this post was submitted on 30 May 2024
478 points (99.8% liked)

Privacy

31876 readers
357 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

ASUS rolled out an update to its firmware (3.0.0.6.102_34791) that now requires users to be over the age of 16 and to send a slew of metrics and data back to ASUS. If you do not agree or do not check the box to verify you are 16y or older, you cannot use the router. At this time, I’m not sure if ASUS has meant to disable the router for anyone under 16 or if it’s a bug.

You can opt out at any time but lose access to a slew of features:

Please note that users are required to agree to share their information before using DDNS, Remote Connection (ASUS Router APP, Lyra APP. AiCloud, AiDisk), AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS, Game Boost and Web history. At any time, users can search the contents of the terms at this page or stop sharing their information with other parties by choosing Withdraw.

Moreover, ASUS disables automatic firmware updates and worse, all security upgrades unless you opt into the data sharing. Security upgrades perform the following:

Security upgrade incorporates security measures that continuously update its security file and scans to protect against malware, malicious scripts, and emerging threats in order to secure the router and ensure system stability. Some upgrades addressing important security issues or meeting legal/regulatory requirements will still be downloaded and installed automatically, even if "Security Upgrade" is turned off.

Edit: I have personally contacted their CEO's office, but if others would like to voice their disapproval as well, here is a link: https://www.asus.com/us/support/article/787/

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 128 points 5 months ago (6 children)

Is Asus just asking to have a shitload of lawsuits?

[–] [email protected] 78 points 5 months ago (3 children)

It doesn’t seem like they give a shit. This is the company that strong armed NexusGaming with their repairs and have scammed a slew of people thru their warranty system.

If you search for “ASUS repair scam” they have a sorted history of this kind of douchery.

[–] [email protected] 31 points 5 months ago (1 children)

I think the word you're looking for is "sordid".

[–] [email protected] 46 points 5 months ago (1 children)

Sometimes I take spellcheck for granite.

[–] [email protected] 10 points 5 months ago (4 children)
load more comments (4 replies)
[–] [email protected] 29 points 5 months ago (2 children)

Watching the GN video was insane because I had that exact same experience with ASUS 10 years ago. Back when they made the Nexus 7. I had to RMA 3 of those dam things and each time I had to go through that song and dance with the RMA forms. I think when the 4th one failed I just gave up, recycled it, and moved on from this company as a whole.

Looks like nothing's changed, which means this way of treating their customers is endemic at this point. They're a lost cause.

[–] [email protected] 12 points 5 months ago

That's brutal that they get away with that crap. I will never buy anything ASUS branded again. They are on my embargo list now, right under Sony, which I haven't purchased a single thing from them for about 18 years since they screwed me out of repairs on my phone. Only way IMO.

[–] [email protected] 12 points 5 months ago

My experience was similar, but I gave up after my first RMA because I saw everyone else going through the same thing. The N7 started as such a delight and ended up as one of worst product experiences.

[–] [email protected] 19 points 5 months ago

And in return Gamers Nexus is teaching all of their viewers what their consumer rights are, and how to report fraudulent activity to the proper regulatory authorities. This isn't the first time Gamers Nexus has gotten regulatory agencies involved with computer part manufacturers fucking over customers, and the history of those incidents didn't go very well for other companies involved.

On the other hand Gamers Nexus has also gone out of their way to point out companies that have done the right thing when issues came up, to make sure those companies are getting kudos for NOT fucking over consumers. Because sadly that's all we really want.

If the FTC gets enough complaints to warrant the manpower to investigate ASUS warranty fraud, there is no doubt in my mind that they're gonna be fucked based on what we've seen so far.

load more comments (5 replies)
[–] [email protected] 64 points 5 months ago (3 children)

The title could use the word "router" somewhere.

[–] [email protected] 19 points 5 months ago (1 children)

Fr. Had me thinking ASUS Motherboards. Really had me going there😅

[–] [email protected] 12 points 5 months ago

They are next 🫠

[–] [email protected] 11 points 5 months ago (4 children)

New ASUS firmware now requires a user to be 16y or older router and will restrict features and even security upgrades if you opt out

Like that?

load more comments (1 replies)
[–] [email protected] 56 points 5 months ago (1 children)

Give it a minute: Tech Jesus and his Nexus friends are having a great time with ASUS recently. I'm sincerely looking forward to how far they take things.

