D-Link Forums
The Graveyard - Products No Longer Supported => Routers / COVR => DIR-655 => Topic started by: dirkpitt on March 16, 2010, 12:56:14 PM
-
UPDATE: 1.34 beta Appears to have remedied this issue!! April 13, 2010
I decided that I would see if I could prove that the 1.33NA firmware is directing traffic to the dir-655.bsecure.com website for Internet address resolution, and that it could be done by adding the URL to the list of blocked sites on my router.
THIS IS A VERY PAINFUL DIRECTION TO TAKE: CASUAL USERS TO NOT ATTEMPT!
Here are my notes from my little adventure:
-Log in to the router, choose Advanced->Website Filter
-Select "Deny computers access to ONLY these sites", and add dir-655.bsecure.com
-Reboot router (although not prompted: these changes do not take effect until the router is rebooted)
Try using a browser to go ANYWHERE. This brings me to a Securespot page that prompts: "Access Control Alert: New Computer Detected"
Of course, my next step is to confirm that SecureSpot is disabled. Advanced->Securespot. Yes it is.
Returning to the Access Control Alert, I notice a link at the bottom of the page that says "If you would like to turn off this Access Control protection feature, click here", which results in a prompt for an administrator password. This is the password that was configured if you used the SecureSpot trial.
Once entered correctly, I am told "The new settings have been saved. The device must retrieve the new settings before they take effect. Click the button below to apply the settings. (Click Apply Settings button).
This causes an infinite loop!!! The browser cycles between Access Control and loading... never finishing. The Log details on the browser are growing quickly with repeated "Blocked outgoing TCP packet from 192.168.0.190:3188 to 64.78.164.232:80 as FIN:ACK received but there is no active connection" . I closed the page where I chose to "Apply Settings" after 3 minutes of this error message scrolling away...
Now this happens when I attempt to browse anywhere requiring a URL: a continual cycle between Access Control and "loading...". Disable the website blocking... the problem persists for awhile after a reboot (couple of minutes). All of the bookmarks that I attempted to use (which were cycling as mentioned above) now have the SecureSpot logo associated with it like as if it is a virus.
Manually set the DNS servers for my ISP. And reboot. Still has the same problem. I've been clicking the Latest News RSS Feeds from the BBC (in Firefox, and even their icons are being replaced. Cannot access any sites. System has spontaneously rebooted twice in the last eight minutes. The time on the unit has now been reset to January 30...
Deleted all DNS settings. I'm sorry, firmware gods!! ...and... reboot. Whew! I can get back to forums.dlink.com to report in!! Yay!
I just hope that the firmware gods can reproduce this one!!!
Hardware: A4, firmware: 1.33NA
UPDATE: 1.34 beta Appears to have remedied this issue!! April 13, 2010
-
Logs available on request.
I conclude that this proves that SecureSpot is a security breach in itself, and that a SecureSpot-free firmware release a necessity.
-
Logs available on request.
I conclude that this proves that SecureSpot is a security breach in itself, and that a SecureSpot-free firmware release a necessity.
I agree that Securespot should be removed, but you are 100% aware that every single site you go to and your activities are logged by MULTIPLE servers, correct? Your ISP and the multiple servers used to route you there record your IP and your activity whether you want it to or not. There are ways to work around it, but ultimately you're never going to notleave a trace.
Plus, D-Link has said before that they're going to release a SecureSpot-free firmware.
-
I'm perfectly fine with my traffic going through reliable, necessary servers.
SecureSpot doesn't fit either of these two descriptors.
Also, Lycan said that D-Link would release Beta firmware for the interim. I want a new branch of firmware that does not include SecureSpot's services and infrastructure.
-
...it is also interesting to note that I could not get address resolution when I entered the DNS servers specified by my ISP. Has anyone else encountered this?
-
I decided that I would see if I could prove that the 1.33NA firmware is directing traffic to the dir-655.bsecure.com website for Internet address resolution, and that it could be done by adding the URL to the list of blocked sites on my router.
THIS IS A VERY PAINFUL DIRECTION TO TAKE: CASUAL USERS TO NOT ATTEMPT!
