Ubiquiti Networks is fending off customer complaints after emitting a firmware update that caused its UniFi wireless routers to quietly phone HQ with telemetry.
It all kicked off when the US-based manufacturer confirmed that a software update released this month programmed the devices to establish secure connections back to Ubiquiti servers and report information on Wi-Fi router performance and crashes.
Ubiquiti told customers all of the information is being handled securely, and has been cleared to comply with GDPR, Europe’s data privacy rules. Punters are upset they weren’t warned of the change.
“We have started to gather crashes and other critical events strictly for the purpose of improving our products,” the hardware maker said. “Any data collected is completely anonymized, GDPR compliant, transmitted using end-to-end encryption and encrypted at rest. The collection of this data does not and should not ever impact performance of devices.”
The assurance was of little consolation to UniFi owners who bristled at the idea of any of their data being collected, particularly without any notification nor permission. In particular, enterprise customers were less than thrilled to learn diagnostic data was being exfiltrated off their network.
“Undisclosed backdooring of my network is completely unacceptable and will result in no longer recommending, using, or selling of Ubiquiti gear,” remarked one netizen using the alias Private_.
Oh dear, you really can’t be doing that Ubiquity!