On Thu, Mar 24, 2022 at 10:04 AM Giovane C. M. Moura via NANOG <nanog@nanog.org> wrote:

> Who cares about the SSID???

I don't remember the data model, but I remember that they retrieved data
very often, multiple times a minute.


Please keep in mind that TR-069 (which in all likelihood is how the data you remember captured was captured) provides
raw packet access to the customer side of the device.

yes, this is a problem, yes it's certainly been/being abused.
Yes the protocol is garbage and implementations are also garbage :(
see the, at least 1, blackhat/defcon presentations about TR-069 problems.

https://www.youtube.com/watch?v=XXhV7zpc6m8
https://www.geekzone.co.nz/forums.asp?forumid=49&topicid=214760&page_no=5
https://www.blackhatethicalhacking.com/news/multiple-backdoors-and-vulnerabilities-discovered-in-fiberhome-routers/

there's really no reason at all to have this exposed as it is :(