[kyrra]

(I'm a Googler, opinions are my own).

I think this is one of the awesome things about Google Wifi (aka: OnHub). It's fully managed from a phone app (via "the cloud"), so you get the authentication tied to your gmail account. It's also based on ChromeOs (chromebook OS), and follows a similar auto-update that Chromebooks get. So you are always running the latest firmware.

(There are obviously downsides to Google Wifi, my primary issue being that it doesn't have many of the advanced features that something like UniFi has. But for most people, it works well.).

[billions]

While your points are valid, it is a bit disconcerting to have the world's largest data monetizer watch all of a home's traffic. Google's promised benevolence may be temporary

[notheguyouthink]

Even more than that; I left Google (as a user, never employee) because I was scared of being banned. Seeing stories of users on Amazon / Google getting their account banned due to something related to a business concern, made me realize that if someone flagged a google app I had my whole life could come to a grinding halt. Phone, phone number, email, storage, internet access! All that because maybe I got reports on a phone app I wrote (hypothetical).

I'm doing nothing illegal or unethical, nothing wrong. Nevertheless, I ran from Google asap due to that reason alone. Google represented a massive single point of failure to my digital life.

I now use separate products for just about everything I own. While it's not as convenient as Google, I feel far more secure.

[wlesieutre]

Similar concerns, I recently used Google Express for a purchase, it worked fine, and then I deleted it. My Google account is my main email, and every new Google service is another opportunity for my whole account to get irreversibly banned.

Using Google with their famous lack of customer service to make purchases that I could conceivably need to put a chargeback on felt uncomfortably risky.

Tie my home internet connection to that? How do I know I won't get locked out of the cloud-integrated admin app? Why would I want it connected to anything Google?

The "one account everywhere" thing is convenient and great for their branding, but it's not great for my peace of mind.

[securityn0w]

Agree on lack of support. I have an account that is blocked. I forgot the password since it was always logged in. When I try to recover the password, it asks me a bunch of questions that I am pretty sure I am answering correctly. At the end it just tells me that the account cannot be recovered... even if I had the second factor authenticator still working and I punched in the right code. I searched high and low online but since they do not have any kind of support I have no way out. It is depressing.

[wlesieutre]

To be honest, if someone doesn’t know my password, doesn’t have my 2-factor code, and can’t answer the security questions, I don’t want them to be able to call up customer service and social engineer an account takeover. I don’t think there’s any amount of proof that I could provide but an adversary targeting me couldnt’t fake to convince a call center employee.

What I’m more worried about is their “You violated the TOS. We can’t tell you how you violated the TOS. We can’t unban your account.” If you don’t know someone at Google, you’re out of luck.

[compiler-guy]

Google also remotely wiped a bunch of its customers' routers, driving them off line and causing all sorts of problems.

Which isn't to say that home customers would have necessarily done better, but most people don't have random maintenance bring them down at random times.

https://www.theverge.com/2017/2/23/14722470/google-reset-onh...

[kyrra]

One nice thing with Google WiFi being based on CROS, is that it's mostly open source (about the same level as Android, where there are some binary blob board support packages). With that, there is custom firmware you can load know Google Wifis: https://github.com/marcosscriven/galeforce

As an aside, you can read the Google WiFi privacy details here: https://support.google.com/wifi/answer/6246642?hl=en

[bubblethink]

I think there is a pretty big distinction wrt routers, in that an end-user cannot build it. That link states as much under the, "Why not just build Chromium OS from source" section. Has anything changed ? With android at least, google distributes the blobs. This probably (?) explains why openwrt hasn't been ported to any of the google routers, although the availability of chromiumOS source would make you think that it would be straightforward.

[ebikelaw]

While it's amusing to consider that someone cares, the fact is that if someone wanted to specifically surveil you the most likely way to do so would be to crack into your computers and network devices. That's the real threat model. You want the device with the best functional security. I don't think you should rule out any candidates based on imaginary privacy issues.

[chungy]

Perhaps it's just because I'm not in the target demographic, but this is exactly the reason that Google Wifi is completely out of consideration if I ever need to buy a new router.

Give me local ssh and WebUI. No cloud, no phone apps.

[dsr_]

It will be particularly awesome on the day that Google's complaints system decides to close your account without recourse.

Not that that has ever happened, of course.

[securityn0w]

I installed Google WiFi for a friend.

I found aggravating that:

- I need a smart phone and install an app to set up and configure the router.

- I also like the effort of simplifying the router configuration but I found it is lacking an "advanced mode"

- why if the Internet is down, the internal network does not work at all?

[stryk]

Wow, really? Am i reading that right, that without an active WAN connection, the internal LAN connections don't work on Google WiFi hardware? That sounds more like an "Internet appliance" than it does a router.

[amaccuish]

Sorry but cloud is not an option on routers for me. I've had too many from various manufacturers that completely break if there is no internet.

[Fnoord]

UniFi products also work from the cloud, if you enable that (it is optional) and you're not tied into the system of one of the largest data gatherers in the world.

Microsoft with Windows 10 uses machine learning to figure out when its most convenient for the user to update (latest Insider build has this function). Either way, Windows has come a long way from 9x randomly crashing and every other piece of software requiring a reboot.

[jdlyga]

If only Google Wifi worked with wired connections, I would've considered buying one. I ended up going the Ubiquity route, and couldn't be happier.

[h4b4n3r0]

Can you elucidate just _why_ it is necessary for a router to be managed through the cloud?

[Terretta]

It’s useful but not necessary. It’s hard to offer the simplicity described above while keeping the control in your hands, but some folks working on wireless mesh are working on it:

https://blog.eero.com/mesh-trust-public-key-infrastructure-e...

[white-flame]

"Simplicity" can be a negative indicator of security. If it's simpler for you, it might also be simpler for an attacker.

Manual steps with the physical hardware, or even requiring a local wifi/ethernet connection, are always going to be more secure than an internet-accessible god mode.

[h4b4n3r0]

Could you be more specific regarding why it's "hard"? I reject the premise that such a limited feature set can be "hard" to support without "cloud". Seems like some combination of NFC/QR codes, WPS and Android/iOS ought to be able to do the job. Mesh set-ups are known to work just fine on-prem. Moreover, a fully local system will almost certainly be more reliable, and will last longer. Certainly beyond the date when Google inevitably cancels the project on their end.