Late last year, Nikkei Asia reported that Japan was planning to add thousands of personnel to its military cyber defense unit. Now, we might know why. According to a report from The Washington Post, hackers in China had "deep, persistent access" to Japanese defense networks. When the National Security Agency is said to have first discovered the breach in late 2020, NSA Chief and Commander of US Cyber Command General Paul Nakasone flew to Japan with White House deputy national security advisor Matthew Pottinger to report the breach to officials.
Despite briefings that reached as high as Japan's prime minister, The Post reports that hacking from China remained an issue for several months, persisting through the end of the Trump administration and well into early 2021.
US Cyber Command initially offered Japan assistance in purging its systems of malware but were reportedly rebuffed because the country was not comfortable with another nation's military accessing their systems. Instead, Japan elected to use domestic commercial security firms to find vulnerabilities, relying on the US only for guidance on what those firms found. Japan would eventually adopt a more active national security strategy, which is said to include a new cyber command to monitor networks around the clock, and as many as 4,000 active cybersecurity personnel.
This article originally appeared on Engadget at https://www.engadget.com/china-reportedly-had-deep-persistent-access-to-japanese-networks-for-months-233516478.html?src=rss
Google has announced several updates to Search aimed at making it easier for people to control information about them that appears in results. The company released a tool last year to help people take down search results containing their phone number, home address or email. Now, the company has updated the "results about you" tool to make it more effective.
A new dashboard will become available in the coming days that will let you know when such personal information pops up in Search. When you get an alert, you'll swiftly be able to ask Google to remove those results.
Earlier this year, the company debuted a Google One feature that can scour the dark web to see if your information has been included in a data breach. This "results about you" update seems to work in a similar way. The fact that it proactively finds results containing your personal info and helps you remove them should make it easier to protect your privacy.
Google
You can access the tool from the Google app by tapping your profile photo and selecting "results about you" or from a dedicated webpage the company has set up. It's available in the US in English for now, but Google plans to offer the tool in other languages and regions soon.
Along similar lines, Google is updating a system that aids users in taking down explicit photos of them. The company has long provided the option for people to request the removal of non-consensual explicit images from search results. It's now expanding that policy to include consensual imagery.
Perhaps you uploaded explicit content of yourself to a website at one point, but decide you no longer want it to be available. If you delete the imagery from that website, you can now ask Google to remove it from search results if it has been published elsewhere without permission. The company notes that the policy doesn't apply to any content you're still commercializing.
It's not exactly rare for owners of websites that deal in explicit imagery to report content from elsewhere. Removing such content from Google Search results won't scrub it from the web entirely, but that may make it more difficult for people to find. You can search for "request removals" in the Google help center to get started.
Google
On top of all that, Google is rolling out updates for parental controls and SafeSearch. Starting this month, Google is blurring explicit imagery (which it defines as adult or graphic violent content) in search results by default, a move it announced earlier this year. You'll be able to turn off SafeSearch blurring from your settings, unless a school network admin or a guardian has locked the setting on your account.
Last but not least, it'll now be much easier to access parental controls from Search. Punch in a query like “google parental controls” or “google family link” and you'll see an information box that explains how to adjust the settings.
Google
This article originally appeared on Engadget at https://www.engadget.com/google-is-making-it-easier-to-remove-your-private-information-from-search-170025085.html?src=rss
“Tor” evokes an image of the dark web; a place to hire hitmen or buy drugs that, at this point, is overrun by feds trying to catch you in the act. The reality, however, is a lot more boring than that — but it’s also more secure.
The Onion Router, now called Tor, is a privacy-focused web browser run by a nonprofit group. You can download it for free and use it to shop online or browse social media, just like you would on Chrome or Firefox or Safari, but with additional access to unlisted websites ending in .onion. This is what people think of as the “dark web,” because the sites aren’t indexed by search engines. But those sites aren’t an inherently criminal endeavor.
“This is not a hacker tool,” said Pavel Zoneff, director of strategic communications at The Tor Project. “It is a browser just as easy to use as any other browser that people are used to.”
That’s right, despite common misconceptions, Tor can be used for any internet browsing you usually do. The key difference with Tor is that the network hides your IP address and other system information for full anonymity. This may sound familiar, because it’s how a lot of people approach VPNs, but the difference is in the details.
VPNs are just encrypted tunnels hiding your traffic from one hop to another. The company behind a VPN can still access your information, sell it or pass it along to law enforcement. With Tor, there’s no link between you and your traffic, according to Jed Crandall, an associate professor at Arizona State University. Tor is built in the “higher layers” of the network and routes your traffic through separate tunnels, instead of a single encrypted tunnel. While the first tunnel may know some personal information and the last one may know the sites you visited, there is virtually nothing connecting those data points because your IP address and other identifying information are bounced from server to server into obscurity.
In simpler terms: using regular browsers directly connects you and your traffic, adding a VPN routes that information through an encrypted tunnel so that your internet service provider can’t see it and Tor scatters your identity and your search traffic until it becomes almost anonymous, and very difficult to identify.
