Re: [PLUG] Ubiquiti data slurping

brent timothy saner via plug on 29 Jan 2020 09:22:10 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Ubiquiti data slurping

From: brent timothy saner via plug <plug@lists.phillylinux.org>
To: plug@lists.phillylinux.org
Subject: Re: [PLUG] Ubiquiti data slurping
Date: Wed, 29 Jan 2020 12:21:55 -0500
Autocrypt: addr=brent.saner@gmail.com; prefer-encrypt=mutual; keydata= mQINBFKm0mgBEADSI5oeyqRYZ8YWxPbux4CeqaMNh4etuyJmglDRCQB9t1XlvhMDLZWQNqm+ ORBN3YGISUu+X55p10lK/O1w/85zXkAV7Qe6fkvUzSx0tbPWLu4rn4zH9JgTExElhFRv143H W/EKehejEetkNz6JSwGUXNiF5qh1GbKLOmShbmCSKXLcmw05Qj4ELmhkH9OWXpeM0EHmWIEK VSeoIim/g1MYYxKOb1wY3DEubY9zn3lfz9xfLq/xlFMepDyNAEer/qZDSHQqnymdqXlt6L9e mfd4snHLiDfUgG9JOPeMDWeT6XWJDtKKCcZ3JDSMEGgZsFYpwJxJEwPxnfhHJmH8ENxi/8Cu 0fLFvzgAP+VK/Z1egBI7l241fDDREg3e+NWFhUM5bjwBmqk1z8nkRdru+QSMtPl6Erkd+Tbp 7lGGpQwCbI6esdBPkx/nV8+fIPEcsR2G5jG7O9U4J6q3B1nRFrR863SJHudIWV/l59ZvA8kI knDYNOixPLmnoRrO7LNIWe9jpnkZdg34Aa5AjAjGEKwY5EAzqkKuPEMVGqg/36YUcnqYS98W iVgCpaGg6KJqCMVXBfugxd79rtkyT4Oeju/z/Yp2xxXm3Pqcocb1CxbiEYDLJNT7/hyIJ072 4asMz2DTDMIMciP93hPraEtINknPlerNX2XqK03D+gyBGqAL7QARAQABtCtCcmVudCBUaW1v dGh5IFNhbmVyIDxicmVudC5zYW5lckBnbWFpbC5jb20+iQI8BBMBAgAmAhsDBwsJCAcDAgEG FQgCCQoLBBYCAwECHgECF4AFAlLzvnsCGQEACgkQjABML5NIH2vQHxAArz6yjoQqUPoOFBRF P6hXHcMegvh4vZ0xOcoU+7KyUyD2f5jYivQFSVYcRDr7hyHTs3iRr0HKN8dUUSyLkNCc+rd2 FwqftUF2JLqlqpJ4HDXw+5L2rw0+0voy7JpRNtoGlfkh32SHIbTmNwVIFm1yVg+xNk0RAvl8 /NnPzgi0IKgOJNcxicLpy0f0o/uWHKcm6uS8SBZL3col1Wuhwqt/VY7Nz0cCF7IrRNGyMMPF PMRq3A5144U81WQR94iGlpvWku/qnFAvC9NNTllCwFYpiuI2BkndlPO3YqOwcGbVTOO765la Qz9EQn9b9ipnPjOSp9HLhu53RoJyUWogBtijCzEgODYJuflPWoXG4ubB11wP2CRPZzj3KqFE cShAyNwE2bAtHwtqsksII3J46EEQDrHam/0D6F+jNMZK31E/ET9WcdzZhFRGaBd748dRcaoH BaHpviH+GtRZiWtrR0238Df05MtZPTlZi2t4icBIGVN4j0mcMbgVY/5CudLQGa7BSjnKR/uy hJI7ANOHCsIud6rIB9s5qly60bXjOZ4hG1iFIhUFC+zgrOYGZLbJgCaKd5sdBCWOsQwInD/X eWO+6p4bW0YIp0YXZA5+0Uo8EP4t+NzvfGhe19gy8hrJYZGSW1PJDvqvs+b5XO2j5Be6ec2Y 09Ta99U94SxWp3nXpKS5Ag0EUqbSaAEQAMIB/UpTre+NGzkvTmO6wnfQuzJKEEWnX2p/+eQF ZgDhObvwhvZr7C3I9wP3JnAP3LoJqrnmp78qE2v7snlSG1i66hqcj8Cw2EkBRLFsseva2uI5 B63RLrV0tTXN86nmHhw8qJ2GBu84Ddw7KtYoCRbq902eWsgWxRJVwAK+ip24tVVJxaR23nkO FwU+suYRDhiM9GLVj2waomgJK60dhxLOLZSRwJ0S1A2pu16GEx8USEoz7WNDJgx8PJPSzyH5 U7h9hXhpTEvS8nOV5G7YhksKBR6ECjmleCSehBaotVTAhXTfoh9fyCusMBwizLBoS8GmPUnv nUlvJzyAzu1KxnFzpwEk9ZBgLqWxzC/i4PZKrpqG7n5JqgEl0gg+7fn5Sdwq14Trg+djDGa5 c8n5hXEyszWTka53AhVCn8yq01zYNZoMDG6adYku/g3n5mBxKYuSoMkzuPRgihpsrhN/0RGY nJRDw5cpAjywWhTfFWGaAz6mDNhCV9daoqAoFjmIt9PAFeTrHj0XZXW7C53t4Qor9Nc5goh5 jlw7vv58CpdF0dPF6jLhDL2AYtplqwdPQr8+hj8WyFW8Rbj/OOj/z/JdDa6xCqfvh0udGLVa FDwQXZ1D4sqjwABhqdCppYb9TSq0TzR2LyZDnn/JZied2Q2LypPbsoGa3qd//w5W6NczABEB AAGJAh8EGAECAAkFAlKm0mgCGwwACgkQjABML5NIH2tCDBAAiMHQIKXCnm3XOcBuArJ8l0Yp W7q9KWF1YtmK+Jg+JqF8vTR7qvJ1djpVJVzCbL73bSrw24bLjHhcATuBsQxYPu2sSulcPB8n ri3ki/rWiWpNtjykKi6z56o+vDmbVH8UyA++zHQIaOx7tyKnh4w1F2i46132yMHLHFAdQkAl AJRMIQ6E0AKK9t61r+NJ0KT8g1h9PMcJkPWkGmQjT9eahLlO1H3kua0xCZ264CFUkpYo7t0I Y9BuRafzrqRqrYBJzEeDSd2dNz8u+jTF8RlHyaiePcTE9R1A41mK2vDCgWAbmXW8eruVz+Av zdXSNr6erccamRmeTIyJ5WpGeoA/ZeTDVSLzU2/i/PK2yI/8DTwWnt0iLC+8qvbz+E27/8i5 x5w3PosUjXzHQugBZO0xrBqti9rWV6u73zAE07EKaGfTm4Py3HRfysmFijcT0xpEeuilXM72 TixP75enqXN45ouwrapBcjAM3oxn+eVAagtzMUjXjHJBP5g5PHCRTuzakNzvFu1YNV9Oec8S O+hoQAuW6Wy5NfCN3Bg+KHPu/U6Lw9TcbFtCGOswMx9U2Thuj7FeULli5tj/kLahOOMO0N++ msHrJNNWa2ekU9GJ1NDCOGH0zYF4F5dxrdNxuOGzz6a0+5o1DBaWUEN0wAMceluJNnqv0qni AGmGDY9HHUM=
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:references:from:autocrypt:subject:message-id:date:user-agent :mime-version:in-reply-to; bh=7ZXJ14+oWSJOMR11LP0ijEeh97vtWGYxm+CbLsA7hMs=; b=C9bXUdDoLYHs+20G8TZL1uFDinuOqQkoanWx91LPEFy1h7Ie1Ij2Ad90A2xsX5vJK8 NzJWaBxh2Bsa8dMZEFSK+ZSMm2X3mw5hqkT1YZ7Dlue47vFn7rkFbpSxwVUbZ5Yh7GH3 JKFTYWR0yE0LCuaryuBJZ/w7wA7npRkI/487hRGfcrAuzkwvSTpZMxPwXgA7B1h8xtBo TayJuegUC3KCGOyw/pJY0aQv3zxI4OEmAVxnfYr0IamoigwBiGLjLD2PV0sYdgZBcv22 70/q+mOKD4loKDQBayrPYRQuSsYGjXIXHbdkLBgXuxWNU1NSAaNhkLizBsliQOI5/ksd jJwA==
Reply-to: brent timothy saner <brent.saner@gmail.com>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1

