Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Huawei HG612 - where are we?  (Read 3862 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Huawei HG612 - where are we?
« on: August 11, 2015, 10:28:51 PM »

[I apologise for asking these very basic quick questions about this device which I'm sure have probably been answered here and there, but a bit scattered and I'm lost. (drugs, NHS, that's my excuse, and I'm sticking to it  :-[ ) ]

This post is a kind of "where are we now?".

* This device can seemingly be a full modem/firewall/router from what I've read? Is that correct?

* It can presumably be preconfigured somehow to be just a PPPoE modem stuck in bridge mode? How?

* Taming / neutering : Is it possible to get hold of a BT HG612 device and completely tame/neuter it? So that it doesn't phone home to BT, doesn't get firmware updates pushed into it with the user's permission and isn't remote controlled, censored, monitored or tracked by BT and whoever else might want to join the party uninvited.

It can clearly do a lot of impressive firewalling stuff, it has serious-looking QoS management, and it's a lot more than just an xDSL modem.
« Last Edit: August 11, 2015, 10:31:45 PM by Weaver »
Logged

GigabitEthernet

  • Kitizen
  • ****
  • Posts: 2243
Re: Huawei HG612 - where are we?
« Reply #1 on: August 11, 2015, 10:45:55 PM »

* This device can seemingly be a full modem/firewall/router from what I've read? Is that correct?

Yes.

* It can presumably be preconfigured somehow to be just a PPPoE modem stuck in bridge mode? How?

The default unlocked configuration will provide this facility on LAN1. LAN2 will provide acccess to the web UI.

* Taming / neutering : Is it possible to get hold of a BT HG612 device and completely tame/neuter it? So that it doesn't phone home to BT, doesn't get firmware updates pushed into it with the user's permission and isn't remote controlled, censored, monitored or tracked by BT and whoever else might want to join the party uninvited.

I believe in Wolfy's firmware BTAgent is still in the firmware but it cannot actually call home. So, it is effectively disabled.

I am sure somebody more knowledgable can explain this more :)

It can clearly do a lot of impressive firewalling stuff, it has serious-looking QoS management, and it's a lot more than just an xDSL modem.

Yes I agree. I think it is a mighty shame that it is so locked down by default.
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Huawei HG612 - where are we?
« Reply #2 on: August 12, 2015, 12:00:03 AM »

How paranoid should we be about these devices plus BT plus TR-xx?

Possibilities for the paranoid: Tracking what we do, or worse, monetising that data, or even getting up to all kinds of things far worse than mere listening, things that I'd rather not think about.

[I haven't entirely forgiven BT for the Phorm scandal. The best thing that happened was the PR disaster that came out of it, became all-consuming, and which ultimately swept the Phorm sleazy scumbags out of the UK off to some new third world adventures who knows where.

I wouldn't be happy with a device that can not easily be audited, never mind firewalled as this is all on the wrong side, the WAN L2 ??? murky stuff.]

I wouldn't want to start having to run everything through a Firebrick tunnel, as I wouldnt want to have to pay the performance hit and the £15 p/m for hosting another Firebrick at the A&A end. There is an alternative for A&A Firebrick users, where all your IP packets are actually sent as PPP LCP funny packets, iirc, which is available to combat BT bugs and could deal with them getting up to no good.
Logged

GigabitEthernet

  • Kitizen
  • ****
  • Posts: 2243
Re: Huawei HG612 - where are we?
« Reply #3 on: August 12, 2015, 12:53:12 AM »

I would be far more worried about Huawei (the Chinese company that make the HG612 and some of the FTTC cabinets) sending your information to some distant place...
Logged

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 34012
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Huawei HG612 - where are we?
« Reply #4 on: August 12, 2015, 01:57:30 AM »

We dont really know what the BTAgent does.  iirc Asbo dug around in this area and found it was calling home, but not exactly what it what is doing which is why there is some doubt.

afaik Its supposedly to check for auto updates.   There's also something like TR-069 and I think this can let your ISP helpdesk check certain stats.   I know that ISPs when they run a WHOOSH type test can tell if you have a BTmodem (or ISP brand modem) from this, because if you are using your own router and the SP attempts to do a GEA test, then it will inform them "Unable to check for customer equipment connected to modem"  so they know that Im not using a Plusnet supplied router.

TBH I wasnt too concerned about it snooping, just updating.  I dont even know to what extent BTw/Openreach could snoop, because thats far more likely to be something at an ISP level?    It is BTretail (& a couple of other ISPs) that used Phorm.   

If it ever came out that Wholesale/Openreach were snooping then the ISPs would be up in arms.  I can imagine RevK would have a good deal to say about it..  but Sky would take them to the cleaners and cause a massive stink if they caught Openreach tracking something they shouldnt.  It would be far too risky for Openreach/Wholesale to attempt anything covert. 
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Huawei HG612 - where are we?
« Reply #5 on: August 12, 2015, 02:17:30 AM »

Indeed it would cause a PR disaster if anyone were caught, as in the Phorm fiasco.

And RevK would go postal. ??? :'(
« Last Edit: August 12, 2015, 02:24:07 AM by Weaver »
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Huawei HG612 - where are we?
« Reply #6 on: August 12, 2015, 02:34:41 AM »

I wonder how one might audit the thing anyway, a man in the middle, if you really are that paranoid, would be out of sight.


[Off topic: Now I recall, BT Retail ISP and one or two other ISPs were involved. No non-consenting _ISPs_ got caught up in the ugly mess. BT Retail just had no respect for their end users. At that time, I told customers who wanted consultancy from me that if they went with BT Retail they would have to change ISP or I would turn the job down. Which in fact did happen once, I felt so strongly about the matter. I basically told a customer very gently and extremely politely to get lost because they were determined to go with BT ADSL, because Uncle Bob said it's great.]
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7478
  • AAISP CF
Re: Huawei HG612 - where are we?
« Reply #7 on: August 12, 2015, 06:27:50 AM »

this is what I believe both functions do.

the btagent updates the hg612.  if its killed the hg612 will never be updated automatically.

I think tr-069 is to allow for isps to access their own devices behind the hg612, e.g. updating a home hub 5 behind a hg612.  Which makes sense when kitz mentioned isps can also use it to tell if you using their equipment.
Logged