[–] [email protected] 18 points 5 months ago (2 children)
[–] [email protected] 32 points 5 months ago* (last edited 5 months ago) (2 children)

Stephen Burke, Editor-in-Chief and founder of Gamers Nexus. They do computer hardware reviews, consumer advocacy and sometimes even investigative journalism. Steve has a majestic mane, earning him that nickname.

See https://gamersnexus.net/ and https://www.youtube.com/@GamersNexus

load more comments (2 replies)
[–] [email protected] 13 points 5 months ago (1 children)
load more comments (1 replies)
[–] [email protected] 44 points 5 months ago (1 children)

The last thing I want is my router sharing information with other parties.

[–] [email protected] 17 points 5 months ago (5 children)

I worry about that more than I should. But yeah, that is the central hub that everything goes thru. I actually don't even want it to ping Asus's update servers because I can't be sure what kind of data is being sent.

I moved to Merlin firmware and hoping that doesn't have any telemetry. Unfortunately OpenWRT doesn't support wifi 6/6E routers and even the rare ones it does support, aren't really the greatest.

I want the asus hardware, just not their shitty software.

load more comments (5 replies)
[–] [email protected] 35 points 5 months ago (1 children)

Nasty. Thanks for the heads up.

[–] [email protected] 17 points 5 months ago (2 children)

NP. I was pretty pissed as they haven’t released a new update in almost a year and when they did, this is all that’s been changed.

Good news is moving to WRT Merlin is a piece of cake and even carries over all your original settings. Hopefully they rip out this crap with their own firmware.

load more comments (2 replies)
[–] [email protected] 35 points 5 months ago

Asus would do good in hiring a real lawyer. Parents accept, kid uses router, data collected of child, illegal. So easy to rip them a new one.

[–] [email protected] 34 points 5 months ago (6 children)

Asus went the bad way. Check out louis rossman vídeos about asus, héroes one of them. https://www.youtube.com/watch?v=NHQqKi9NcTs It is a company to be avoided. It went the non ethical way.

load more comments (6 replies)
[–] [email protected] 32 points 5 months ago (1 children)

Because they aren't legally allowed to spy on minors they add this shit to bypass it?

[–] [email protected] 13 points 5 months ago (1 children)
[–] [email protected] 16 points 5 months ago (2 children)

Is the train of thought that if the adult approves they can harvest data from minors regardless? It harvests data from anybody using the internet, not just person handling the settings. It doesn't seem legal that the data harvest agreement binds all users in a household rather than the one managing the settings?

Is that legal in Europe? is it legal to suddenly semi brick a device if you dont allow them to data harvest? Is it really considered giving consent freely when the device you paid $$ for suddenly no longer does 90% because you disagree with sudden data harvest practices?

I can understand a feature not working because you disagree on sharing something. E.g: can't tell you which pizza place is near you if you dont share your location.

But this? I hope it's illegal and they get sued into oblivion for this. This is super invasive.

load more comments (2 replies)
[–] [email protected] 32 points 5 months ago (5 children)

If you own a router from ASUS and find OpenWRT too difficult:

install Asuswrt-Merlin

load more comments (5 replies)
[–] [email protected] 28 points 5 months ago (9 children)

OpenWRT is better for a lot of reasons. It isn't as user friendly but if you know a little networking you will be fine. The big thing is that automatic updates aren't a thing so make sure you manually update.

load more comments (9 replies)
[–] [email protected] 19 points 5 months ago (3 children)

If I bought one of their routers and this came up, I would simply be returning it and giving the person at the counter a printout as to why. Sorry, but this router is not "suitable for purpose". Look up that phrase and "merchantability".

[–] [email protected] 17 points 5 months ago (4 children)

Agree. Straight back for refund. In Australia we can legally choose the manufacturer, or the retailer. I'd go straight to Asus, to give them the message directly.

load more comments (4 replies)
[–] [email protected] 14 points 5 months ago (4 children)

For the downvoters, in the US:

https://www.findlaw.com/consumer/consumer-transactions/what-is-the-warranty-of-merchantability.html

The implied warranty of merchantability guarantees that a product sold to you will work for its intended purposes. In other words, it means you can expect a toaster to toast your bread. If it doesn't, you have legal protection against losing money on a product that doesn't work.