On 1/29/20 11:49, Keith C. Perry via plug wrote:
> JP,
> 
> The updates come via the console not directly to the devices and I don't allow update to process automatically so that's an easy situation to control.
> 
> There was supposed to be a 100% opt out but it looks like Ubiquiti reversed that which is why the pitchforks are rightfully out. To be clear, I don't like this and it is a huge mistake on their part (they may yet have privacy challenges across the pond as a result) but this is one of those things that I'm not going to allow myself to lose sleep over...
> 
> ...that's what my Windows 10 users are for :D
> 

Yeah, while disheartening, it's at least easy to identify and filter out
and oughtn't break anything. Unsure if it affects people who use the
UBNT SSO servers or not (I don't on mine; all my authorization is done
on-site for devices).

At first I thought this might violate CCPA but (and IANAL) it doesn't
seem to. I don't think it even violates GDPR compliance since it's
"anonymized" (but who can say for certain beyond UBNT's own word?).

I'd be curious to see how this plays out.

I'm laughing at anyone who chooses to go Cisco over UBNT still, though.
They've been confirmed as having been backdoored by the NSA[0] and have
terrible business practices of their own[1]. The difference is their
firmware is much harder to reverse-engineer/examine/etc.

[0]
https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/
[1]
https://www.techdirt.com/articles/20190801/08402142695/cisco-shells-out-86-million-selling-government-easily-hackable-tech.shtml

Attachment: signature.asc
Description: OpenPGP digital signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] Ubiquiti data slurping
  - From: jeff via plug <plug@lists.phillylinux.org>
- Re: [PLUG] Ubiquiti data slurping
  - From: Anthony Martin via plug <plug@lists.phillylinux.org>
- Re: [PLUG] Ubiquiti data slurping
  - From: "Keith C. Perry via plug" <plug@lists.phillylinux.org>
- Re: [PLUG] Ubiquiti data slurping
  - From: JP Vossen via plug <plug@lists.phillylinux.org>
- Re: [PLUG] Ubiquiti data slurping
  - From: "Keith C. Perry via plug" <plug@lists.phillylinux.org>

Prev by Date: Re: [PLUG] Ubiquiti data slurping
Next by Date: [PLUG] Ransomware
Previous by thread: Re: [PLUG] Ubiquiti data slurping
Next by thread: [PLUG] Ransomware
Index(es):
- Date
- Thread