146

Eero Plus - View Devices/Sites that Triggered "Threat"

I love eero Plus and the fact that it is protecting our network. What would be nice is under the Activity log where it shows Threat Blocks for Botnet, Malware, Phising, Spyware (and ditto for Content Filters), it would be nice to be able to click on what was blocked and see the following:

- Device that was the source of the block (Was it my TV, my laptop or my iPhone)
- Site that was visited 
- What the threat was that was blocked, if it's a known threat

Obviously there are privacy concerns so you should be able to toggle the above feature on or off. 

62replies Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • Please pass this to Product team:

    Right now with large groups of the population working from home, products like Eero are immensely valuable to ensure we have good connection everywhere in our homes and are protected from threats while doing our jobs.

    As of right now the graphs in the "Threat Blocks" feature are useful as a demo and proof of concept that Eero may secure the network, but without being able to drill down and get details about what was actually blocked in many cases we would not know if these are false positives, or if Eero may be scanning and misinterpreting sensitive company bound traffic. 

    Despite many of us who may have a strong desire to do so, it's very hard to justify paying for this service without a drill-down feature.

    I strongly recommend this feature be given high priority as it is likely to bring an uptick in revenue, and will delight your customers (90 of them that have found this thread in the last year), Lastly, it will alleviate concerns from several here that Eero's Advanced Security is not just a scam targeting less savvy residential market customers, but actually is worth the money.

    Like 4
      • Number44
      • Number44
      • 8 mths ago
      • 2
      • Reported - view

      Echoing the sentiments said here. filmjbrandon explains this perfectly.

       

      The only thing I'll add is: I want to know if this is malware that's on the network and trying to beacon out from the device indicated, or attempts by malware to access the network, along with the name and signature.

      Like 2
  • Would really like to see this implemented as I otherwise fail to see the value the Eero Secure premium service provides. How can we know that the data isn't fake? No anti virus/anti malware triggers at all, i.e. Windows Defender ATP etc, some superb paid services, yet, Eero says my device is spewing malware and spyware.

    Like, c'mon, we're not stupid, we just want some insight here. What if something was actually wrong. The second we leave our network, these pieces of malicious software are free to live on our devices!

    Since I see related feature requests, and even this one, have been open for years without any acknowledgement from the Eero team, how about you meet us halfway? Let us know what is considered "malware" or "spyware?" 

    Malware

    • Connections to websites associated with known malicious software (virusTotal stats, Indicators of compromise data?) DNS/IP data

    Spyware

    • In my humble opinion, is Eero just mirroring Ad blocking data here? I too would consider ads a means of tracking our website browsing habits. 
    Like 2
  • Everyone here needs to vote because this isn’t showing up as a high enough priority in the list of features to consider. It currently has 2 votes despite all the commentary.  
     

    My subscriptions runs out in a few days and at least one day over the holiday break I got a “zscaler” notice when attempting to go to Apple’s developer website. Looking at the security events logs it showed an abundance of botnet and malware events initiating from the laptop I was using. 
     

    After doing some online research about zscaler and finding out this is part of what Eero uses for its security filtering, I restarted the network. Since that time far fewer events have been recorded but the old events remain. 
     

    I intend to turn it off all day today, because as of right now I think it’s either mostly false positives and I do not see any benefit. 
     

    until this feature is implemented I am not intending to give further money to Eero, even with the 30% discount they are offering. 
     

    Eero/Amazon please take this request seriously. The other planned features/priorities will not have nearly the impact to your bottom line as users such as me who will not pay subscription fees without this. 

    Like 5
  • This definitely needs to be implemented.  I have helped neighbors setup eero, and they have asked me if there is a way to see the blocked websites their children tried to visit.

