this post was submitted on 30 May 2024
468 points (99.8% liked)

Privacy

32173 readers
432 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

ASUS rolled out an update to its firmware (3.0.0.6.102_34791) that now requires users to be over the age of 16 and to send a slew of metrics and data back to ASUS. If you do not agree or do not check the box to verify you are 16y or older, you cannot use the router. At this time, I’m not sure if ASUS has meant to disable the router for anyone under 16 or if it’s a bug.

You can opt out at any time but lose access to a slew of features:

Please note that users are required to agree to share their information before using DDNS, Remote Connection (ASUS Router APP, Lyra APP. AiCloud, AiDisk), AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS, Game Boost and Web history. At any time, users can search the contents of the terms at this page or stop sharing their information with other parties by choosing Withdraw.

Moreover, ASUS disables automatic firmware updates and worse, all security upgrades unless you opt into the data sharing. Security upgrades perform the following:

Security upgrade incorporates security measures that continuously update its security file and scans to protect against malware, malicious scripts, and emerging threats in order to secure the router and ensure system stability. Some upgrades addressing important security issues or meeting legal/regulatory requirements will still be downloaded and installed automatically, even if "Security Upgrade" is turned off.

Edit: I have personally contacted their CEO's office, but if others would like to voice their disapproval as well, here is a link: https://www.asus.com/us/support/article/787/

(page 2) 50 comments
sorted by: hot top controversial new old
[–] [email protected] 7 points 6 months ago

I'm seeing a few comments suggesting OpenWRT, which is what I use and love: the correct response to this level of capitalist tomfoolery should absolutely be to 1. buy hardware that supports FOSS out of the box, or 2. install FOSS firmware.

BUT: OpenWRT isn't for everyone. Installation on supported devices is usually pretty easy, but it does require being invested in setup, maintenance, and understanding of the software. There is little built-in handholding, and most setup beyond basic functions requires reading the docs and wiki; sometimes, some functionality requires running commands directly on the device rather than the LuCI web-interface.

This kind of understanding and investment should be the end-goal of all privacy-oriented tech users. Technology is complicated, and each layer of handholding that devs add also necessarily obfuscates behind-the-scenes functionality, which runs counter to privacy and security. That being said, the barrier for entry to privacy-respecting tech shouldn't be "a masters in CompSci," and thus any alternative to major tech brands is still a step up from just accepting what they give you. Just be aware that your current firmware may be a stepping stone towards software freedom, instead of a stopping point.

[–] [email protected] 7 points 6 months ago (1 children)

The data sharing persists even with merlin. I get a prompt about it as soon as I tried to enable those advanced features. I still get updates though.

[–] [email protected] 4 points 6 months ago (5 children)

That was the case before the update, but they didn’t bar security updates and firmware upgrades or not let you even into the router without consent. I had those disabled but the update makes opting in mandatory.

load more comments (5 replies)
[–] [email protected] 6 points 6 months ago (2 children)

Should I need a new motherboard, which vendor would you guys recommend that's not crap (as a company)? Gigabyte? GamersNexus had a few very negative reports on MSI as well.

[–] [email protected] 4 points 6 months ago (1 children)

IMO, ASRock.

Considering that they're probably the only mobo manufacturer that officially supports using consumer AM4 CPUs on a server (see ASRock Rack), and always supported ECC ram on all AM4 motherboards - and that I haven't had anything negative happen with any of their products so far (at work) - I personally would choose ASRock next.

Haven't had the chance to try them for AM5 yet, sadly.

load more comments (1 replies)
[–] [email protected] 3 points 6 months ago (2 children)

Yeah gigabyte is solid. I was quite happy with the Aorus line up. I have never bought MSI because I’ve always felt them to be cheap and dodgy. So not surprised NG was having issues with them.

load more comments (2 replies)
[–] [email protected] 5 points 6 months ago (2 children)

All you need is Protectli with OPNsense and cheap TP-Link in AP mode.

[–] [email protected] 4 points 6 months ago

I just write letters to the websites I interact with. I get a good deal on stamps.

load more comments (1 replies)
[–] ZeDoTelhado 5 points 7 months ago

Fantastic. Time to deliver opnsense and/or pfsense to the masses. Or better, recycle a router with openwrt or similar

[–] fluckx 4 points 7 months ago (8 children)

I guess I'm not updating my routers anymore then. Sucks though. It seemed to be the only Asus product that wasn't garbage.

load more comments (8 replies)
load more comments
view more: ‹ prev next ›