If you bought the router expecting it to work as advertised, you may make a claim if it doesn't. They would have to spell out ahead of time what the limitations and requirements are in order to avoid trouble.

load more comments (4 replies)
load more comments (1 replies)
[–] [email protected] 19 points 5 months ago (1 children)

This is sickening.

People should use alternative routers and software such as OpenWRT, DDWRT, and Gl.iNet routers

[–] [email protected] 8 points 5 months ago (1 children)

Yeah. When I bought my ASUS router I was looking into OpenWRT supported routers but they are really hard to come by (at least in NA) and quite dated. Router manufacturers really don't want to have their telemetry removed.

load more comments (1 replies)
[–] [email protected] 17 points 5 months ago (11 children)

never use stock router firmware

load more comments (11 replies)
[–] [email protected] 16 points 5 months ago

If anyone is looking for an alternative firmware, check out Fresh Tomato: https://freshtomato.org/

[–] [email protected] 16 points 5 months ago (6 children)

Okay ASUS is out. Recommendations?

[–] [email protected] 9 points 5 months ago (7 children)

There's a few routes (pun intended) you could go.

DIY with opnsense on an old PC will give you the most flexibility and will allow you to build your router to your exact needs.

Ubiquiti is also another choice albeit a contentious one. Their hardware is pretty good which also doesn't require a recurring charge to use (unfortunately rare when you get into the enterprise grade gear). The software side is where people have such mixed feelings as for consumers and prosumers it's pretty good but when you start getting into enterprise level configurations you'll find their software pretty lacking. For example if you need a L3 switch for inter VLAN routing you'll want to go with a different vendor as ubiquiti's L3 is practically broken.

load more comments (7 replies)
load more comments (5 replies)
[–] [email protected] 15 points 5 months ago (2 children)

I remember seeing that Openwrt is working on getting their own hardware sometime in the future. Might be worth looking at when the time comes. I'll stick with merlin until that goes the same way.

load more comments (2 replies)
[–] [email protected] 15 points 5 months ago (1 children)

FYI the open source OpenWRT based Banana Pi R3 AX 4x4 is a thing. Don't buy closed source Routers/APs on purpose.

load more comments (1 replies)
[–] [email protected] 14 points 5 months ago

Next DEFCON is in two months, can't wait to see them get absolutely pwned.

[–] [email protected] 11 points 5 months ago (1 children)

I’m not sure if ASUS has meant to disable the router for anyone under 16 or if it’s a bug.

Pretty sure they just expect everyone to click "Agree" regardless of age.

load more comments (1 replies)
[–] [email protected] 11 points 5 months ago (1 children)
[–] [email protected] 10 points 5 months ago* (last edited 5 months ago) (2 children)

Unfortunately, lots of ASUS routers (especially the “gamer” oriented ones) use Broadcom chipsets. Broadcom support is severely lacking, (because Broadcom has refused to allow open source drivers) so in many cases switching to openwrt will severely cripple the router. Even basic shit like WiFi will stop working, because there isn’t a WiFi driver available.

load more comments (2 replies)
[–] [email protected] 9 points 5 months ago (2 children)

Top level comment to remind the Open WRT fanboys that this ASUS router uses a Broadcom chipset, which is not supported on OpenWRT. Been seeing it recommended by a lot of replies to comments when it won't be helpful in this case, since Broadcom chips don't have open drivers

load more comments (2 replies)
[–] [email protected] 9 points 5 months ago

I'm seeing a few comments suggesting OpenWRT, which is what I use and love: the correct response to this level of capitalist tomfoolery should absolutely be to 1. buy hardware that supports FOSS out of the box, or 2. install FOSS firmware.

BUT: OpenWRT isn't for everyone. Installation on supported devices is usually pretty easy, but it does require being invested in setup, maintenance, and understanding of the software. There is little built-in handholding, and most setup beyond basic functions requires reading the docs and wiki; sometimes, some functionality requires running commands directly on the device rather than the LuCI web-interface.

This kind of understanding and investment should be the end-goal of all privacy-oriented tech users. Technology is complicated, and each layer of handholding that devs add also necessarily obfuscates behind-the-scenes functionality, which runs counter to privacy and security. That being said, the barrier for entry to privacy-respecting tech shouldn't be "a masters in CompSci," and thus any alternative to major tech brands is still a step up from just accepting what they give you. Just be aware that your current firmware may be a stepping stone towards software freedom, instead of a stopping point.

load more comments
view more: next ›