Here are my notes from my little adventure:
-Log in to the router, choose Advanced->Website Filter
-Select "Deny computers access to ONLY these sites", and add dir-655.bsecure.com
-Reboot router (although not prompted: these changes do not take effect until the router is rebooted)
Try using a browser to go ANYWHERE. This brings me to a Securespot page that prompts: "Access Control Alert: New Computer Detected"
Of course, my next step is to confirm that SecureSpot is disabled. Advanced->Securespot. Yes it is.
Returning to the Access Control Alert, I notice a link at the bottom of the page that says "If you would like to turn off this Access Control protection feature, click here", which results in a prompt for an administrator password. This is the password that was configured if you used the SecureSpot trial.
Once entered correctly, I am told "The new settings have been saved. The device must retrieve the new settings before they take effect. Click the button below to apply the settings. (Click Apply Settings button).
This causes an infinite loop!!! The browser cycles between Access Control and loading... never finishing. The Log details on the browser are growing quickly with repeated "Blocked outgoing TCP packet from 192.168.0.190:3188 to 64.78.164.232:80 as FIN:ACK received but there is no active connection" . I closed the page where I chose to "Apply Settings" after 3 minutes of this error message scrolling away...
Now this happens when I attempt to browse anywhere requiring a URL: a continual cycle between Access Control and "loading...". Disable the website blocking... the problem persists for awhile after a reboot (couple of minutes). All of the bookmarks that I attempted to use (which were cycling as mentioned above) now have the SecureSpot logo associated with it like as if it is a virus.
Manually set the DNS servers for my ISP. And reboot. Still has the same problem. I've been clicking the Latest News RSS Feeds from the BBC (in Firefox, and even their icons are being replaced. Cannot access any sites. System has spontaneously rebooted twice in the last eight minutes. The time on the unit has now been reset to January 30...
Deleted all DNS settings. I'm sorry, firmware gods!! ...and... reboot. Whew! I can get back to forums.dlink.com to report in!! Yay!
I just hope that the firmware gods can reproduce this one!!!
Hardware: A4, firmware: 1.33NA
Tried this on five of the systems I take care of with DIR 655 on them.
Result was this did nothing to stop normal access to sites.....Mythbusted I say. :o
-
Serious? This answer is surprising to me. Is my router just a lemon? Hmm...
Here's a small excerpt from my logs to show that it was fubar:
[INFO] Sat Jan 30 16:51:40 2010 Blocked outgoing TCP packet from 192.168.0.190:3665 to 64.4.50.62:80 as ACK received but there is no active connection
[INFO] Sat Jan 30 16:51:40 2010 Blocked incoming TCP packet from 64.78.164.232:80 to 68.146.106.15:3150 as FIN:ACK received but there is no active connection
[INFO] Sat Jan 30 16:51:39 2010 Blocked incoming TCP packet from 64.78.164.232:80 to 68.146.106.15:3148 as FIN:ACK received but there is no active connection
[INFO] Sat Jan 30 16:51:38 2010 Blocked incoming TCP packet from 64.78.164.232:80 to 68.146.106.15:3146 as FIN:ACK received but there is no active connection
[INFO] Sat Jan 30 16:51:38 2010 Blocked incoming TCP packet from 64.78.164.232:80 to 68.146.106.15:3144 as FIN:ACK received but there is no active connection
[INFO] Sat Jan 30 16:51:38 2010 Blocked incoming TCP packet from 64.78.164.232:80 to 68.146.106.15:3142 as FIN:ACK received but there is no active connection
[INFO] Sat Jan 30 16:51:38 2010 Blocked incoming TCP packet from 208.69.153.136:80 to 68.146.106.15:3327 as RST:ACK received but there is no active connection
[INFO] Sat Jan 30 16:51:37 2010 WAN interface speed measurement completed. Upstream speed is 1014 kbps
[INFO] Sat Jan 30 16:51:32 2010 (SSID Replaced): Wireless system with MAC address (MAC Replaced) disconnected for reason: Received Deauthentication
[WARN] Sat Jan 30 16:51:22 2010 A network computer (Wii) was assigned the IP address of 192.168.0.194.