Accessing unindexed websites adds extra perks, like secure communication. While a platform like WhatsApp offers encrypted conversations, there could be traces that the conversation happened left on the device if it’s ever investigated, according to Crandall. Tor's communication tunnels are secure and much harder to trace that the conversation ever happened.
Other use cases may include keeping the identities of sensitive populations like undocumented immigrants anonymous, trying to unionize a workplace without the company shutting it down, victims of domestic violence looking for resources without their abuser finding out or, as Crandall said, wanting to make embarrassing Google searches without related targeted ads following you around forever.
Still, with added layers of security can come some additional hiccups, like lag or longer loading times. That could be true for some users depending on what they do online, but anecdotally it's gotten a lot faster in recent years, and users have said they barely notice a difference compared to other browsers. Sameer Patil, associate professor at the School of Computing at the University of Utah, studied this by having students and staff try out Tor as their main browser. “I was personally very surprised at how many sites and things just work fine in the Tor browser. So not only did they work as intended, but they also were fast enough,” Patil said.
But even if online privacy isn’t your main concern personally, using Tor can help support industries that heavily rely on it. By using the anonymous and secure browser, you’re supporting activists, journalists and everyone else’s privacy because the more people that use it, the more secure it gets, according to Patil. If only certain sensitive groups use it, it’ll be easier to deanonymize and ultimately track down identities. When you’re one in a billion using it, that task becomes nearly impossible.
This article originally appeared on Engadget at https://www.engadget.com/tor-dark-web-privacy-secure-browser-anonymous-130048839.html?src=rss
ExpressVPN has become a household name – or at least as close to one as a VPN is likely to get – taking over mainstream advertisements on sites like YouTube. On our roundup of the nine top providers in June, it came out tops for streaming services, frequent travel and gaming. But, notably, it wasn’t the overall best, falling short on areas like security and user friendliness.
There are three main VPN use cases on top of general security: geoblocking, streaming and gaming. That means my tests looked like watching Shrek on the clock, by using a VPN to access Canadian Netflix from my US-based home office, where the ogre movie isn’t currently available.
ExpressVPN was easy to sign up for, download and use, but compared to the other services, it didn't wow me. Competitors like ProtonVPN, for example, had easier ways to sign in across platforms. But an ExpressVPN subscription does come with a password manager to store and autofill credentials across websites. That’s a plus in a world where complex passwords are crucial to keeping your accounts secure.
The best VPNs stay out of your way and you'll barely even notice they’re running. But one oddity was that ExpressVPN internet speeds outperformed our baseline internet speed measures. The service is likely circumventing traffic shaping by the internet service provider or a similar anomaly because every other VPN will hurt internet speed in some way. But it did successfully mask the IP address, and pass the DNS and WebRTC leak tests as privacy measures.
ExpressVPN
It was also easy to access geo-blocked content using ExpressVPN, with little-to-no buffering. There were some loading delays that only lasted a few seconds when I tried to stream the news on YouTube using ExpressVPN, but no lag came up after that. Finally, ExpressVPN passed the gaming test by avoiding lag and maintaining a normal loading time. Although, it was a pretty basic test where I logged into online game Slither.io from a UK-based VPN to play the worm-eating competition with international users. Surfing the web with ExpressVPN was just as easy as being online without it. With ExpressVPN, a ping test measured how long data takes to travel from the computer to the server and back at 100 milliseconds, versus 16 milliseconds with no VPN turned on.
ExpressVPN’s biggest perk is that it supports up to five devices at once. That means I could conduct all tests simultaneously and still had no slowdown. That’s great for sharing it with a family, or folks that like to game, watch TV and scroll on their phone at the same time. It’s the main reason ExpressVPN landed as our top choice for streaming and gaming. The connectivity was solid, it had a wide range of servers in 94 countries and provided clear instructions on configuration for any device.
But security-wise, I found myself wanting more. ExpressVPN is based in the British Virgin Islands, which the company touts because the territory lacks any foreign intelligence operations and does not participate in 14 Eyes intelligence-sharing agreements. But it is owned by Kape Technologies, which also owns competitor CyberGhost, and Kape has a problematic history that includes spreading malware. Not only that, in 2021, the Department of Justice charged ExpressVPN CIO Daniel Gericke for cyberspying activities on behalf of the UAE. ExpressVPN stood by the CIO in a blog post.
But it’s not all bad. ExpressVPN publicly shared security audits of its mobile apps, protocol and desktop apps last year. That’s a win for security transparency. Still, a 2021 Consumer Reports study found that ExpressVPN didn’t support multifactor authentication, did not meet brute force mitigation checks and retained some data even after an account was terminated. ExpressVPN did, however, exceed industry standards in protections against unauthorized access, implement a vulnerability disclosure program and said it would not pursue legal action against security researchers. That means when it comes to security standards and practices, ExpressVPN as a company has a few too many misses and not enough hits.
