AiProtection - Do I really need it?

[Rob Q]

DNSCrypt and Skynet

I don't really know much about addons but what are those? This is the first router that I've owned that lets me install addons.

 

[NGRhodes]

For the Trend tools to work automatically and be kept up-to date, its no surprise that analysis of activity is required to ensure the DBs that drive AI Protect and Adaptive QoS are kept up to date.

Up to you to make the decision if you are comfortable with Trend collecting this info in exchange for the service they provide.
To put into perspective, if I had privacy concerns about my internet usage, I would also need to eliminate transmitting my internet activity to my browser developer, OS developer, AV developer, ISP, websites that I visit, governments from being able to monitor and sharing my online activity.

 

[JaimeZX]

I choose to keep it enabled

Holy crap, what are your browsing habits???

I don't really know much about addons but what are those? This is the first router that I've owned that lets me install addons.

Rob - I had a million questions myself. I take no credit but tried to summarize everything I've learned into one post, see if this helps you...
https://www.snbforums.com/threads/h...ab-solution-pixelserv-tls-and-dnscrypt.45744/

 

[DonnyJohnny]

https://www.grahamcluley.com/anti-virus-companies-nsa-gchq-leaked-documents-reveal/

Key points from the above article:

1 "The latest article in The Intercept reveals documents leaked by NSA whistleblower Edward Snowden, which appear to indicate that the intelligence agencies are interested in spying on a host of anti-virus and security firms, with the intention of learning how to avoid their own attacks being detected by the software."

2 In a nutshell, the likes of GCHQ and the NSA want to write malware that will get past the defences of the anti-virus software. And ideally they would like the green light of legal immunity in order to proceed.

3 Trend Micro is also notably missing (from the NSA spy list) - which causes me to raise a wry smile as that particular firm can never seem to decide whether it’s Taiwanese, Japanese or American. Perhaps the NSA aren’t sure, either?

4 Of course, if attackers (whether intelligence agencies or common cybercriminals) were able to find vulnerabilities in anti-virus software then that could be immensely valuable to them. Anti-virus software typically runs with high privileges on computers, making them an attractive platform for exploitation.

5 In the same report, The Intercept reveals that the NSA were able to gather information about Kaspersky customers by monitoring communications between the anti-virus product and the company’s servers. In addition, the “Project CAMBERDADA” presentation, includes examples of intercepted emails sent to anti-virus companies about new malware samples found at customer sites.

So long as we need and use Internet, the worries of our data leaking never end. It is just about which side is faster and smarter in protect vs attack.
So we could only try to trust the defender as much as we could that they don’t abuse or lose our data. Just like bank. No choose we still need to use them even when we know they use our data for marketing and we have to trust them in securing our data and money.

 

[daviworld]

Ok so I've managed to block all asus/trend micro query's; it took a bit of work because it would still pull ipv6 dns querys even while they were on the block list.

The only way to accomplish that is to block ipv6 in dnsmasq or in dnscrypt; There is next to no info on blocking ipv6 for dnsmasq but you can block it easily with dnscrypt:
Edit /jffs/dnscrypt/dnscrypt-proxy.toml
find the line:
block_ivp6 = true

Block the following:
#Asus/Trendmicro calling home
#
192.168.50.2 fbsv1.trendmicro.com
192.168.50.2 fbsv2.trendmicro.com
192.168.50.2 ntd-asus-2014b-en.fbs20.trendmicro.com
192.168.50.2 gslb1.fbs.trendmicro.com.akadns.net
192.168.50.2 rgom10-en.url.trendmicro.com
192.168.50.2 trendmicro.com.edgesuite.net
192.168.50.2 slb1.fbs.trendmicro.com.akadns.net
192.168.50.2 activeupdate.trendmicro.co.jp
192.168.50.2 backup21.url.trendmicro.com
192.168.50.2 wrs.trendmicro.com
192.168.50.2 e5110.dscd.akamaiedge.net
192.168.50.2 dlcdnets.asus.com
192.168.50.2 wideip-dlcdnets.isoi.asia
192.168.50.2 dlcdnets-ds.asus.com.edgekey.net

While I applaud your diligence, you will end up going down a never ending rabbit hole, if you want true privacy. As a paranoid security nut myself, I had to find a balance and accept that some information will be out there.