[WARN] Sat Jan 30 16:51:20 2010 Above message repeated 1 times
[INFO] Sat Jan 30 16:51:20 2010 (SSID Replaced): Wireless system with MAC address (MAC Replaced) secured and linked
[INFO] Sat Jan 30 16:51:20 2010 (SSID Replaced): Wireless system with MAC address (MAC Replaced) associated
[INFO] Sat Jan 30 16:51:20 2010 Above message repeated 1 times
[WARN] Sat Jan 30 16:51:00 2010 A network computer (PCID Replaced) was assigned the IP address of 192.168.0.190.
[WARN] Sat Jan 30 16:50:59 2010 A network computer (PCID Replaced) was assigned the IP address of 192.168.0.198.
[INFO] Sat Jan 30 16:50:59 2010 (SSID Replaced): Wireless system with MAC address (MAC Replaced)secured and linked
[INFO] Sat Jan 30 16:50:59 2010 (SSID Replaced): Wireless system with MAC address (MAC Replaced)associated
[INFO] Sat Jan 30 16:50:59 2010 Above message repeated 1 times
[INFO] Sat Jan 30 16:50:53 2010 Wireless link is up
[INFO] Sat Jan 30 16:50:51 2010 Starting DHCP server
[INFO] Sat Jan 30 16:50:46 2010 Estimating speed of WAN interface
[INFO] Sat Jan 30 16:50:45 2010 Obtained IP Address using DHCP. IP address is 68.146.106.15
[INFO] Sat Jan 30 16:50:44 2010 Bringing up WAN using DHCP
[INFO] Sat Jan 30 16:50:44 2010 WAN interface cable has been connected
[INFO] Sat Jan 30 16:50:43 2010 LAN interface is up
[INFO] Sat Jan 30 16:50:43 2010 LAN Ethernet Carrier Detected
[INFO] Sat Jan 30 16:50:42 2010 Device initialized
[WARN] Sat Jan 30 16:50:42 2010 Wireless schedule init
[INFO] Sat Jan 30 16:50:42 2010 No Internet access policy is in effect. Unrestricted Internet access allowed to everyone
Of course, the bottom of the log is the first entry, with newer entries going up...
-
Tried this on five of the systems I take care of with DIR 655 on them.
Result was this did nothing to stop normal access to sites.....Mythbusted I say. :o
What's your configuration? H/W version? SecureSpot subscriber? F/W?
-
What's your configuration? H/W version? SecureSpot subscriber? F/W?
A3 and A4 with 1.33NA
Never had securespot trial.
-
I've blocked besecure.com via OpenDNS and while I still get a hijack when recycling the power on both the modem and the router, the site itself is effectively blacklisted and blocked.
One very interesting thing I have noticed since blocking besecure.com is that my web browsing in general is much much snappier. I don't know if it's related to this blocking of besecure.com or not but it's the only change in my network/system configuration of 3 Macs and a Windows box since this fiasco.
Sidenote: I would heartily recommend OpenDNS to anyone. It is free and tried and tested by public and private universities and other educational institutions as well as public libraries and various WiFi hotspots. I'm not a shill and have no interest in OpenDNS other than being a happy customer. I only mention this to highlight that there is a much more stable and trial-tested way to ''be secure'' than this silly feature--one that should be excised completely out of the firmware.
I repeat my call for D-Link to get the basics working first before trawling for extra cash.
-
A3 and A4 with 1.33NA
Never had securespot trial.
Interesting... I wonder if the expiration of my trial period and my lack of disabling the "Access Control" online could be partially to blame...
I tried to replicate the issue myself, and didn't get the same result. I'm guessing that it is could be a combination of reasons:
1. The first time my router was SNAFU'ed because there was some time between having the "Access Control" feature disabled by me, and de-registered by the bsecure server...
2. Since I have attempted to block dir-655.bsecure.com a second time, none of the sites that I've listed are actually being blocked.
Cobra, can you confirm that dir-655.bsecure.com is really being blocked when you attempt this?
-
I've blocked besecure.com via OpenDNS and while I still get a hijack when recycling the power on both the modem and the router, the site itself is effectively blacklisted and blocked.
One very interesting thing I have noticed since blocking besecure.com is that my web browsing in general is much much snappier. I don't know if it's related to this blocking of besecure.com or not but it's the only change in my network/system configuration of 3 Macs and a Windows box since this fiasco...
