ASUS rolled out an update to its firmware (3.0.0.6.102_34791) that now requires users to be over the age of 16 and to send a slew of metrics and data back to ASUS. If you do not agree or do not check the box to verify you are 16y or older, you cannot use the router. At this time, I’m not sure if ASUS has meant to disable the router for anyone under 16 or if it’s a bug.
You can opt out at any time but lose access to a slew of features:
Please note that users are required to agree to share their information before using DDNS, Remote Connection (ASUS Router APP, Lyra APP. AiCloud, AiDisk), AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS, Game Boost and Web history. At any time, users can search the contents of the terms at this page or stop sharing their information with other parties by choosing Withdraw.
Moreover, ASUS disables automatic firmware updates and worse, all security upgrades unless you opt into the data sharing. Security upgrades perform the following:
Security upgrade incorporates security measures that continuously update its security file and scans to protect against malware, malicious scripts, and emerging threats in order to secure the router and ensure system stability. Some upgrades addressing important security issues or meeting legal/regulatory requirements will still be downloaded and installed automatically, even if “Security Upgrade” is turned off.
Edit: I have personally contacted their CEO’s office, but if others would like to voice their disapproval as well, here is a link: https://www.asus.com/us/support/article/787/
Top level comment to remind the Open WRT fanboys that this ASUS router uses a Broadcom chipset, which is not supported on OpenWRT. Been seeing it recommended by a lot of replies to comments when it won’t be helpful in this case, since Broadcom chips don’t have open drivers
Yeah I’ve stayed out of those because it’s just felt like a knee jerk without actually even reading anything. “Someone said something critical about a router firmware, quick put OpenWRT on blast!” 😏
However, freshtomato is another router firmware, that isn’t as feature rich or well supported as opwnwrt, but is focused on supporting broadcom chipsets.
https://wiki.freshtomato.org/doku.php/hardware_compatibility
I flashed it to my netgear router with a broadcom chipset, it works wonderfully!
Removed by mod
Give it a minute: Tech Jesus and his Nexus friends are having a great time with ASUS recently. I’m sincerely looking forward to how far they take things.
Who is this “Tech Jesus”?
Stephen Burke, Editor-in-Chief and founder of Gamers Nexus. They do computer hardware reviews, consumer advocacy and sometimes even investigative journalism. Steve has a majestic mane, earning him that nickname.
See https://gamersnexus.net/ and https://www.youtube.com/@GamersNexus
Ah, fair enough.
Here is an alternative Piped link(s):
https://www.piped.video/@GamersNexus
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Hello there
deleted by creator
Probably. But still so shady to give the choice when it doesn’t actually work. Feels worse this way TBH.
Is Asus just asking to have a shitload of lawsuits?
Yes.
It doesn’t seem like they give a shit. This is the company that strong armed NexusGaming with their repairs and have scammed a slew of people thru their warranty system.
If you search for “ASUS repair scam” they have a sorted history of this kind of douchery.
Watching the GN video was insane because I had that exact same experience with ASUS 10 years ago. Back when they made the Nexus 7. I had to RMA 3 of those dam things and each time I had to go through that song and dance with the RMA forms. I think when the 4th one failed I just gave up, recycled it, and moved on from this company as a whole.
Looks like nothing’s changed, which means this way of treating their customers is endemic at this point. They’re a lost cause.
That’s brutal that they get away with that crap. I will never buy anything ASUS branded again. They are on my embargo list now, right under Sony, which I haven’t purchased a single thing from them for about 18 years since they screwed me out of repairs on my phone. Only way IMO.
My experience was similar, but I gave up after my first RMA because I saw everyone else going through the same thing. The N7 started as such a delight and ended up as one of worst product experiences.
I think the word you’re looking for is “sordid”.
Sometimes I take spellcheck for granite.
It’s a slippery slope.
Wait, that’s not a typo…
Neither are mine. Grammatical mistakes are not typos.
And in return Gamers Nexus is teaching all of their viewers what their consumer rights are, and how to report fraudulent activity to the proper regulatory authorities. This isn’t the first time Gamers Nexus has gotten regulatory agencies involved with computer part manufacturers fucking over customers, and the history of those incidents didn’t go very well for other companies involved.
On the other hand Gamers Nexus has also gone out of their way to point out companies that have done the right thing when issues came up, to make sure those companies are getting kudos for NOT fucking over consumers. Because sadly that’s all we really want.
If the FTC gets enough complaints to warrant the manpower to investigate ASUS warranty fraud, there is no doubt in my mind that they’re gonna be fucked based on what we’ve seen so far.
How many 14 year olds can afford a lawyer?
All you need is one lawyer in this case to handle the class action lawsuit that would follow. There is power in numbers.