I recommended ExpressVPN as our top choice for gamers, frequent travelers and heavy users of streaming services because it lets users access a wide range of locations from a variety of devices with high speed connections and no lag. With options to configure directly to routers and gaming consoles, it’s a solid choice for people that put a lot of strain on their ISPs. Still, there are better VPNs for the security-minded or those who want something more affordable.
This article originally appeared on Engadget at https://www.engadget.com/vpn-review-expressvpn-2023-gaming-streaming-160052492.html?src=rss
The Jack Dorsey-backed decentralized social network Bluesky has launched a paid domain service in partnership with Namecheap as a way for users to verify their identity. In a post discussing its plans to make Bluesky sustainable, the team said "users become the product" when a company relies on ads. Since Bluesky set out to "build a protocol where users can own their data," it chose to explore "other avenues of monetization" instead. It's worth noting that the social app started as a project funded by Twitter, but it has lost its connection to the website after Elon Musk took over.
Since earning by ads isn't an option, the team thought of offering paid services, starting with domain names. Users can already set up custom domain names to use with Bluesky, but they have to go through a separate process with a domain registrar first. This integration will supposedly allow them to do so in under a few minutes. They can simply log into their account, search for a domain name to use as a handle and then pay for it all within Bluesky's interface. For a Twitter competitor that doesn't have a centralized verification system, using a domain name is the best way for a user to verify that they are who they say they are. US Senators, for instance, have apparently been using the senate.gov domain to verify their identities.
Users who use the integrated service will be able to manage their domain settings and configurations within Bluesky, and they can forward emails sent to their domains to an address of their choice. They can also choose to redirect their domain to their Bluesky profile or any URL they want. And in the event they decide to leave the platform or to use another registrar, they can transfer their domain away.
Based on Bluesky's announcement, domain integration is just the first in what could be several paid services available on the platform. It says it's exploring other services it "can bundle to users to provide a more seamless experience." That said, Bluesky is still in private beta, and those interested will have to join a waitlist before they can get in.
This article originally appeared on Engadget at https://www.engadget.com/bluesky-begins-offering-custom-domains-in-its-bid-to-remain-ad-free-071922355.html?src=rss
President Joe Biden today announced how $42 billion in funding to bolster broadband internet access will be allocated. The investment, which was funded by the 2021 Bipartisan Infrastructure Law, aims to give all Americans access to high-speed internet by 2030.
Texas is getting the largest slice of funding with $3.3 billion. Eighteen other states are receiving over $1 billion, including Alabama, California, Georgia, Louisiana, Michigan, Missouri, North Carolina, Virginia and Washington. Every state is getting at least $107 million. Several US territories are included in the program, with $27 million allocated to the US Virgin Islands receiving and $334 million earmarked for Puerto Rico.
"With these allocations and other Biden administration investments, all 50 states, DC and the territories now have the resources to connect every resident and small business to reliable, affordable high-speed internet by 2030," the White House said in a statement.
The FCC released its first draft of the overhauled map, which incorporates more granular data, in November. Still, politicians on both sides of the aisle were concerned it left out millions of businesses and homes and urged the White House to delay the broadband funding efforts until issues were resolved.
After taking feedback from the public and states, the FCC unveiled an updated version in May. According to The Washington Post, the updated map addressed around 4 million mistakes, resulting in approximately half a million more homes, businesses and other locations without any internet access being identified. In all, the FCC determined that more than 8.3 million homes and businesses lack access to high-speed internet.
States will first focus on bringing broadband to locations that have no access at all. If they have any funding left over, they can use it to improve internet access for those with slow speeds.
It could take up to two years for the government to dole out all the funding. States, Washington DC and other territories will have until the end of the year to submit their initial proposals for how to run their grant programs. Once the Department of Commerce’s National Telecommunications and Information Administration approves the initial plans, states will be able to request access to at least 20 percent of their allocation. However, they might not obtain access to all of their funds until the plans are finalized, which may take until 2025, according to Reuters.
Many of the locations that lack broadband access are in rural areas. By and large, major providers have shied away from rolling out broadband in these locales due to their smaller populations and the high cost of installing infrastructure.
Update 6/26 12:06PM ET: Added details about the funding
This article originally appeared on Engadget at https://www.engadget.com/the-biden-administrations-42-billion-broadband-program-is-finally-getting-underway-143625721.html?src=rss
As anyone who regularly games online can attest, DDoS (dedicated denial of service) attacks are an irritatingly common occurrence on the internet. Drawing on the combined digital might of a geographically diffuse legion of zombified PCs, hackers are able to swamp game servers and prevent players from logging on for hours or days at a time. The problem has metastasized in recent years as enterprising hackers have begun to package their botnets and spamming tools into commercial offerings, allowing any Tom, Dick, and Script-kiddie rental access to the same power.
It's a big internet out there, and bad actors are plentiful. There are worse things than spammers and scammers swimming in the depths of the Dark Web. In his new book, Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks, Dr. Scott J Shapiro, Professor of Law and Philosophy at Yale Law School traces the internet's illicit history through five of the biggest attacks on digital infrastructure ever recorded.