In the information age, information is collected on you from birth. Your buying habit's are recorded(debit, credit, online transaction), your bank share's your personal information, some government institutes don't even properly protect your information and it can be easily attained if someone was looking for record's on you specifically. Your car is tracked everywhere it goes via license plate's, easily building a profile of where you like to go. As human's we are creature's of habit's, so simply watching and tracking somebody for a week or so, will give you a good idea of that person's behavior and typically how they spend their time on foot. The thing's you keep in your home, real aspect's about your personality. Your smartphone, pc, and router all have closed source aspect, and as such can not be fully trusted. If you want true privacy from your tech you would have to build all the hardware component's on top of the software component's from scratch. To take it a level further, you could even design your own code & engineer your own hardware, so there's no documentation on it. Camera's are everywhere and you are always being tracked anytime you step outside. Pretty much, if the NSA or whoever wanted a profile on you, all they would have to do is gather all the individual pieces of information on you since you have been living and combine it altogether to get a idea of who you are, what you like or dislike, etc.

Here's a discussion I was having on malwaretips regarding online privacy. This was my response on that thread.

"I chose yes. Why?

Simply because you need to know your targeted threat level toward's yourself, so you can accurately assess your security posture. There is no such thing as 100% security & privacy, and everything made by human's has flaw's. Similarly, all human's can't be monitored all the time by other human's or data constantly abused due to our biological limitation's. Which is why we build algorithms, A.I, and machine's to compensate for our lack thereof.

I believe as a US citizen, I could thwart an individual hacker with limited resources and time. However, a state-backed actor with resources and unlimited time to target me with all their backdoor access, exploit's, and gag-order's, and control over the infrastructure would be much more difficult to impossible to prevent. Weather that be in-house(NSA, FBI) or out house (GHCQ, KGB, etc).

However you can make it difficult to build up a profile on you by utilizing pseudonyms, using burner phone's, prepaid card's, and paying with cash when possible. Choose and control who you want to potentially hack you, such as I would use Chinese or Russian Service's due to them not potentially wanting to share intelligence with US intelligence

Don't think you won't be hacked, there is only two target's out there. Those who have been hacked, and those who haven't been hacked yet. Backup, Backup, Backup, this will save you from almost any foul play. Think of your security posture as a first line of defense that will prevent most, not all attacks and plan accordingly.

Lastly, privacy is in a direct war with convenience in the information age. Some level of privacy is attainable, but at what cost to your convenience? So, it boil's down to what do you value more, your convenience or your privacy?"

 

[PDinDetroit]

It is not a question of "if", only a matter of "when". A PCI-DSS Auditor once told me this, very true.

Hide in plain sight is what I try to practice. Nothing that I am doing really raises suspicions and I am already on "lists" due to some of my activities over the years, like for example fighting for Firearm Rights. What I post publicly is exactly what is "expected"...

 

[Darcy]

Well said @daviworld; I like to see all of this security stuff in the technological era as an evolution that is taking place mirroring the same qualities we see in nature. In nature we experience viruses, flu's, parasites and all the rest; The body has to continuously adapt to the environment and all its changes, as we learn and grow... The body does most of this on its own; though there are certain things one can do to enhance their immunity and recovery without turning into a pathological hand washer carrying around a bottle of hand sanitizer everywhere they go. Computer security is no different; you need some wisdom, experience, and a will to keep yourself clean from the parasites and viruses in human / AI form looking to cause harm. What doesn't kill you will make you stronger, and maybe what does will too. At this point I feel you can never be too informed and educated; the internet is a wild place and you need quality gear if you want the best of without the parasites having you running around in circles all day long just to keep your gear up and running; The Turris Omnia is looking mighty fine about now; I appreciate the simplicity of configuring the Asus routers, all the dedication and hard work that has gone into the addons and extensions for it by this thriving battle hardened community; Turris has only been around for 2 years so it still needs some work but as long as I can get some of the same features working like dnscrypt and adblocking I'm a happy camper given its unmatched security, configurability, and long term usability; Get one now you should be good for another 7-10 years at the very least. https://omnia.turris.cz/en/

Is this router available in the USA?


Sent from my iPhone using Tapatalk

 

[ironclad]

I decided not to enable any of the EULA required features. The protection claimed seemed like a lot of hot air.

 

[JaimeZX]

What you're getting is access to signatures that TM has collected from around the intarwebz. That way the router knows what "malicious data" looks like (based on history) and can block it that way. What you're giving up is data that TM can use to generate signatures. And... who knows what else? Companies don't do anything for free, right? So best-case scenario they're using metadata from your browsing _if_ you get hacked in order to generate a history and build signatures. Worst case they're selling it on to someone. Either way your data brings them value.

