Technicolor MediaAccess TG589vac Firmware upgrade

Do routers report "home"? If so, where do they report to? I am using my SSE supplied router that I have had with firmware 15.2 since I took it out of the box a couple of years ago. I noticed a connection drop the other day and I now have "Version Jade 16.2". I haven't instigated the upgrade as I wouldn't know where to find it, so where/ how has it been applied? My current ISP is BT.

Seems a bit naughty if something can be done to my router without my knowledge, although I do now have a guest network

Mark

From what you say it appears that SSE have applied an update to your router. You may be able to see that this has been done by logging into the router's web interface. The web interface might be slightly different depending,on what the update does. Google is your friend for finding out more.

In reply to a post by Michael_Chare:

Google is your friend for finding out more.

Not for me it isn't. Can find very little online about this router. Strange though that SSE would be able to apply an update even though I have no dealings with them any more though.

Cheers

Mark

May be nothing to do with SSE, but a Technicolor maintenance task, i.e. backdoors for maintenance do exist on some devices.

So routers calling home to somewhere is not at all unusual

Sounds like what must have happened here, thanks.

Mark

BT, Sky, PlusNet and TalkTalk routers (probably others as well) get firmware updates automatically also - it is very common.

You mention "seems a bit naughty if something can be done to my router without my knowledge." There are security loopholes discovered and identified all of the time, some so critical they can allow attackers remote access into your home network, from there they can run exploits against your machines... This can lead to compromise of data, e.g. usernames/passwords etc. Would you rather your ISP be able to remotely apply security patching and upgrading as required, or indeed prefer you are at risk and have full management of your device? Due to the security landscape, it makes sense for ISPs to be able to install updates remotely, but also, often times bugs are identified in routers down the line e.g. BT HomeHub 5s kept rebooting when Google Chromecasts were connected, here BT was able to remotely update the hubs to resolve the issue.

Honestly the ISPs are not trying to mess anything up or indeed breach your privacy, but instead keep things working and ensure you are secure.

Usually, where you one ISP router with another ISP (e,g. using a TalkTalk router on BT), it inhibits the security patching etc, so instead you may have got an update direct from the manufacturer. This is why it is not advisable to use one ISPs kit with another ISP. Where you use a third party product e.g. a Netgear router on Sky or BT, Netgear then push out security/bug fixes for the router... A BT router used on say Sky (after being cracked) may not get security updates from BT and with time become a greater and greater security risk (the retail versions are exceptions). Either use ISP supplied kit on the correct ISP, or get an off the shelf product from a reputable vendor such as Netgear, Cisco etc who is known to patch their products for security loopholes.

Edited by ukhardy07 (Sat 10-Feb-18 20:14:27)

Potentially it is not the ISP having a backdoor but is just the router checking for updates from a known website. It is no different to Windows doing an update - it pulls the update rather than it being pushed.