Not all Denial of Service attacks use botnets. In 2013, the Syrian Electronic Army (SEA)—the online propaganda arm of the brutal Bashar al-Assad regime—hacked into Melbourne IT, the registrar that sold the nytimes.com domain name to The New York Times. The SEA altered the DNS records so that nytimes.com pointed to SEA’s website instead. Because Melbourne IT contained the authoritative records for the Times’ website, the unauthorized changes quickly propagated around the world. When users typed in the normal New York Times domain name, they ended up at a murderous organization’s website.
Conversely, not all botnets launch Denial of Service attacks. Botnets are, after all, a collection of many hacked devices governed by the attacker remotely, and those bots can be used for many purposes. Originally, botnets were used for spam. The Viagra and Nigerian Prince emails that used to clutter inboxes were sent from thousands of geographically distributed zombie computers. In these cases, the attacker reaches out to their army of bots, commanding them to send tens of thousands of emails a day. In 2012, for example, the Russian Grum botnet sent over 18 billion spam emails a day from 120,000 infected computers, netting its botmaster $2.7 million over three years. Botnets are excellent spam infrastructure because it’s hard to defend against them. Networks usually use “block lists”: lists of addresses that they will not let in. To block a botnet, however, one would have to add the addresses of thousands of geographically disbursed servers to the list. That takes time and money.
Because the malware we have seen up till now — worms, viruses, vorms, and wiruses.— could not work together, it was not useful for financially motivated crime. Botnet malware, on the other hand, is because the botnets it creates are controllable. Botmasters are capable of issuing orders to each bot, enabling them to collaborate. Indeed, botnet malware is the Swiss Army knife of cybercrime because botmasters can tell bots in their thrall to implant malware on vulnerable machines, send phishing emails, or engage in click fraud allowing botnets to profit from directing bots to click pay-per-click ads. Click fraud is especially lucrative, as Paras Jha would later discover. In 2018, the ZeroAccess botnet could earn $100,000 a day in click fraud. It commanded a million infected PCs spanning 198 countries, including the island nation of Kiribati and the Himalayan Kingdom of Bhutan.
Botnets are great DDoS weapons because they can be trained on a target. One day in February 2000, the hacker MafiaBoy knocked out Fifa.com, Amazon.com, Dell, E*TRADE, eBay, CNN, as well as Yahoo!, then the largest search engine on the internet. He overpowered these web servers by commandeering computers in forty-eight different universities and joining them together into a primitive botnet. When each sent requests to the same IP address at the same time, the collective weight of the requests crashed the website.
After taking so many major websites off-line, MafiaBoy was deemed a national security threat. President Clinton ordered a countrywide manhunt to find him. In April 2000, MafiaBoy was arrested and charged, and in January 2001 he pled guilty to fifty-eight charges of Denial of Service attacks. Law enforcement did not reveal MafiaBoy’s real name, as this national security threat was only fifteen years old. MafiaBoy later revealed himself to be Michael Calce. “You know I’m a pretty calm, collected, cool person,” Calce reported. “But when you have the president of the United States and attorney general basically calling you out and saying, ‘We’re going to find you’ . . . at that point I was a little bit worried.” Calce now works in the cybersecurity industry as a white hat — a good hacker, as opposed to a black hat, after serving five months in juvenile detention.
Both MafiaBoy and the VDoS crew were adolescent boys who crashed servers. But whereas MafiaBoy did it for the lulz, VDoS did it for the money. Indeed, these teenage Israeli kids were pioneering tech entrepreneurs. They helped launch a new form of cybercrime: DDoS as a service. DDoS as a service is a subscription-based model that gives subscribers access to a botnet to launch either a daily quota or unlimited attacks, depending on the price. DDoS providers are known as booter services or stressor services. They come with user-friendly websites that enable customers to choose the type of account, pay for subscriptions, check status of service, launch attacks, and receive tech support.
VDoS advertised their booter service on Hack Forums, the same site on which, according to Coelho, Paras Jha spent hours. On their website, www.vdos-s.com, VDoS offered the following subscription services: Bronze ($19.99/month), Silver ($29.99/month), Gold ($39.99/month), and VIP ($199.99/month) accounts. The higher the price, the more attack time and volume. At its peak in 2015, VDoS had 1,781 subscribers. The gang had a customer service department and, for a time, accepted PayPal. From 2014 to 2016, VDoS earned $597,862, and it launched 915,287 DDoS attacks in one year.
VDoS democratized DDoS. Even the most inexperienced user could subscribe to one of these accounts, type in a domain name, and attack its website. “The problem is that this kind of firepower is available to literally anyone willing to pay thirty dollars a month,” Allison Nixon, director of security research at business-risk-intelligence firm Flashpoint, explained. “Basically what this means is that you must have DDoS protection to participate on the internet. Otherwise, any angry young teenager is going to be able to take you off-line in a heartbeat.” Even booter services need DDoS protection. VDoS hired Cloudflare, one of the largest DDoS mitigation companies in the world.
