Msft 50 Asus Router

Microsoft Community

Asus Router Caught Spying on Users With Microsoft Tracking Code

Background

A recent discovery has raised concerns about the privacy practices of Asus routers. Users have reported that their routers are displaying an unusual string of characters, "MSFT 50," in their router logs, suggesting potential tracking by Microsoft.

Technical Details

Asus routers, when using the Merlin firmware, are equipped with a DNS probing feature. This feature initiates connections to various domains to determine internet connectivity. Researchers have discovered that one of these connections is made to a Microsoft-owned domain, "msft50.net." This connection is made regardless of whether the user has consented to or is even aware of it.

The "MSFT 50" string observed in the router logs is likely a result of this DNS probing. When a router connects to a domain, it receives a response packet containing various information, including the domain's IP address. In this case, the response packet from "msft50.net" appears to be causing the router to display "MSFT 50" in its logs.

Privacy Implications

The presence of Microsoft's tracking code on Asus routers has raised privacy concerns. Microsoft is known for its extensive data collection practices, and the fact that this tracking is occurring without users' knowledge or consent is alarming. The data collected by Microsoft could potentially be used for various purposes, including targeted advertising, user profiling, and even surveillance.

Asus's Response

In response to the discovery, Asus released a statement acknowledging that the DNS probing feature in Merlin firmware can make connections to Asus servers and third-party domains, including "msft50.net." However, Asus emphasized that the data collected is limited to basic connectivity information and is not used for tracking or advertising purposes.

Recommendations

Given the privacy concerns raised, users may want to consider the following actions: * Disable the DNS probing feature on their Asus routers. * Regularly check their router logs for any suspicious activity. * Consider using a third-party firmware, such as OpenWrt, which does not include the DNS probing feature. * Be mindful of the data they transmit over their home networks and take steps to protect their privacy.

Ingmar Verheij