I notice that you refer to it as besecure.com, whereas I have been encountering issues with dir-655.bsecure.com. Are you paraphrasing the site name, or are we encountering different sites?
-
I notice that you refer to it as besecure.com, whereas I have been encountering issues with dir-655.bsecure.com. Are you paraphrasing the site name, or are we encountering different sites?
Typo on my part. I blocked bsecure.com. I didn't include the dir-655- part because if I just block the entire domain that should take care of it...unless I'm mistaken.
-
Well, I thought that I would try tinkering some more because it really annoys me that I saw the problem, and wasn't able to reproduce it. (My professional background involves evaluating firmware/software and developing test processes to evaluate product integrity so I do not like leaving inconsistencies like this unresolved...)
This time I only entered "bsecure.com" in the websites to block rather than the full dir-655.bsecure.com, plus another url to see if it was blocked. Personally, I would like to leave the bsecure.com site blocked because I have no use for it. After a reboot I was unable to use any of my usual bookmarks (except the one for the web interface for my email at my ISP which was odd) as the address was not resolved.
Went to blank the blocked sites so that I could report my findings but then I was getting the cycling between dir-655.bsecure.com and loading again! All other sites were blocked! Not even the email site this time! Having already undone all of the changes that I had made to the website filtering, now I was at a loss as to how to restore my internet services.
So this leaves just my router's IP viable. I tried entering just the base dir-655.besecure.com website. The login site appears. Nothing else to do, so I log in. Of course it shows all of the equipment on my network. Nice. Pretty cool that that still gets updated considering that I've disabled it, right? NOT! >:( There was an option to delete my account, so I used it.
So, to stop SecureSpot you need to:
1. De-select the checkbox in the firmware on your router
2. Turn off the Access Control on the dir-655.bsecure.com website
3. Delete your account on the dir-655.bsecure.com website
...I'm hoping that this is all... ::)
Log off, reboot, things seem normal again. For how long? Any guesses?
-
My last post was incomplete. I did not block bsecure.com on the router, rather I blocked it on OpenDNS, since that is what I use. My web browsing is snappier and I'm definitely leaving bsecure.com blocked along with every site in Russia, China and the other ''bad guys.''
Seriously, for anyone reading this, having that extra layer of security with something like OpenDNS on your home network is totally worth it. Besides having a secure router (not this one obviously), some sort of basic firewall and antivirus running on the software/computer level (I like ClamXAv and Little Snitch--on the Mac), and then surfing with only Firefox and select security related add-on's (like CS Lite, BetterPrivacy, NoScript, Privacy Plus, RequestPolicy--to mention a few), you can avoid at least 90-percent of the web pitfalls. With half-way intelligent habits like not clicking on links in email and other common sense, maybe 95-percent.
If anyone does go for OpenDNS, I urge them to block bsecure.com and report it as a malware site until this fiasco is fixed. We've been betrayed by D-Link by their including this carp (sic) in their router firmware. Those choosing not to take advantage of a ''real'' secure service like OpenDNS, I urge you to somehow block bsecure.com with your own Internet service provider. This should bring the message home loud and clear about future betrayals like this. Unfortunately now, D-Link has a big blemish on their image that they could have avoided had they taken security seriously and kept their firmware clean.
-
You know that blocking bsecure.com on an external DNS server doesn't mean that the router isn't going there on it's own right?
-
You know that blocking bsecure.com on an external DNS server doesn't mean that the router isn't going there on it's own right?
Yeah, unfortunately, but if that is the case, then D-Link is probably in real trouble for non-disclosure and possible FCC violations. I'm no expert--but any electronics communication that performs things that are not specifically authorized by a consumer is a violation of some sort. There are multiple levels of government agencies that deal with this sort of thing. The only folks that do and get away with this behavior--because they can--is the NSA.
Either way, by enough folks listing bsecure.com as a malware or otherwise generally ''bad'' site, I think the message will be clear that going behind our backs like this will only lead to trouble down the road. By blocking it, a paper trail of sorts is started. It's sad that we had to be surprised by this nefarious activity in the first place.
Personally I just want D-Link to light a fire under and fix this thing. It may be too late though, unfortunately.
