any more about it, in the usenet group news.admin.net-abuse.email. No group was involved, and there was no targeting.

The letter continues with a claim that "[t]he Parental Control registration page is not spam, adware or spyware. It is part of the setup process of the router. It does not "hi-jack" the browser." It is, apparently, part of the set-up process, but that's spam in and of itself: the user hasn't purchased Belkin's "Parental Control", but in the process of installing what he has purchased, the user is forced to sit through an advertisement for another Belkin product, whether or not the user has requested this advertisement. That's the essence of spam.

(And yes, I know that businesses like to claim that unsolicited advertisements are not spam if there is a "pre-existing" relationship with the customer, but that's bunk. Buying a product does not involve an implicit agreement to surrender my time to the manufacturer.)

Even if you're willing to by the argument that installing a product should be made more complicated and time-consuming by subjecting you to advertising, the reason that Belkin's received so much unfavorable publicity is not a one-time ad at install. The problem is the ads repeat indefinitely, every eight hours, until you, the user - Belkin's valued customer - takes some action to make them stop. And this is the same as he sneering spammer who sends you unsolicited email with a "click here to opt out" link. Not only does it steal your time, it steals more of your time before you can make it go away.

The letter goes on to state that "nor does Belkin have the ability to advertise to our customers using our routers as a conduit."

Wait a second, lady. This whole brouhaha started because Belkin continues to use its routers as a conduit to deliver customers to its ad for "Parental Control" every eight hours. If your routers didn't have that ability, we wouldn't all be telling you why we're not going to buy Belkin products anymore. This is a blatant lie, and an insult to the intelligence of anyone reading it. The page the router delivers users to is an ad. It's a solicitation to do additional business with Belkin.

The letter also claims that "[i]f a customer clicks "No Thanks" on the first prompt, the for Parental Control signup will no longer appear." Not entirely true. Belkin Manager Eric Deming admitted in a usenet post (since cowardly cancelled, but mirrored here [stevesobol.com]) that clicking "No Thanks" won't work for users behind firewalls. It also appears that the "No Thanks" gets reset if the router is reset, and anecdotal evidence suggests that the (low) quality of Belkin's routers makes resetting rather more usual than it should be - possibly as often as every 20 minutes [cnet.com].

The letter ends on a surreal note, "[the Belkin advertisement web page] is not a browser pop-up, this means that the Parental Control web page will only be displayed if the user opens the browser". Huh? It's not a br

Re:What the...?

"Uh. . . Clem" was the answer given by a character on a Firesign Theatre record We're all Bozos on this Bus, circa 1970, when asked by a computer for his name.

Re:One word: Cisco

That we won't buy. I mean, the 15' VGA extension cable (I don't have one, but...) could suddenly take over my monitor and display a 640x480x256 ad for Belkin porn filtering for VGA extension cables. The 25' and 14' Belkin network cables on my network could cause my site to display random ads, or worse, fry my D-Link router (or even worse, fry both the router and the $99 if damaged ADSL modem!) The 15' DB-9 extension cable could turn digital photos into ads (I don't use it anymore, but...)