Netgear firmware update collects your IP and MAC addresses

Users need to configure the router manually to stop data transmission

Netgear's latest firmware update to its Nighthawk range quietly adds a feature that automatically collects your IP and MAC addresses.

A post on Netgear's support page reveals the update collects "information regarding the router's running status, number of devices connected to the router, types of connections, LAN/WAN status, WiFi bands and channels, IP address, MAC address, serial number, and similar technical data about the use and functioning of the router, as well as its WiFi network".

In an email to IT Pro, Netgear said that the process of collecting data is "designed to improve the experience with NETGEAR products", and that it "does not track or collect the websites you visit or collect the content of any traffic on your network".

The company also argued that this would help improve the stability of its router range, but many customers are angry at the amount of data being scalped, particularly their IP and MAC addresses, according to forums including this Slashdot thread, with one user writing: "I guess it is time to switch to a different brand."

What has also riled up customers is that this new data-harvesting tactic is strictly opt-out, meaning users need to manually configure their routers to prevent them from remotely sending data to Netgear. Users have also complained that once configured, there is very little indication that data sharing has been turned off.

"The text description and radio buttons for "Router Analytics Data Collection" and "Router Auto Firmware Update" are grayed out, even though they are clickable," wrote one user on Netgear's community forum

The chances are that many customers won't do this, particularly as many people fail to even change default password credentials.

Netgear warned customers last December to turn off select routers, including the Nighthawk R7000, and avoid using them following the discovery of a security vulnerability. The flaw, known as #582384, affected a range of Netgear routers, and allowed hackers to gain remote access to a network. 

This latest firmware update could be an attempt to catch similar sorts of vulnerabilities before they can do damage, although Netgear appears to be risking alienating some customers in the process.

Main image: Netgear Nighthawk R7000 router

Featured Resources

Digital Risk Report 2020

A global view into the impact of digital transformation on risk and security management

Download now

6 ways your business could suffer if you don’t backup Office 365

Office 365 makes it easy to lose valuable data regularly, unpredictably, unintentionally, and for good

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now

8 digital best practices for IT professionals

Don't leave anything to chance when going digital

Download now

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/mobile/28299/how-to-use-chromecast-without-wi-fi
Mobile

How to use Chromecast without Wi-Fi

5 Feb 2020
Visit/operating-systems/27717/how-to-fix-a-stuck-windows-10-update
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020
Visit/security/34616/the-top-ten-password-cracking-techniques-used-by-hackers
Security

The top ten password-cracking techniques used by hackers

10 Feb 2020
Visit/software/linux/354831/microsoft-to-add-defender-antivirus-software-to-linux-ios-and-android
Linux

Microsoft to add Defender antivirus software to Linux, iOS and Android

21 Feb 2020