-
We have plenty of people that use the Bsecure feature and enjoy it added parental controls and other security enhancements. If your router is continuing to use the bsecure DNS servers for resolution, send me a packet capture as well as a screen shot of your WAN settings page. If Securespot is disabled then the router will only use the DNS servers listed on the WAN page.
IF this is not the behavior you are seeing PM me and I'll personally handle your unit myself.
-
PMed for packet capture guidance...
-
We have plenty of people that use the Bsecure feature and enjoy it added parental controls and other security enhancements. If your router is continuing to use the bsecure DNS servers for resolution, send me a packet capture as well as a screen shot of your WAN settings page. If Securespot is disabled then the router will only use the DNS servers listed on the WAN page.
IF this is not the behavior you are seeing PM me and I'll personally handle your unit myself.
How does one go about doing this? Securespot is disabled but I still get redirects to the login page. Nothing whatsoever shows up in the router's log that suggests anything to do with securespot is occurring. (which is somewhat disconcerting, if this isn't being logged what else isn't?)
I've never dealt with individual packets before so I wouldn't know how to capture one or what, exactly, that would look like (or what it's supposed to look like).
Knowing how Google handles f*kups like this makes me wonder why other companies have such a difficult time with it. When Google releases something or discovers a major problem the first thing they do is stick a bunch of engineers in a room with the sole task of fixing the issues that come up. This "war room," as they're called, tends to consist of between five and fifteen people who know the software intimately and they work until the issues have been fixed. This is a highly efficient process that seems to get most problems solved within a few hours of the initial identification of the problem (not the initial report, but when the problem has been confirmed as a problem). Were this a Google router chances are there would have been a solution provided long before 90% of us noticed it. (that's not to say that Google gets every problem fixed right away, but you can be almost guaranteed that, if it's a major problem on their end and you're not one of the first few people to encounter it they have already set at least 5 engineers to work on it, minor problems tend to take longer to fix, but this is understandable as they have a lower priority). This idea is very similar to (and possibly based on) how some open source projects work.
Apparently D-Link prefers the Microsoft method: If a problem occurs, ignore it. If the problem continues to occur, announce that there is no problem. If the problem still continues secretly put a couple low-paid (or, better yet, unpaid) intern engineers on it and see if they can fix it. If your low-cost engineers can't fix it put your better engineers on it, under no circumstances should the public be made aware that you are working on the officially non-existent problem. Six to twelve months later, when you have a workable, but mostly untested, solution announce that there's a solution to the previously unrecognized problem. Stop all work on this problem and, if/when it recurs start the process from the beginning. Also start from the beginning if the patch introduced other problems, under no circumstances should engineers ever communicate with each other, especially if they are, or have been, working on the same or similar issues or projects, that's what managers are for.
Personally I think Google's method works better and keeps people coming back for more. Microsoft's method actively drives customers away and only works because most customers don't know about, or are scared of, the alternatives.
-
...send me a packet capture as well as a screen shot of your WAN settings page. If Securespot is disabled then the router will only use the DNS servers listed on the WAN page...
Please just forget trying to figure this out and focus for the present on releasing a bare-bones and fully functional firmware without these problematic features that are no more than the equivalent to annoying pop-up's on a web page!
''Handle'' that.
If this Secure Spot feature were something free like OpenDNS, it would be one thing, but it's not.
It's really just so monumentally frustrating to pay for a device to do one thing and one thing only, only then to be subjected to this abusive adware feature that has ultimately compromised the intended purpose of the device itself!
How can you not see this?
The priorities are all upended there. You're sacrificing stability, security, customer confidence and ultimately trust in your products by this behavior.
-
Just found this on the ftp.dlink.com server:
A description of the SECURESPOT signup temporary redirect:
Select D-Link routers may now be upgraded to support SECURESPOT 2.0, a managed security suite that provides a multi-layered defense against the constantly changing list of Internet threats with robust parental control features. While we are excited about this new offer, we also want to ensure we don’t cause confusion with our customers. (http://www.dlink.com/securespot-router/).