DDoS as a service was following a trend in cybercrime known as “malware as a service.” Where users had once bought information about software vulnerabilities and tried to figure out how to exploit those vulnerabilities themselves, or had bought malicious software and tried to figure out how to install and execute it, they could now simply pay for the use of malware and hack with the click of a button, no technical knowledge required.
Because customers who use DDoS as a service are inexperienced, they are particularly vulnerable to scams. Fraudsters often advertise booter services on public discussion boards and accept orders and payment, but do not launch the promised attacks. Even VDoS, which did provide DDoS service, did so less aggressively than advertised. When tested by Flashpoint, VDoS botnet never hit the promised fifty gigabits/second maximum, ranging instead from six to fourteen gigabits/second.
The boards that advertise booter services, as Hack Forums once did, are accessible to anyone with a standard browser and internet connection. They exist on the Clear Web, not on the so-called Dark Web. To access sites on the Dark Web you must use a special network, known as Tor, typically using a special browser known as the Tor Browser. When a user tries to access a website on the Dark Web, the Tor Browser does not request web pages directly. It chooses three random sites—known as nodes—through which to route the request. The first node knows the original sender, but not the ultimate destination. The second node knows neither the original source nor the ultimate destination—it recognizes only the first node and the third node. The third node knows the ultimate destination, but not the original sender. In this way, the sender and receiver can communicate with each other without either knowing the other’s identity.
The Dark Web is doubly anonymous. No one but the website owner knows its IP address. No one but the visitor knows that they are accessing the website. The Dark Web, therefore, tends to be used by political dissidents and cybercriminals—anyone who needs total anonymity. The Dark Web is legal to browse, but many of its websites offer services that are illegal to use. (Fun fact: the U.S. Navy created the Dark Web in the mid-1990s to enable their intelligence agents to communicate confidentially.)
It might be surprising that DDoS providers could advertise on the Clear Web. After all, DDoS-ing another website is illegal everywhere. In the United States, one violates the Computer Fraud and Abuse Act if one “knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization,” where damage includes “any impairment to the . . . availability of data, a program, a system, or information.” To get around this, booter services have long argued they perform a legitimate “stressor” function, providing those who set up web pages a means to stress test websites. Indeed, booter services routinely include terms of service that prohibit attacks on unauthorized sites and disclaim all responsibility for any such attacks.
In theory, stressor sites play an important function. But only in theory. Private chats between VDoS and its customers indicated that they were not stressing their own websites. As a booter service provider admitted to Cambridge University researchers, “We do try to market these services towards a more legitimate user base, but we know where the money comes from.”
This article originally appeared on Engadget at https://www.engadget.com/hitting-the-books-how-hackers-turned-cybercrime-into-a-commercial-service-153050866.html?src=rss
As the unromantic name implies, TP-Link’s Deco XE75 AXE5400 is one of the company’s many, many routers. A trio of plain cylinders standing 6.7-inches tall, they mirror the lack of excitement in its name, but as the saying goes, let’s not judge a book by its deeply unsexy cover. Hiding inside is a mesh of extreme quality that, despite a few rough edges, offers a great mix of power and affordability. If you’re confident in your ability to work your way through an admin panel or two, then this might be the mesh for you.
Hardware
I’ve already mentioned that the XE75 comprises a series of nondescript-looking cylinders which aren’t the prettiest mesh units. They certainly look like WiFi equipment, unlike many of the others on the market, which look like paperweights designed by Henry Moore. Unless you’re living in a minimalist’s paradise, they’ll hopefully blend into your decor with no fuss.
On the back of each node are three gigabit ethernet ports, one of which you’ll need to hook the primary mode up to your modem. You can also use the ports to run ethernet backhaul, if your house is (or will be) suitably-equipped. In 2023, when it can sometimes feel like wired ethernet is becoming a niche proposition, having three ports per node feels like luxury. And I don’t think many users will gripe over a lack of a 2.5 Gbps port which is a bit excessive, even these days.
One of the first choices you’ll need to make is how you’ll use the 6GHz band, which is reserved as backhaul by default. You can leave it like this or, if you have a plethora of WiFi 6-enabled devices already, you can run it dynamically. Like I said in the mesh WiFi buyer’s guide, using the 6GHz band for backhaul makes sense for now since so few phones, laptops and tablets can access that band directly at the moment.
TP-Link says its “AI-driven mesh” will learn which devices get faster speed from which nodes and prioritize those connections accordingly. Once each of your devices is connected to the mesh, you should hope to see your speed and reliability improve as it learns your usage.
Installation
Deco XE75 was easy to get set up, taking just 16 minutes from when I pulled the plastic film from the box to finish. Download the Deco companion app, set up a TP-Link account and you’ll then be guided through the short setup process. You just need to plug the first node in, tell the app if you have any ISP-specific needs, give your network a name and password and you’re off at the races.
