On a related note, there is also a lot of research out there on how to detect passive network sniffing (I.e. interfaces in promiscuous mode) and a number of projects that have some ability to do that, like antisniff, sniffdet, and a few others. Google, in particular, has done a lot of work in that direction because, obviously, ensuring the security of googles own extensive network is a big deal.
It’s not a stretch to imagine a router that can determine if the network is actively (or even passively) being sniffed and choose not to phone home during that time.
Without access to the source code, you don’t know. That’s the problem.
With most hardware providers, you can choose to trust them because securing your data is their business. Google, conversely, is built around USING your data, which is a huge conflict of interest. Which is why you don’t use their hardware if you care about security.
But please, tell me again about my ignorance on the topic.