When the router is updated with 1.21 SecureSpot firmware that is used for the first time, the router prompts the user with an opportunity to sign up for SECURESPOT, which is optional. Some users are confused about this. It is important to know that this is a temporary redirect to a signup page. This is NOT a permanent change to the router and does NOT affect the browser, searches, domain lookups, or DNS. Thus it should not be confused with a hijack
This http redirect is a common technique that is widely used as an automated method to assist users in signing up for security software before a connection to the Internet is made, thus ensuring that the user's network is secure before browsing the World Wide Web.
Currently, the sign up messaging uses two windows. Users can simply select “Cancel” in both windows and the router will then work normally, without activating SECURESPOT, and the signup page will no longer appear. It is important that users select "Cancel" rather than closing the window by clicking the X in the upper-right corner.
Clicking the X is a non-event and does not signify Cancel or Accept. Thus clicking the X will allow the router to prompt the user to sign up again later. To suppress repeated signup prompts, simply select "Cancel" in both windows.
If a user selects "Free Trial", a free trial period will begin. The user has the option to cancel the free trial
at any time prior to expiration without incurring any charges.
D-Link is improving the process and signup prompts so that users will have a clearer understanding of how to accept the service if they desire, or to eliminate further prompt messages if they are not interested in the service.
1. Why doesn't D-Link post something like this on these forums, or a link to this?
2. What dead-end street is your firmware thrown into if you DON'T click "Cancel" in both windows?
3. What happens if you DO sign up for the free trial and then decide not to extend your subscription?
I honestly don't think that anyone at D-Link has a good answer to any of these questions.
When will there be a SecureSpot-free firmware release?
-
Solution for annoying BS SECURE
http://forums.dlink.com/index.php?topic=11791.90
cheers
-
Solution for annoying BS SECURE
http://forums.dlink.com/index.php?topic=11791.90
cheers
Not a solution, as I said in the other thread. Tossing the whole thing in the trash is another solution, one that doesn't involve any security risk like your "solution" does.
-
I deleted my SecureSpot account on March 17, and haven't had anymore spontaneous redirects from my router, which means that it's performance is improving.
I have tried again to reproduce the effect by blocking bsecure.com, but have found since that the router doesn't really block anything at all. I can still navigate to any and all of the sites that I've listed on my website filter, although I have Access Control enabled, created a Policy as follows:
Enable Access Control -> Add Policy -> Next -> (Policy Name) "Website" -> (Select Schedule) Always -> (Select Machine) Other Machines -> OK -> Next -> (Filtering Method) Block Some Access -> check Apply Web Filter-> Next -> (Web Access Logging) Enabled -> Save
Am I missing something here?
-
I deleted my SecureSpot account on March 17, and haven't had anymore spontaneous redirects from my router, which means that it's performance is improving.
I have tried again to reproduce the effect by blocking bsecure.com, but have found since that the router doesn't really block anything at all. I can still navigate to any and all of the sites that I've listed on my website filter, although I have Access Control enabled, created a Policy as follows:
Enable Access Control -> Add Policy -> Next -> (Policy Name) "Website" -> (Select Schedule) Always -> (Select Machine) Other Machines -> OK -> Next -> (Filtering Method) Block Some Access -> check Apply Web Filter-> Next -> (Web Access Logging) Enabled -> Save
Am I missing something here?
I had the same thing happen, i had to add all PC's to the policy, only than will block Bsecure site.
-
Thanks Tony... I will give this a shot tonite.
-
No dice. Added the maximum number of PCs to the policy, and nothing is being blocked.
Any other suggestions?
-
humm, worked on mine.. added Besure to the deny list and works, if i try to access Bsecure i get "forbidden web access" page. Sorry if didn't work for you.. i'm still at 1.21 if maybe thats the difference
-
Sigh. I feel resigned to regress to 1.21, so that some of the features on this router will work...
Thanks for your help TonyT!
-
I am glad I found this thread because I am loosing my mind. I have originally subscribed to secure spot then I turned it off and let the subscription run out because it was messing up my system. Now I get my web access blocked even though I have turned off the secure spot feature in the router and it takes me to secure spot site something about my membership not being paid. I turned the freaking feature off in the router I shouldn't be redirected anywhere the feature is garbage! It makes the router useless sometimes I have to reset the router few times and then I get access to sites again for a while and then it goes back to bsecure site again.
