On Wednesday, F-Secure introduced Router Checker, a free tool that quickly scans your router for anything unusual such as weird DNS settings. Yet while security firm F-Secure is a trusted source, one can't help but wonder what the company is collecting in the scan. We asked F-Secure about the tool and what it's doing with the information.
First up, we asked the company about the data it collects when scanning a router. Is F-Secure collecting personal information during the scan? The company reassured Tom's Hardware that personal information is not needed during the scan, nor does F-Secure have a business model that needs that kind of information. Protecting customers' privacy is a "core value" at F-Secure.
"Router Checker does not require user identification or login," a representative told us. "Even if we would collect router data, it would be of a purely technical nature and not connectable to the individual using the tool or owning the device."
"We encourage users to challenge the privacy of products and ask vendors this question," the rep added. "This attitude is of increasing importance in today's network environment. In the long run, there are no foolproof ways for users to know if a vendor is dealing with privacy properly. Users must review the privacy promise vendors are making and evaluate if it is trustworthy."
So what happens when F-Secure scans a router and finds suspicious settings? The company will provide instructions on the same page, informing the customer about how the router can be cleaned up and verified to be hacker-free. The visitor will also receive a possible reason as to why the router failed the scan. However, if F-Secure detects something highly malicious on its side, the company will contact the authorities.
Here's what the error will look like:
Potentially harmful issues were found.
Router Checker cannot verify your DNS server as safe, so it may or may not be dangerous.
This can mean you're using a DNS server that is different from the ones administered by your Internet service provider, or that your Internet set-up has been changed to use a server that Router Checker can't verify.
Here are some steps you can follow to fix any potential problems:
- Ask people with access to your router (such as friends or family members) if they've installed software or adjusted settings that make changes to your Internet set-up.
- Reset your router so it returns to its factory settings. Please remember to change your router's default password and disable any external administrator access privileges after the reset.
- Check the website of the router's manufacturer for software updates.
- Run a virus checker such as F-Secure SAFE or F-Secure Online Scanner.
- Run Router Checker again.
It might be a misdiagnosis if you complete these steps and Router Checker continues to give you the same result. You can provide feedback on the check to dnscheck at f-secure.com if this happens to you.
So how does this one-click service work? The rep said that Router Check uses proprietary software that's still in a very early stage. The software, which remains on the F-Secure side, checks for "inconsistencies, reputation and integrity." F-Secure offers this service for free because the company needs more traffic so it can develop the software even further.
As reported on Wednesday, routers with suspicious settings may be fixed by merely resetting the router to its factory default, or by updating the device's firmware. "Clean" routers taking the one-click test will receive a "No Issues Were Found" response along with details of the user's DNS server's IP address.