New to ASUS routers, freaked out by Trend Micro

[Warbird]

Should I be concerned about this router's propensity to send data to Trend Micro?

Couple Questions regarding Trend Micro and their EULA (which I have not read):
1. Is Trend Micro just another AV outfit like Kaspersky?
2. How is Trend Micro affiliated with ASUS?
3. Why do so many features like Traffic Monitoring require sending data to Trend Micro?
4. What kind of data is sent?
5. Obviously just a simple list of IPs could be used nefariously. But are they selling any of it to third parties?

Sorry if these have been covered, which I am sure they have, I did search the forums.
Thank you

 

[OzarkEdge]

Couple Questions regarding Trend Micro and their EULA (which I have not read):

Also read the links on Administration\Privacy:

Global Privacy Notice | Trend Micro

Read Trend Micro's Global Privacy Notice.

www.trendmicro.com

Smart Home Network | Data Collection Notice

Smart Home Network includes the following modules which, when enabled, will cause the corresponding data to be transmitted to Trend Micro.

esupport.trendmicro.com

OE

 

[paulbates]

ASUS use trend micros services to add features to their products and differentiate them. This includes the list of features you referenced. If you want those features, that's how asus provide them.

On the administration privacy tab, there are links that talk about what data is collected and transmitted and and how it's used.

I've had ASUS routers for about 6 years and I've always used these services. I've only had it raise issues in the malicious site blocking tab. As I've moved to DNSs that provide some of this functionality, I get less things flagged under the AI protection tab, but as recently as last week something came up there... So I leave it on.

 

[Warbird]

Also read the links on Administration\Privacy:

Global Privacy Notice | Trend Micro

Read Trend Micro's Global Privacy Notice.

www.trendmicro.com

Smart Home Network | Data Collection Notice

Smart Home Network includes the following modules which, when enabled, will cause the corresponding data to be transmitted to Trend Micro.

esupport.trendmicro.com

OE

Thank you, This confirms my concerns.

 

[Warbird]

ASUS use trend micros services to add features to their products and differentiate them. This includes the list of features you referenced. If you want those features, that's how asus provide them.

On the administration privacy tab, there are links that talk about what data is collected and transmitted and and how it's used.

I've had ASUS routers for about 6 years and I've always used these services. I've only had it raise issues in the malicious site blocking tab. As I've moved to DNSs that provide some of this functionality, I get less things flagged under the AI protection tab, but as recently as last week something came up there... So I leave it on.

Thanks Paul,

I do use a different DNS (OpenDNS) as well. I will try AiProtection. Another concern is alerts requiring my email account password, not good and not necessary.

Curious, you are using Merlin? Which I assume is a 3rd party open source firmware like DD-WRT? What benefits does it provide. Interesting it includes the AiProtection layer? How is that?

 

[RMerlin]

I do use a different DNS (OpenDNS) as well. I will try AiProtection. Another concern is alerts requiring my email account password, not good and not necessary.

Mail notifications are totally optional.

 

[OzarkEdge]

Thank you, This confirms my concerns.

I found this TM page with lots of reading... more about TM activities in general than about AiProtection in particular. We're all being exploited some until governments get there acts together and lay down the consumer protection law:

Data Collection Disclosure | Trend Micro

Notice the Yamaha router mention!

OE

 

[Warbird]

Thank you all. I found this description of Merlin,

.

 

[paulbates]

Thanks Paul,

I do use a different DNS (OpenDNS) as well. I will try AiProtection. Another concern is alerts requiring my email account password, not good and not necessary.

Curious, you are using Merlin? Which I assume is a 3rd party open source firmware like DD-WRT? What benefits does it provide. Interesting it includes the AiProtection layer? How is that?

As rmerlin points out, the email and password are for forwarding notifications. I use a house specific email account so my personal emails cannot be compromised. This uses rules to send it to pushover along with drive backup, HA, alarm system notifications. All these can be turned over to the new owner when I sell the house.

You found Merlin info.. I think of it as the stock firmware on steroids... some new features and deep, significant community support.

 

[Tech9]

We're all being exploited

Very common for "free" services. You pay with your data for the services provided.

 

[OzarkEdge]

Very common for "free" services. You pay with your data for the services provided.

