Linksys firmware upgrade for Wi-Fi routers angers some users

After complaints on forums, Cisco's home networks unit provided instructions for rolling back the EA3500 and EA4500 firmware

Some users of new Wi-Fi routers from Cisco's Linksys division complained this week that the company automatically updated the routers' firmware and pushed them toward a cloud-based administration service they didn't want.

Users posting on the Cisco Home Community forum and the U.K.-based site PC Gamer said they had turned on their Linksys EA3500 and EA4500 routers earlier this week and found they were running a new firmware version. The new firmware presented a login screen for the Cisco Connect Cloud instead of the LAN-based router management interface that had come up previously, they said.

Some voiced concerns about the security of cloud-based LAN administration and didn't want to set up accounts on Cisco Connect Cloud. They were able to bring up a local, non-cloud management interface after disconnecting the router from the Internet, but that interface lacked most of the features they had been used to with the previous firmware, the posts said.

On Friday, an administrator in the Cisco forum posted a link to official instructions for downgrading the routers' firmware to the previous, non-cloud version. Some commenters had said earlier that Cisco had sent them the old firmware when they complained. But some people on the forum had already said they were fed up and would return their routers. Linksys did not respond to a request for comment on Friday.

The EA3500 and EA4500 were introduced in April. They are high-end models for Linksys, which is Cisco's brand for home and small-office networking, and are designed to be able to run third-party applications. When it introduced the routers, Cisco said it would offer free software in June for managing them remotely through a new service called Cisco Connect Cloud. The company announced availability of the service on Wednesday. The cloud service is intended to let people manage their home networks from smartphones, tablets and Web browsers and remotely change settings such as parental controls, guest access and traffic priority.

Several users said they were surprised to discover firmware upgrades Tuesday that pointed them toward the cloud service.

"I do not want this. A cloud interface is not what everyone wants. Stop trying to make decisions as a corporation and what you think the people need. Options is what people actually desire," wrote a commenter named "combsmsteven" on the Cisco Home Community forum.

On the PC Gamer forum, user "Lunatitch" posted a screen shot of the new start screen.

"Note that in the picture, the unroutable (internal) network address used for accessing the admin panel for my router won't let me log in without signing up for a Cisco Connect Cloud account. I just finished talking to tech support, who confirmed there is no way around this," Lunatich wrote.

Cloud-based router management is not necessarily less secure than the traditional method of logging into the device over the LAN, said Farpoint Group analyst Craig Mathias. Any router connected to the Internet may be susceptible to an outside attack, he said. And management from the cloud is more convenient because it can be done from anywhere, he said.

"We see cloud-based management as ultimately the dominant vehicle ... for almost everybody," Mathias said.

However, Mathias warned against allowing automatic firmware or software upgrades.

"If someone hacks that interface, they can load any firmware they want into your router," he said. Some users complained that when they discovered the problem and tried to turn off automatic firmware updates, they couldn't. The rollback instructions posted Friday included directions for turning off that setting.

Another concern raised in user comments came from Cisco's privacy policy for the Cisco Connect Cloud. "When you use the Service, we may keep track of certain information related to your use of the service," the policy said. Among other things, that data may include how much traffic is going through the router every hour; that information includes the Internet history from the home network, the policy said.

In the policy, Cisco said it "may share aggregated or anonymous user experience information with service providers contractors or other third parties," but that the data would not personally identify the user in any way.

Mathias condemned that practice.

"There is no legitimate reason for them to do that, other than they want to make more money," he said.

Stephen Lawson covers mobile, storage and networking technologies for The IDG News Service. Follow Stephen on Twitter at @sdlawsonmedia. Stephen's e-mail address is

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Stephen Lawson

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place