TP-Link routers and Deco Wi-Fi mesh systems caught sharing traffic with third-party vendors

The last link says it sends "all your traffic". This is nonsense. If my internet connection is 1000/50 how can it send all 1000 traffic over the 50 upstream. They are seeing DNS queries. Those can be used for anything but most often used to check is the network is online. That could explain the high frequency of such queries. Someone could do packet sniffing to see what traffic actually goes out and where.

I wonder if whatever is behind this is part of the reason Tp-Link is rumoured to be shutting down their KASA line of smart plug/switch products.

I bought into KASA due to comments from many reviewers that they do not phone home like other smart plugs.

.

alpovs wrote: ↑The last link says it sends "all your traffic". This is nonsense. If my internet connection is 1000/50 how can it send all 1000 traffic over the 50 upstream. They are seeing DNS queries. Those can be used for anything but most often used to check is the network is online. That could explain the high frequency of such queries. Someone could do packet sniffing to see what traffic actually goes out and where.

not sure if you are trying to defend tp-link here, but i think you are just being nitpicking on details. the point is that the high frequency of queries remains the same whether you had that "home guard" thing enabled or not.

NewsyL wrote: ↑ I wonder if whatever is behind this is part of the reason Tp-Link is rumoured to be shutting down their KASA line of smart plug/switch products.

I bought into KASA due to comments from many reviewers that they do not phone home like other smart plugs.

prolly not. if anything it looks like tp-link is replacing the kasa brand with tapo brand: https://www.theverge.com/2022/1/4/22865 ... ts-homekit

that being said, i do have a few kasa smart switches installed at my home, with pfsense as my router with pfblockerng to block suspicious traffic. and pfblocker has in the past blocked quite a few fishy requests done by the kasa switches, which i kinda expected anyways as with any IOT/smart devices regardless of brand, especially smart TVs.

i have no idea what kind of data the fishy requests were, but i put all my IOT devices in its own isolated subnet/vlan, so my perosnal non-IOT-related data should be safe

but again, this is to be expected with smart devices (snoop around for data if given the chance to), but for routers to collect data without your consent...i think most people would find that unacceptable IMHO

chroma_cg wrote: ↑ not sure if you are trying to defend tp-link here, but i think you are just being nitpicking on details. the point is that the high frequency of queries remains the same whether you had that "home guard" thing enabled or not.

I am not defending anybody. I am bringing common sense. All traffic can't be sent over the 20-30 time slower upstream. Not all DNS queries mean that data was sent upstream. Look at how crazily GeForce Experience queries their servers:


I am not saying what TP-Link is doing is good but it just can't send all traffic upstream. It's paranoia.

I don't like such behavior either. I block such queries. Amcrest cameras are known to do this. I block any internet access for them.

alpovs wrote: ↑ I am not defending anybody. I am bringing common sense. All traffic can't be sent over the 20-30 time slower upstream. Not all DNS queries mean that data was sent upstream. Look at how crazily GeForce Experience queries their servers:

i agree that you cannot reroute all your traffic to another place (unless you use a VPN for example). the OP in the reddit post prolly meant that the router is collecting data for "all traffic" as supposed to "literally all traffic" which would make more sense. that's what i meant by "nitpicking", as in the wording of the reddit post title

and just close geforce experience when you are not using it (i only load it just to check for driver updates and nothing else); the DNS queries will stop (though i agree it's also excessive while its running).

chroma_cg wrote: ↑ i agree that you cannot reroute all your traffic to another place (unless you use a VPN for example). the OP in the reddit post prolly meant that the router is collecting data for "all traffic" as supposed to "literally all traffic" which would make more sense. that's what i meant by "nitpicking", as in the wording of the reddit post title

and just close geforce experience when you are not using it (i only load it just to check for driver updates and nothing else); the DNS queries will stop (though i agree it's also excessive while its running).

When I read the reddit post, not only the title, I had an impression that the poster was serious about sending all traffic.

I installed GeForce Experience with the intent to stream games to the Shield. It's running on the headless server, so it was meant to be always on. The queries are blocked, so it's OK. It's just how insistent it is.