I know it's the router cause the only other solution that I found that allows me to connect to web is with my VPN service. If D-Link doesn't provide solution to this issue A.S.A.P. I am throwing my DIR-655 in the garbage and I am buying another brand, this issue is ruining D-Links reputation I have other D-Link products but after this experience if this doesn't get resolved I am finished with the brand!
-
I am glad I found this thread because I am loosing my mind. I have originally subscribed to secure spot then I turned it off and let the subscription run out because it was messing up my system. Now I get my web access blocked even though I have turned off the secure spot feature in the router and it takes me to secure spot site something about my membership not being paid. I turned the freaking feature off in the router I shouldn't be redirected anywhere the feature is garbage! It makes the router useless sometimes I have to reset the router few times and then I get access to sites again for a while and then it goes back to bsecure site again.
I know it's the router cause the only other solution that I found that allows me to connect to web is with my VPN service. If D-Link doesn't provide solution to this issue A.S.A.P. I am throwing my DIR-655 in the garbage and I am buying another brand, this issue is ruining D-Links reputation I have other D-Link products but after this experience if this doesn't get resolved I am finished with the brand!
Hi msvar,
Question: Have you performed a Factory Reset on the Router, after letting Secure Spot trial or Subscription lapse?
I would not throw it out, just perform a Factory Reset. Then log into its settings, once back up using a Lan Computer, and restore the Wireless Settings you were using.
-
thecreator, have you seen this issue? Have you done this to successfully "heal" your router? (Honestly hoping here....)
-
Hi msvar,
Question: Have you performed a Factory Reset on the Router, after letting Secure Spot trial or Subscription lapse?
I would not throw it out, just perform a Factory Reset. Then log into its settings, once back up using a Lan Computer, and restore the Wireless Settings you were using.
No I have not but I called D-Link there solution is to turn both Access Control and Securespot Off, and yes that fixed the problem. Apparently BSecure is linked to Access Control feature. When I was informed about this I got really upset to me Access Control should be independent from Securespot feature, I have had Access Control ON for a reason to control access to other NET devices, it shouldn't be dependent on Securespot as far as I am concern. The unit is crippled by this and D-Link better finds a solution to this soon! I need basic Access Control that doesn't rely on a paid service all better Routers have this.
-
So the access control feature doesn't work unless you are a SecureSpot subscriber. Chalk up another failure attributed to SecureSpot! >:(
-
So the access control feature doesn't work unless you are a SecureSpot subscriber. Chalk up another failure attributed to SecureSpot! >:(
Not exactly the feature works without SecureSpot but it's somehow linked to SecureSpot. If you've never subscribed or tried SecureSpot then you should have no problems. I have Dir-655 at work and I never tried or subscribed to BSecure on that Router and I have no problem using Access Control features with that router. On the other hand I paid for 1 year subscription to BSecure on my home router then I let the subscription run out because of issues I have with the service it doesn't work to my satisfaction and caused problems. Interestingly computers that I had when I subscribed to secure spot get message in address bar something about unpaid subscription and computer I purchased after the subscription run out I get a message that it's not registered. It comes across as an extortion tactic obviously BSecure is keeping track of private MAC addresses which I find disturbing for a non subscriber even when the service is turned off.
Now my web access is not blocked off all the time, it is sporadic, it happened last Friday and Saturday and this Friday again. This time I called D-Link, the procedure step one was to set check mark for BSecure ON then save it, then check it off and save it again, then go and turn off Access Control and save it after that my web access came back on. This is a serious flaw. I was told afterwards that I can turn the Access Control Back on if I use it (and I do) and that it should work, but for how long? These blockages are sporadic and they shouldn't occur at all! Don't tell me that I have to go through this hassle every time I get blocked off. What if I am not at home? Others using web wouldn't know what to do, they would have to wait until I get back to gain access to the web.
For one thing I do not like the fact that some 3rd party company that I do not want to have anything to do with can disable functionality of my Router without my consent and tracks MAC and IP addresses of devices on my private network this is very serious.
I really lost it when I spoke with the tech support about this over the phone that's the only thing I feel really bad about because this issue is not his fault but it's D-Links problem and they should've been on top of it right from beginning, this is ruing their reputation.