    Like 2
  • Just got off the phone with support, and this is still a huge, glaring problem!! Why aren’t you guys fixing this? I’m a software engineer and I know how trivial it would be to link to some log details. It’s completely useless without more information, I would argue it’s even worse because now I think there’s threats and I don’t know what they are. I’d rather not even know. Please, the product is amazing, just implement this simple feature request and make everyone happy ;)

    Like 4
  • How is this STILL NOT POSSIBLE? Seeing a significant uptick in spyware blocks (while thankful they were blocked) directly correlates to increases in my anxiety and leaves me with SO many unanswered questions. 
     

    1) why the uptick?

    2) did I visit some nefarious site that day that labeled me a sucker?

    3) Simply random bad luck? 
    4) How many attempts did Eero not catch before the caught these?

    5) do I have spyware on my device? 
    6) are there things I should be doing Or not doing when outside my network and eero’s protection? 
    7) who/what were the actions/where did they originate/ what is it about these that convinces eero it was spyware? 
     

    from 0 to 77 on one day freaks me out and seems almost better not knowing when there is so little additional details provided. 
     

    Like 3
  • How can I vote 10000000x 

    Like 4
  • I mean, ditto to all of this. Seriously...

    Like 1
  • Just bought my eero today.

    i would love to be able to see what is triggering the “spyware” as I am reloading my laptop to factory and it triggered an alert as it was completing the reload 

    Like 2
  • Just replaced my old router with a 3 unit eero system. Wifi is great so far, and I'm giving eero secure a try during the free 30 day trial. I can probably do without knowing specifically what ads or spyware are being blocked, it's displaying one of my devices being blocked for malware. That's a serious claim that should provide additional detail. Unless that's added, I don't see paying for a subscription.

    Like 1
  • It's really quite ridiculous to offer people the suggestion that Eero is blocking me from some unknown enemy and I am completely helpless to detect and defend against these "threats". Please give us some amount of context behind these numbers.

    Like 2
  • yup, I signed up for eero via my ISP and I can see one of my kids triggered "adult content" ... was that an ad on a game site or full blown porn..... sure would like to know.  This is just silly.  

    Like
  • Another registration just for this issue.  Recently got Eeros replacing an old openWRT router to cover a new, larger house.

    I got auto-opted in to the free trial, and my Linux/NixOS desktop is suddenly getting >1k spyware threats and ~500 "phishing and deception threats"/day, which seems like utter nonsense, and an iPhone in the household is seeing roughly a tenth as many.  I'm assuming these are all false positives, because I honestly have no idea how I could be getting hundreds of phishing attempts/day.

    There's no way I'm paying for this scareware.  I can't find any way to end the free trial, so if I start getting billed at the end of it, I will demand a refund and file an Amazon review and BBB complaint.

    Like 1
  • I’m amazed this hasn’t been addressed. Really wish I could figure out which device cause issues. The only fix I can think of is just grouping devices alone in their own profiles. Seems kind of crazy to do that though...

    Like
  • Got a new computer and suddenly thousands of malware/spyware blocks.. In a panic I scanned my server with everything I could find and it was completely clean.. this DEFINITELY needs details!

    Like
  • Absolutely necessary in my opinion. Enjoy everything being in the app but it's rather useless so far. Currently on trial and will not be purchasing when it runs out and am seeking out alternatives.

    Like
  • I agree with everyone.  I actually came to see if there was any talk about not being able to view network activity / usage from the week or months unless you subscribe to the security subscriptions.  I don't understand how that data is something I need to pay to see anything besides the current week.  Am I the only one that is frustrated by this??
    I am in I.T. and work with small businesses and can't recommend this product because of this and the reasons above.  It's hard coming from all other routers factory firmware and special firmware such DD-WRT, where all information is provided to this router where there is none.  

    The wireless does perform good and I like the product in every way besides these things.

    And how is my Network Usage a Security feature?!

    Good Times!

    Like
  • Ditto to everything here. Signed up for the community account just to vote and comment on this request.

    Like
  • Signed up just to show support for this feature request.

    Like
  • Very confused how this is still not a feature. It makes these threat reports useless. How do we know what might be causing it?

    Without it, eero secure plus almost becomes useless.