Now, if you're paranoid about the global intelligence services... they don't have unlimited budgets and manpower. While this comes almost painfully close to "if you're not doing anything wrong, then you have nothing to hide..." it's more like "if you're not a terrist or adversary actor, ain't nobody got time for you." Don't stay up late worrying MI5 is up in your bidness. For 99.999% of the population, they don't have the time or resources to care.

 

[Odkrys]

It is hard to grab both security and privacy.
Build firmware without Ai-protection or use john fork.

 

[telUK]

Do most who own an Asus router have AI protection enabled then?

Ive never even gone into the setting, I gather its disabled by default.

 

[eddiez]

@Rob Q AI Protection calls home to the US, DoD. https://www.snbforums.com/threads/a...g-home-to-us-dod-department-of-defense.46179/

Not true. You might want to correct your statement...

 

[Mister Craft]

No issues with Netflix on my 88u

I can second this. There are no issues on my 88u either.

 

[Mister Craft]

I really don't know if there are real privacy in the internet world.
Facebook, Google, Microsoft, Apple and many many more of these company has been sniffing at our data. So really..
Better off your internet and stay in the cave. Haha...
The recent facebook incident is making people say delete facebook. I looked at those articles and comments. These people should just stop using their smart phone and internet.

Off topic. Hahaha.

Anyway, better safe than sorry. All I can say.

Heaven forbid we start sniffing their servers then we go to jail. Gotta love big money paying off politicians [emoji23]

 

[KevTech]

Do most who own an Asus router have AI protection enabled then?

Ive never even gone into the setting, I gather its disabled by default.

I don't use it.

Never have and never will as I don't need another security product inspecting packets and slowing down my network.

 

[BobbyFlobby]

So does this thing call back to the DOD etc or not?

 

[skeal]

So does this thing call back to the DOD etc or not?

As you can see use of this is up to what you need. Personally I would trust Trend-Micro over lets say Symantec or McAfee or even Eset. It's up to you. It consumes some ram, but unused ram is wasted ram. Those with "tin foil hats", think that the company has time to look at them individually, instead of in the collective data idea. But hey what ever blows your hair back. Again personally, I wouldn't be without Trend Micro, Skynet, Diversion, and now Stubby. Security is a multi layer approach, does it call the DoD? Somehow I wonder....really....seriously, what are we selling drugs, or something? Take the Tin Foil hat off people, or just read up on the company. I recommend the program.

Edit: Spelling, grammar

 

[BobbyFlobby]

As you can see use of this is up to what you need. Personally I would trust Trend-Micro over lets say Symantec or McAfee or even Eset. It's up to you. It consumes some ram, but unused ram is wasted ram. Those with "tin foil hats", think that the company has time to look at them individually, instead of in the collective data idea. But hey what ever blows your hair back. Again personally, I wouldn't be without Trend Micro, Skynet, Diversion, and now Stubby. Security is a multi layer approach, does it call the DoD? Somehow I wonder....really....seriously, what are we selling drugs, or something? Take the Tin Foil hat off people, or just read up on the company. I recommend the program.

Edit: Spelling, grammar

So you are calling people questioning if it sends data to the DOD tin foil hat wearers, however you yourself run 4 different security tools.
In the end its almost a moot point, as every single software/hardware you install or own could be doing the same thing with or without your permission, would just be nice to know if someone has tested this particular AiProtection to see whats up.

 

[skeal]

So you are calling people questioning if it sends data to the DOD tin foil hat wearers, however you yourself run 4 different security tools.
In the end its almost a moot point, as every single software/hardware you install or own could be doing the same thing with or without your permission, would just be nice to know if someone has tested this particular AiProtection to see whats up.

Plenty of info on this forum. Just search my friend, I'm just saying there are some for and against. I'm not judging just having fun.

 

[Zonkd]

AiProtect and similar 'features' are not my cup of tea. Merlin reports he is confident using AiProtect accepting the Trend Micro EULA. Other people don't like the data collection and privacy policy or lack trust after some spyware Trend Micro put in some unrelated software. I can't justify using AiProtect. All I recommend is SSHing into your router and installing AMTM Asus Merlin Terminal Menu by @thelonelycoder. From there you can quickly install Diversion, Skynet and MAYBE DNSCrypt if you're up to it. It might require some reading/learning, but if you're into that sort of thing anyway then go for it.