Once done, the app will tell you to turn on the other nodes in the set and wait as they connect to the existing mesh. You’ll also need to assign each node a name based on their locations in your home. My phone pinged several times in quick succession after this as all the gadgets in my home joined the network. The degree of seamlessness and ease of setup was more or less perfect.
That is, except for one minor real-world annoyance that I feel compelled to flag — the length of the power cables for the UK models I’ve been testing. A lot of mesh products ask users to place nodes in visible, prominent locations, rather than hidden behind furniture, to avoid interference. That’s harder to do, however, if your power cable is just 57 inches long, a small but noticeable bit shorter than the other products I’m testing. To the point where I couldn’t put one module in my usual location at the top of a bookcase because the cable didn’t stretch that far. In this case, that module had to go on my top shelf, rather than above it. It’s a specific and possibly niche complaint but worth mentioning in case you have an unforgiving room layout.
Performance
Photo by Daniel Cooper / Engadget
After setting up the modules in the usual places in my home, I found that it took about 10 minutes for the connection to stabilize. I had to run a firmware update that caused things to drop out for a further five minutes afterward, but after that, the connection was very stable. A lot of more affordable 6E routers use the 6GHz band as backhaul, and this worked well in my home.
Close to the primary node, speeds hit an average of 270 Mbps down, and in my office two floors away, I was still getting 260 Mbps. Even in my back bedroom with its dreaded signal dead spot, SpeedTest download benchmarks fell to around 220 Mbps. Ping times were similarly consistent, to the point where I reckon a two-point mesh might have sufficed.
The Deco app very clearly shows your network topography, enabling you to quickly see which devices connect to which node. What surprised me is that the hardware in my office preferred the primary node rather than the one that was nearer. I suspect, over time, those connections would shift, but the fact I saw such good performance despite being two floors away was great.
App and controls
The Deco app lays everything out in a friendly, easy-to-parse manner that shouldn’t deter novice users from upgrading. The home screen shows you the network topography, and what devices are connected to each node by default, helping you to feel in control of what’s going on.
If there’s a downside, it’s that the level of control available to you inside each submenu isn’t that deep. View your WiFi settings, for instance, and you’ll be able to change your network name and password or share those details to someone else. But the only other option is to decide if the 6GHz network is used for dedicated backhaul or if you can share it with devices on the network. You can activate a Guest Network on the homescreen, letting you set one up with one press, although I’m less of a fan that it’s password-free by default.
You can scroll the list of what’s connected to the network to see its signal strength, as well as how much data it’s up-and-down-loading at the time. Each device can be assigned to a family member for parental controls, and you can single out a unit for priority on the network. The one downside to this is that TP-Link really struggles to identify each piece of equipment on your network compared to, say, a product from Netgear. So many units were named “iot_device” in the list, that you’ll probably need to take the time to rename them all manually.
In the More sub-menu, you can run tests to optimize your network, set up an IPv6 connection, as well as tweak IP settings. One feature I appreciated was the choice to get a push notification every time a new device joins the network, which appeals to my paranoia.
You can also access your settings through a browser-based client but, as far as I could see, the only difference is it lets you force a firmware upgrade with a local file rather than handling the system online. That’s a fairly niche use, though.
Additional features
Deco does offer smart home integrations, but it’s limited to TP-Link’s own gear and Philips Hue. The only other thing that the company offers is Homeshield, which offers a suite of security features to help keep your WiFi secure. The free Basic tier will scan your network for security threats and offers “robust” parental controls. That includes the ability to block specific websites, set daily usage limits and time-out zones to stop your kids accessing the internet in the middle of the night.
You can also activate content filtering, which will lock down swathes of the web that TP-Link deems unsuitable. That includes Adult Content, Gambling, and Download sites, amongst many others. More problematically, you can block access to sites offering sex and relationship education information, which feels like TP-Link is enabling more harm than good there.
What I will say, despite my objections, is that the suite of options available for free here is a very good mix. Plenty of companies have taken to putting even the most basic parental controls, like time limits and access control, behind their paywalls. The fact the essentials are available here, for free, means the company gets plenty of extra points here.
TP-Link also offers a paid version of Homeshield, which includes more protection against hacks, greater data about what websites users are visiting. This, it says, will guard against “teenager internet addiction (sic),” “IoT Devices Attacks (sic)” and “Cyber Virus Intrusion (sic).” Homeshield Pro costs $5.99 a month, or $55 for a year, although I’m not sure I see enough value in it to encourage anyone to sign up for the extras on offer.
Wrap-up
There’s no single glitzy, attention-grabbing feature that makes the Deco XE75 a must-buy, but what puts it ahead of the competition is its brawn. Nestled inside those cylinders is powerful, reliable hardware that generates a fast and far-reaching network which is reason enough to pick up TP-Link’s system. The app and services offered at no additional cost, squarely tick the “good enough” box.
The one thing the Deco XE75 lacks is polish, both in its app and its services. I wouldn’t suggest this to anyone who would freeze up at the very thought of having to make a decision about something like a backhaul channel. But, if you are prepared to make the effort, then this is certainly the mesh WiFi system for you. It’s fast, reliable, fairly easy to use and I reckon the (cheaper) two-pack will cover all but the biggest of homes.