-
Today after having my dir-655 working with securespot disabled all my http requests were being redirected to bsecure.com add device by mac address page which would refresh indefinitely without ever loading anything useful of getting me to my destination url.
I did mistakenly sign up for securespot when i setup my router since I thought it was part of the router authentication. I disabled securespot and canceled my account the same day.
Today I double checked that securespot was disabled in my router admin. It was. I had to enable securespot, click save, then disable and click save before I could browse the web. Please add me to the list of users who would like firmware without securespot included.
-
So, it sounds less like the bsecure.com servers are really the issue, and more like the expiry of the trial period may be the culprit. Unless the bsecure.com servers and/or network are highly unreliable.... :-X
-
I have not yet had the time/opportunity to re-flash and manually re-enter all of my settings as a last-ditch effort to see if the settings were somehow corrupted and re-installed over each upgrade since pre-1.3X firmware as suggested by marmoduke to see if Access Control will work.
In the meantime I thought that it is prudent to make a post here to indicate that if the enable/disable SecureSpot control was sporadically not having any effect prior to 1.34 beta, then this problem was likely the root cause of this whole issue (as indicated in thread title).
I have not seen any further issue with being redirected since upgrading to 1.34 beta. Hooray! :D
-
I have the same problem I tried the SecureSpot trial then didn't pay for the service. I have to daily go into the router enable/disable securespot to browse the net. I'm almost ready to ditch the 655 and use the POS that FIOS gave me. I'll try the 1.34 beta before I pitch the 655 to the curb...
-
Please do report back on your results!
-
Well I've run the firmware update but my router still shows ver 1.33. I have an A2 hardware revision does that stop anything or does the firmware not show 1.34? I still had to log into the router enable/disable securespot.
**update I had to perform a hard reset/Factory default and I was able to load the 1.34b firmware. Now we shall see if SecureSpot shows its ugly face. ****
-
I'm perfectly fine with my traffic going through reliable, necessary servers.
SecureSpot doesn't fit either of these two descriptors.
Also, Lycan said that D-Link would release Beta firmware for the interim. I want a new branch of firmware that does not include SecureSpot's services and infrastructure.
OK people... Let's try getting them to fix this via PR war... DLINK has FACEBOOK and TWITTER follow pages... Post and let them know how you feel about the included MALWARE!
-
Well I've run the firmware update but my router still shows ver 1.33. I have an A2 hardware revision does that stop anything or does the firmware not show 1.34? I still had to log into the router enable/disable securespot.
**update I had to perform a hard reset/Factory default and I was able to load the 1.34b firmware. Now we shall see if SecureSpot shows its ugly face. ****
If it still indicates 1.33, it's still running 1.33. I (and others) had to perform a factory reset by depressing the reset button on the back before the 1.34 would flash successfully.
-
1.34 allows for the secure spot client to be completely disabled. When you load the code it will still have a check mark in the box, disable it and it should never bother you again.
-
install 1.10 works perfect had it for 2 years
-
I'll add my 2 cents. Back in April I upgraded to 1.33. Not fully understanding what SecureSpot was (I thought it was a regular feature), I signed up for it. Realizing my mistake, I contacted D-Link and they gave me a backdoor method of disabling it. Fast forward to present.
I purchased a new laptop and fired it up. It found my home network, but couldn't connect to the internet. Messages were something like DIR-655 Bsecure New device, followed by some hex addresses or data. I looked up the recent version of firmware and 1.34 says it addresses a Bsecure issue, so, I updated to ver. 1.34
Tried my new PC again, same result, no internet access. After reading this forum and other blogs, I checked to see if SecureSpot was enabled. Yep, ver. 1.34 comes with it enabled (bad idea). So, I disabled SecureSpot and Bingo, my new PC works just fine. Not sure exactly what the connection is between Bsecure and SecureSpot, but my PC now works. Seems like some of this software doesn't play nice together. D-Link Tech was not able to help with this issue. They insisted the router was working fine. I had to find the solution on my own. Hope this helps someone.
-
SecureSpot is the product, and bsecure.com is the URL.
My understanding is that the radio button for toggling the enable/disable state of SecureSpot was not properly being interpreted correctly by the firmware: It was being enabled on some routers although the displayed status indicated that it was disabled.
FW 1.34 was to fix this issue.