    Like 1
  • After further thought, I think this feature is working exactly as designed. It generates spurious 'threat' warnings that scare less knowledgeable folks into renewing the service, which creates a recurring income stream. It's the only plausible explanation why more detail hasn't been added in the 2 years (!) since the feature has been requested. It's probable that the number of us that find this lack of transparency absurd is dwarfed by the numbers that just renew to keep their network 'safe' without having to worry about details.

    Like 1
    • cmemery The purpose is to keep the information of what you browse private.  In order to identify it,  you'd have to know what "it" is.

      Like
      • marsteau
      • marsteau
      • 1 mth ago
      • Reported - view

      txgunlover like any feature you can turn on or off. If someone enables a network wise filter, it has to agree or not to disclosed what was found or not and who can see it. 

      Furthermore, just mentioning what malware (name of identified thread) would be a good start. In any software there is false positive. I would actually think that giving more details would increase confidence in the tool, and cause more people to subscribe to the service.

      There are many antivirus softwares which all claim to detect viruses and cleans these up. Benchmarks and 3rd party will put these to test and one of the tests will be detect false-positives. Those with less false-positive, less false-negative and most true-positives (detecting properly the virus) will likely be on the top of recommended antivirus software, leading to more people buying it with confidence.

      Trust needs to be earned.

      Like
    • marsteau If one does not have the information, one cannot share it.

      Like
      • marsteau
      • marsteau
      • 1 mth ago
      • Reported - view

      txgunlover of course they have the information. They simply refuse to track it. If they are able to tell there is a malware they must have some reasons to flag it vs not flag it. If it is considered flagged, they should be able to log/track what made them believe it is a malware, etc. Again, basic functionality that many DNS service provide today (NextDNS, OpenDNS, Cloudfare) which cannot be used when Eero Secure is enabled.

      Like
    • marsteau The data is passed off to a service without eero seeing it.  Thereby they cannot violate privacy.  It's a blind service.

      Like
      • marsteau
      • marsteau
      • 1 mth ago
      • Reported - view

      @txgunlover all I am saying is this is bad design. Whether technically a third party is involved (and has limitations) does not justify the functional shortfall. The end user is left in the dark due to technical bad implementation of the feature.

      Any DNS vendor that provides security features (like content filter, security detections, etc) typically offers (at a premium) to provide logs to that user (NextDNS and other listed above are just examples). If user does not configure an account then yes, the service won't come with logs. And obviously DNS vendor would not allow sharing these logs externally other than the user who created an account. 

      I believe the feature requested here should follow the pattern of other Secure+ feature: partner with an external vendor (included in Secure+ extra costs) to provide detailed logs. That would require the user to create an account to the external vendor, and then Eero would allow user to configure the Eero router to this specific account. Now all the logs would remain at the vendor site (Eero won't see the logs) but end-user would have the details he is willing to pay for to see. The current feature in Secure mode makes little sense to me, but those who are not willing to pay more for getting details could continue to use as-is.

      To reuse my previous analogy, that would be like installing an antivirus software that continuously monitor my computer, but which would internally implement the scanning such as to delegate to an external site; then report on viruses without mentioning what file is detected or what virus was found (for privacy reasons). You will convene no one would buy such an antivirus software... the worst part is that Eero does not mention ANYWHERE in the doc that the secure service (security) does not come with actual logs. It is miscommunication at best, since the expectation of anyone serious about security will expect such a thing.

      Like
    • marsteau If they had a solution that provided this feature, people would complain they're tracking the sites they're visiting.  There are two sides to every coin.

      Like
Vote146 Follow
  • 146 Votes
  • 1 mth agoLast active
  • 62Replies
  • 2469Views
  • 64 Following

Need Help? We're here for you!

We're big on support, and we want to make sure you always have the best eero experience possible. Here are several resources you can use if you ever need our help!


Quick links

Community Guidelines

Help Center

Contact eero support

@eerosupport

eero.com