This article originally appeared on Engadget at https://www.engadget.com/tp-link-deco-xe75-review-a-solid-wifi-6e-router-system-that-delivers-more-for-less-123033332.html?src=rss
As the unromantic name implies, TP-Link’s Deco XE75 AXE5400 is one of the company’s many, many routers. A trio of plain cylinders standing 6.7-inches tall, they mirror the lack of excitement in its name, but as the saying goes, let’s not judge a book by its deeply unsexy cover. Hiding inside is a mesh of extreme quality that, despite a few rough edges, offers a great mix of power and affordability. If you’re confident in your ability to work your way through an admin panel or two, then this might be the mesh for you.
Hardware
I’ve already mentioned that the XE75 comprises a series of nondescript-looking cylinders which aren’t the prettiest mesh units. They certainly look like WiFi equipment, unlike many of the others on the market, which look like paperweights designed by Henry Moore. Unless you’re living in a minimalist’s paradise, they’ll hopefully blend into your decor with no fuss.
On the back of each node are three gigabit ethernet ports, one of which you’ll need to hook the primary mode up to your modem. You can also use the ports to run ethernet backhaul, if your house is (or will be) suitably-equipped. In 2023, when it can sometimes feel like wired ethernet is becoming a niche proposition, having three ports per node feels like luxury. And I don’t think many users will gripe over a lack of a 2.5 Gbps port which is a bit excessive, even these days.
One of the first choices you’ll need to make is how you’ll use the 6GHz band, which is reserved as backhaul by default. You can leave it like this or, if you have a plethora of WiFi 6-enabled devices already, you can run it dynamically. Like I said in the mesh WiFi buyer’s guide, using the 6GHz band for backhaul makes sense for now since so few phones, laptops and tablets can access that band directly at the moment.
TP-Link says its “AI-driven mesh” will learn which devices get faster speed from which nodes and prioritize those connections accordingly. Once each of your devices is connected to the mesh, you should hope to see your speed and reliability improve as it learns your usage.
Installation
Deco XE75 was easy to get set up, taking just 16 minutes from when I pulled the plastic film from the box to finish. Download the Deco companion app, set up a TP-Link account and you’ll then be guided through the short setup process. You just need to plug the first node in, tell the app if you have any ISP-specific needs, give your network a name and password and you’re off at the races.
Once done, the app will tell you to turn on the other nodes in the set and wait as they connect to the existing mesh. You’ll also need to assign each node a name based on their locations in your home. My phone pinged several times in quick succession after this as all the gadgets in my home joined the network. The degree of seamlessness and ease of setup was more or less perfect.
That is, except for one minor real-world annoyance that I feel compelled to flag — the length of the power cables for the UK models I’ve been testing. A lot of mesh products ask users to place nodes in visible, prominent locations, rather than hidden behind furniture, to avoid interference. That’s harder to do, however, if your power cable is just 57 inches long, a small but noticeable bit shorter than the other products I’m testing. To the point where I couldn’t put one module in my usual location at the top of a bookcase because the cable didn’t stretch that far. In this case, that module had to go on my top shelf, rather than above it. It’s a specific and possibly niche complaint but worth mentioning in case you have an unforgiving room layout.
Performance
Photo by Daniel Cooper / Engadget
After setting up the modules in the usual places in my home, I found that it took about 10 minutes for the connection to stabilize. I had to run a firmware update that caused things to drop out for a further five minutes afterward, but after that, the connection was very stable. A lot of more affordable 6E routers use the 6GHz band as backhaul, and this worked well in my home.
Close to the primary node, speeds hit an average of 270 Mbps down, and in my office two floors away, I was still getting 260 Mbps. Even in my back bedroom with its dreaded signal dead spot, SpeedTest download benchmarks fell to around 220 Mbps. Ping times were similarly consistent, to the point where I reckon a two-point mesh might have sufficed.
The Deco app very clearly shows your network topography, enabling you to quickly see which devices connect to which node. What surprised me is that the hardware in my office preferred the primary node rather than the one that was nearer. I suspect, over time, those connections would shift, but the fact I saw such good performance despite being two floors away was great.
App and controls
The Deco app lays everything out in a friendly, easy-to-parse manner that shouldn’t deter novice users from upgrading. The home screen shows you the network topography, and what devices are connected to each node by default, helping you to feel in control of what’s going on.
If there’s a downside, it’s that the level of control available to you inside each submenu isn’t that deep. View your WiFi settings, for instance, and you’ll be able to change your network name and password or share those details to someone else. But the only other option is to decide if the 6GHz network is used for dedicated backhaul or if you can share it with devices on the network. You can activate a Guest Network on the homescreen, letting you set one up with one press, although I’m less of a fan that it’s password-free by default.
