cancel
Showing results for 
Search instead for 
Did you mean: 

Virgin Media Smart Security - Hub 5

t1atum
Joining in

Did anybody else get the notification to turn on the new Smart Security in the hub 5 today; and that they are trialling this new security software in the hub 5’s? I’ve turned on to see, but intrigued if others will be. Think it’s only the hub 5’s that have it so far? My hub is in modem mode with a Nest Pro mesh so wasn’t expecting it to work, but it did activate

13 REPLIES 13

legacy1
Alessandro Volta

Its possible that VM have made it work for modem mode but they shouldn't have.

---------------------------------------------------------------

Client62
Alessandro Volta

Smart Security has been described as a DNS based security product, so intended for Router mode.

The  version of Hub 5 firmware that contains Smart Security has also been reported has having the old DHCP failure issues and non functions WPA3-SAE i.e. has lost the fixes of the last firmware update.

DNS interceptions and timeouts have been a known issue on Hub 5's in Router mode.

It would be interesting to understand if Smart Security brings DNS interceptions to Modem mode - i.e. where a 3rd Party Router is using say Google DNS we would hope that is not subject to DNS interceptions and timeouts for AWS hosts and blocking of DoH & DoT.

legacy1
Alessandro Volta

With DoH & DoT makes you wonder why VM are doing this

---------------------------------------------------------------

Adduxi
Very Insightful Person
Very Insightful Person

I believe you need to use the Connect App to opt in, as well as having a Hub 5.  As I don’t use the app hopefully this will never activate on my Hub 5 in modem mode. 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Dasein
On our wavelength

Does this mean if I set up my Private DNS on Android (or whatever) ...it'll be forced to go through Virgin Media O2 & become useless at preventing more information being sent to the ISP? 🤔 

 

 

Hopefully Beta Tester/Tech-Trialist: At some point

legacy1
Alessandro Volta

you can check what DNS your using here

What Is My DNS Server? Check Your DNS Server Address (top10vpn.com)

but if your sending DNS in the clear to any DNS VM can see it not that I think this is a problem

---------------------------------------------------------------


@legacy1 wrote:

With DoH & DoT makes you wonder why VM are doing this


From what I can tell, the service running on the hub is "Sense" from F-Secure (I don't have access to test it myself). Sense can do deep packet inspection, so even after you have queried the DNS server, it is able to block the connection (unless using a VPN).

Client62
Alessandro Volta

Hub 5 DNS interception are easy to spot,  perform :     nslookup hp.com 8.8.8.8
if the resolving DNS is not dns.google the Hub 5 has intercepted & redirected the DNS query.

gitty
Fibre optic

How does the reply look? If Sense in running on the hub, you cannot tell from doing a nslookup (you can tell from the prolonged response time, if the name is not in Sense's cache).