AiProtection question

[Val D.]

it was given permission at install to do what it did (by the user)

Yes, and the users give permission to run their software on routers too, because no one actually reads the agreement carefully. Not sure what is the main goal here - user protection or data collection. Usually, with software packages provided for free or included in some other software packages (firmware, for example), it's the data collection. As per AiProtection agreement, users give them access to almost everything, including files and emails. Whoever wants to enable TrendMicro services on ASUS routers, feel free to do so.

Blindly trusting without doing the testing and certification it says it does.

Imagine what is happening on Google Play store. You can upload there almost anything.

 

[L&LD]

Yes, and the users give permission to run their software on routers too, because no one actually reads the agreement carefully. Not sure what is the main goal here - user protection or data collection. Usually, with software packages provided for free or included in some other software packages (firmware, for example), it's the data collection. As per AiProtection agreement, users give them access to almost everything, including files and emails. Whoever wants to enable TrendMicro services on ASUS routers, feel free to do so.



Imagine what is happening on Google Play store. You can upload there almost anything.

Yup! Refuse to use google either. (Even if I still use the term when I mean 'to search').

 

[Val D.]

Yup! Refuse to use google either.

Well... Google, Apple, Microsoft, etc. world services companies are unavoidable. We need computers and mobile communications, they are in control. But we can at least avoid some other smaller players, lining up for a piece of the user data pie. Actually, TrendMicro's approach is not bad. Why to fight for user data on a single device when you can have access to a whole network? Show the users some scary messages from time to time and you're in business.

 

[Smokey613]

If you “withdraw” from the TM agreement, will this impact the QOS settings if you are using FreshJR script?

 

[L&LD]

If you “withdraw” from the TM agreement, will this impact the QOS settings if you are using FreshJR script?

Yes. No QoS without accepting the agreement.

 

[Val D.]

If you “withdraw” from the TM agreement, will this impact the QOS settings if you are using FreshJR script?

Yes, Adaptive QoS still relies on TrendMicro services. You can run Traditional QoS though, it's done on the router and doesn't require TrendMicro services. Due to CPU processing traffic (hardware acceleration disabled), the maximum speed will be limited according to CPU type. With a fast router as RT-AC86U it is up to about 400-500Mbps. If your ISP speed is 250Mbps and up, you may not need QoS at all.

No QoS without accepting the agreement.

No Adaptive QoS. It's not working properly anyway.

 

[Phil Outram]

What’s your OpenVPN ip Pool?

Local subnet containing the windows server is 192.168.0.x with a class c netmask (255.255.255.0)

VPN subnet is 10.8.0.x class c netmask (255.255.255.0)

What subnet masks are you using on your networks?

 

[Wingsfan87]

Doesn't sound like a router issue. Have your verified on your Windows PC hosting the file share that in your Firewall rules for SMB sharing you add the remote subnet into your allowed scope? It's probably blocking it at the windows firewall.

By default remote subnets can't access file shares unless you update the scope.

 

[andresmorago]

Local subnet containing the windows server is 192.168.0.x with a class c netmask (255.255.255.0)

VPN subnet is 10.8.0.x class c netmask (255.255.255.0)

What subnet masks are you using on your networks?

Local network 10.0.0.0/24
Vpn network 10.0.1.0/24

aiProteccion blocks windows shares requests from 10.0.1.2 to 10.0.0.7

 

[andresmorago]

Doesn't sound like a router issue. Have your verified on your Windows PC hosting the file share that in your Firewall rules for SMB sharing you add the remote subnet into your allowed scope? It's probably blocking it at the windows firewall.

By default remote subnets can't access file shares unless you update the scope.

Please see See first post: Aiprotection shows that it’s actually blocking the connections. Windows firewall is disabled.

 

[#TY]

Damn, I guess I shouldn't have turn AiProtection on then. I'm going to switch it all off now once and for good.

 

[martinr]

Damn, I guess I shouldn't have turn AiProtection on then. I'm going to switch it all off now once and for good.

I’m not sure which post your “damn” is referring to

Anyway, as for the privacy side of things, it gets discussed regularly (done to death, as I think one of our contributors put it). You might want to have a look Merlin’s comments:

https://www.snbforums.com/threads/384-6-now-sharing-data-to-trend-micro.48202/page-7#post-458680

and

https://www.snbforums.com/threads/aiprotection-do-i-really-need-it.45891/

https://www.snbforums.com/threads/t...stealing-and-uploading-browser-history.48789/

a couple of the more recent discussions. (I’m keeping mine on.)

 

[^Tripper^]

Also, if you’re running a dual WAN setup, you may want to keep it on; skynet does not support dual WAN setups. FYI.

 

[#TY]

No dual WAN here.

 

[Wingsfan87]

Please see See first post: Aiprotection shows that it’s actually blocking the connections. Windows firewall is disabled.

My bad totally overlooked that. I was basing it on past experience where I didn't realize Windows firewall blocked other subnets by default even with file and print sharing enabled. Also I haven't seen AI protection ever block anything like that.

 

[Phil Outram]

Local network 10.0.0.0/24
Vpn network 10.0.1.0/24

aiProteccion blocks windows shares requests from 10.0.1.2 to 10.0.0.7

Strange, still why not try changing the vpn subnet to something in the 192.168.x.x range, or maybe 172.16.x.x?

 

[Val D.]

You might want to have a look Merlin’s comments:

https://www.snbforums.com/threads/384-6-now-sharing-data-to-trend-micro.48202/page-7#post-458680

Or better look directly at TrendMicro provided information:
https://www.trendmicro.com/en_us/about/legal/privacy-policy-product.html

You provide the following types of information and personal data when you use and interact with our products and services...

• Product information, such as MAC address, device ID,
• Public IP address of the user’s gateway to the Internet
• Mobile/PC environment
• Metadata from suspicious executable files
• URLs, Domains and IP addresses of websites visited
• Metadata of client/device managed by gateway product
• Application behaviors
• Customer behavior [See Hedwig]
• Information from suspicious e-mail, including sender and receiver email address, and attachments
• Detected malicious file information
• Detected malicious network connection information
• Debug Logs
• Network Architecture/Topology
• Screen capture of errors

How many ASUS users clicked "Agree" without reading the list above? The link is right there above the button.

 

[andresmorago]

Strange, still why not try changing the vpn subnet to something in the 192.168.x.x range, or maybe 172.16.x.x?

it doesnt make any sense. if either works or not on any subnet