You can scroll the list of what’s connected to the network to see its signal strength, as well as how much data it’s up-and-down-loading at the time. Each device can be assigned to a family member for parental controls, and you can single out a unit for priority on the network. The one downside to this is that TP-Link really struggles to identify each piece of equipment on your network compared to, say, a product from Netgear. So many units were named “iot_device” in the list, that you’ll probably need to take the time to rename them all manually.
In the More sub-menu, you can run tests to optimize your network, set up an IPv6 connection, as well as tweak IP settings. One feature I appreciated was the choice to get a push notification every time a new device joins the network, which appeals to my paranoia.
You can also access your settings through a browser-based client but, as far as I could see, the only difference is it lets you force a firmware upgrade with a local file rather than handling the system online. That’s a fairly niche use, though.
Additional features
Deco does offer smart home integrations, but it’s limited to TP-Link’s own gear and Philips Hue. The only other thing that the company offers is Homeshield, which offers a suite of security features to help keep your WiFi secure. The free Basic tier will scan your network for security threats and offers “robust” parental controls. That includes the ability to block specific websites, set daily usage limits and time-out zones to stop your kids accessing the internet in the middle of the night.
You can also activate content filtering, which will lock down swathes of the web that TP-Link deems unsuitable. That includes Adult Content, Gambling, and Download sites, amongst many others. More problematically, you can block access to sites offering sex and relationship education information, which feels like TP-Link is enabling more harm than good there.
What I will say, despite my objections, is that the suite of options available for free here is a very good mix. Plenty of companies have taken to putting even the most basic parental controls, like time limits and access control, behind their paywalls. The fact the essentials are available here, for free, means the company gets plenty of extra points here.
TP-Link also offers a paid version of Homeshield, which includes more protection against hacks, greater data about what websites users are visiting. This, it says, will guard against “teenager internet addiction (sic),” “IoT Devices Attacks (sic)” and “Cyber Virus Intrusion (sic).” Homeshield Pro costs $5.99 a month, or $55 for a year, although I’m not sure I see enough value in it to encourage anyone to sign up for the extras on offer.
Wrap-up
There’s no single glitzy, attention-grabbing feature that makes the Deco XE75 a must-buy, but what puts it ahead of the competition is its brawn. Nestled inside those cylinders is powerful, reliable hardware that generates a fast and far-reaching network which is reason enough to pick up TP-Link’s system. The app and services offered at no additional cost, squarely tick the “good enough” box.
The one thing the Deco XE75 lacks is polish, both in its app and its services. I wouldn’t suggest this to anyone who would freeze up at the very thought of having to make a decision about something like a backhaul channel. But, if you are prepared to make the effort, then this is certainly the mesh WiFi system for you. It’s fast, reliable, fairly easy to use and I reckon the (cheaper) two-pack will cover all but the biggest of homes.
This article originally appeared on Engadget at https://www.engadget.com/tp-link-deco-xe75-review-a-solid-wifi-6e-router-system-that-delivers-more-for-less-123033332.html?src=rss
Federal Communications Commission (FCC) chairperson Jessica Rosenworcel wants to open a formal Notice of Inquiry into the impact of internet data caps on consumers, according to an FCC document spotted by Ars Technica. The regulator will also consider "taking action" to ensure that data caps don't harm competition or impact access to broadband services, according to the letter.
"Internet access is no longer nice-to-have, but need-to-have for everyone, everywhere," Rosenworcel said in a statement. "When we need access to the internet, we aren’t thinking about how much data it takes to complete a task, we just know it needs to get done. It’s time the FCC take a fresh look at how data caps impact consumers and competition."
With the Notice of Inquiry, the FCC would "seek comment to better understand why the use of data caps continues to persist despite increased broadband needs of consumers and providers' demonstrated technical ability to offer unlimited data plans," according to the letter.
Rosenworcel would be unable to take any action on data caps at the moment, though. The FCC currently has just four members (two Democrats and two Republicans), as the Senate refused to confirm President Biden's first nominee, Gigi Sohn, and she subsequently withdrew her name for consideration. The White House has since nominated telecom attorney Anna Gomez, who appears to have the support of the telecom industry. A nomination hearing for Gomez is scheduled for this Thursday, June 22nd.
During the COVID-19 pandemic, broadband provider Comcast temporarily removed data caps, but it continues to impose a 1.2TB data cap on certain contracts in some US regions. Charter's deal with the FCC to not impose data caps on its Spectrum service (struck when it acquired Time Warner) ended this year, but the company recently said it has "no plans to [restart data caps] when the condition sunsets."
Along with the proposed Notice of Inquiry, the FCC has opened a new portal to allow consumers to share how data caps have affected them (on fixed or wireless broadband networks) at fcc.gov/datacapstories. That will help the FCC determine how data caps impact access for everyone "including those with disabilities, low-income consumers, and historically disadvantaged communities, and access to online education, telehealth and remote work," the Commission wrote.
This article originally appeared on Engadget at https://www.engadget.com/the-fcc-is-preparing-to-take-a-fresh-look-at-internet-data-caps-084245899.html?src=rss