Now there's an enlightening observation/justification we've all seen a bazillion times.

OE

 

[paulbates]

Think about anything you want to use online, the pop-ups in the way before that require endless scrolling and the Accept button at the bottom to get by.
I do turn a lot of "free" things down because of it. But if you're online, which we all are, do you ever really escape it, even with vpns, etc?
There's risks, weigh and decide...

 

[Tech9]

At least TrendMicro components are optional, not built-in and activated by default. There is a choice.

 

[Warbird]

As rmerlin points out, the email and password are for forwarding notifications. I use a house specific email account so my personal emails cannot be compromised. This uses rules to send it to pushover along with drive backup, HA, alarm system notifications. All these can be turned over to the new owner when I sell the house.

What I fail to understand is why does the router need the login credentials to my email account, just to send an email?

 

[RMerlin]

What I fail to understand is why does the router need the login credentials to my email account, just to send an email?

Because open relaying has been unsupported by SMTP servers for well over a decade now. Any SMTP email relaying requires an authenticated user. And the router cannot directly deliver into the mailbox because it would be blocked by any half-decent spam filter, for breaking SPF/DKIM validation (your home IP address is not authorized to relay emails for the gmail.com domain, for example), and coming from a dynamic IP with no valid RDNS entry (that also gets blocked by most spam filters).

Basically, it's a technical requirement of modern SMTP.

 

[Warbird]

Because open relaying has been unsupported by SMTP servers for well over a decade now. Any SMTP email relaying requires an authenticated user. And the router cannot directly deliver into the mailbox because it would be blocked by any half-decent spam filter, for breaking SPF/DKIM validation (your home IP address is not authorized to relay emails for the gmail.com domain, for example), and coming from a dynamic IP with no valid RDNS entry (that also gets blocked by most spam filters).

Basically, it's a technical requirement of modern SMTP.

Thank you extremely much for your very detailed answer. If I understand you correctly, when I send an email anywhere, its being delivered by my ISP which is a known authorized quantity, and thus is accepted by the destination mail server?

I understand OAuth tokens can work (if the requestor follows the rules and does not save the original credentials). And I realize I that no mater how diligently I avoid "login as" dialogs, I have authorized several tokens inadvertently. This is getting so bad. I firmly believe my privacy is being raped everyday online. Lets demand an opt in, not free, paid path.

I would like to get messages from my RT-AX86U though. Is there another perhaps local LAN based messaging option? For instance, as @paulbates mentioned how does one setup a "house specific email account"? Do I need my own local Exchange server?

 

[RMerlin]

Thank you extremely much for your very detailed answer. If I understand you correctly, when I send an email anywhere, its being delivered by my ISP which is a known authorized quantity, and thus is accepted by the destination mail server?

It depends on the email address you are sending from. If using a GMail email address, then the outbound server you will be using will be GMail`s own server. If you use an ISP email address (like myself@bell.ca), then you will be sending through the Bell server. With a domain name, there are usually specific servers which are allowed to relay email for that domain.

 

[breathless]

Question...

Speaking specifically about QOS and Trend Micro privacy concerns, can't one just block the DNS requests to Trend Micro and still get the QOS features without the privacy concerns?

For instance, in my case, I enabled the QOS in my Asus RT-AX88U with Merlin, allowed the initial DNS requests to go through to Trend to enable the service, then blocked all subsequent Trend Micro based DNS requests, which there were quite a few. Now they are blocked in the future, and QOS still works. Is there something I'm missing, such as another way that the router is able to get the info to Trend?

It seems to me that this should work in the case of QOS since the work is done at the router level, as opposed to the Ai Protection option which does the work at the Trend Micro server level. That at least makes sense why it would have to connect to Trend.

 

[Tech9]

Don't expect anything TrendMicro working properly in a long run with no communication to TrendMicro servers.

 

[Brad H]

AiProtection made my AX98X unstable. I found that after slowly building up to about 45 devices on the router, it started randomly rebooting every few days. After weeks of experimentation, I found disabling AiProtection solved the issue and have three months of rock solid performance. If you're using the router in a public setting, there might be some benefits. But, for a home network, I don't think it is needed....especially when it impacts the stability of the router.