A class action lawsuit with a related FTC warranty fraud investigation is a pretty tough thing to fight.
No need, they can just lie :)
Asus went the bad way. Check out louis rossman vídeos about asus, héroes one of them. https://www.youtube.com/watch?v=NHQqKi9NcTs It is a company to be avoided. It went the non ethical way.
It went the non ethical way.
Sadly, you can swap Asus with pretty much any popular company’s name and it still holds true.
Gamers nexus mentioned two decent brands (arctic and fractal) in their most recent video about Asus.
https://www.youtube.com/watch?v=uYdtpU8FKO8 around the 11:11 mark
But yes, sadly most popular companies seem to be garbage nowadays.
Here is an alternative Piped link(s):
https://www.piped.video/watch?v=uYdtpU8FKO8
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Here is an alternative Piped link(s):
https://www.piped.video/watch?v=NHQqKi9NcTs
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Every other company seems to charge for parental controls. It’s so stupid, I don’t need another fee just because I have a child in my life.
I wanted to degoogle, so I looked for a new router and ended up with an Asus.
Fantastic. Time to deliver opnsense and/or pfsense to the masses. Or better, recycle a router with openwrt or similar
Good thing openWRT works on those
OpenWRT is better for a lot of reasons. It isn’t as user friendly but if you know a little networking you will be fine. The big thing is that automatic updates aren’t a thing so make sure you manually update.
OpenWRT is pretty user friendly, in my experience.
It isn’t half bad but it does use a lot of terminology and can be overwhelming because it has so many options
It isn’t half bad but it does use a lot of terminology
That’s why it’s user friendly. Try configuring one of those “user friendly” consumer grade crap routers. Due to the use non-standard descriptions in a misguided effort to be user friendly no one actually has any clue what settings actually do.
Good point but most people do have a good networking background. That’s why some companies ship openWRT with custom skins
Good point but most people do have a good networking background.
I know the target demographic for a privacy community will likely have a good networking background. But “most” is likely an overstatement. I think most people don’t even know what a router does, much less how to configure one.
But with those ‘user friendly’ UI’s no one knows what they’re doing. The user doesn’t know regardless and now the expert they ask for help has no clue either.
I disagree. It automatically sets up location and a password which is a big step. You keep clicking next until you are done
That works great until it doesn’t, and then you’re fucked.
I’m seeing a few comments suggesting OpenWRT, which is what I use and love: the correct response to this level of capitalist tomfoolery should absolutely be to 1. buy hardware that supports FOSS out of the box, or 2. install FOSS firmware.
BUT: OpenWRT isn’t for everyone. Installation on supported devices is usually pretty easy, but it does require being invested in setup, maintenance, and understanding of the software. There is little built-in handholding, and most setup beyond basic functions requires reading the docs and wiki; sometimes, some functionality requires running commands directly on the device rather than the LuCI web-interface.
This kind of understanding and investment should be the end-goal of all privacy-oriented tech users. Technology is complicated, and each layer of handholding that devs add also necessarily obfuscates behind-the-scenes functionality, which runs counter to privacy and security. That being said, the barrier for entry to privacy-respecting tech shouldn’t be “a masters in CompSci,” and thus any alternative to major tech brands is still a step up from just accepting what they give you. Just be aware that your current firmware may be a stepping stone towards software freedom, instead of a stopping point.
If you own a router from ASUS and find OpenWRT too difficult:
install Asuswrt-Merlin
The data sharing happens on merlin too
It builds on devices’ source code published by ASUS. The is no data sharing with ASUS.
Merlin’s privacy disclosure:
The only outbound connection made with me by this firmware is when the firmware checks for availability of a new version.
That thread is about the official firmware as distributed by ASUS.
Here are some screenshots from my router administration pages. Notice the “Powered by Asuswrt-Merlin”.
In the first image you can see that I have a particular feature disabled.
When I toggle it on I receive a warning that my information will be collected by Trend Micro.
I included another screenshot showing the location where I would withdraw my consent to having my data collected, were I to actually use the advanced features of the router, that I thought I was paying for at the point of sale. Instead I was apparently paying for the privilege of having the option dangled in front of me, behind an agreement for yet another, separate company to collect my family’s data.
Nasty. Thanks for the heads up.
NP. I was pretty pissed as they haven’t released a new update in almost a year and when they did, this is all that’s been changed.
Good news is moving to WRT Merlin is a piece of cake and even carries over all your original settings. Hopefully they rip out this crap with their own firmware.
I wanted to swap over to Merlin last year but my router isn’t supported. Grrrr!
Same :(
Next DEFCON is in two months, can’t wait to see them get absolutely pwned.
I guess I’m not updating my routers anymore then. Sucks though. It seemed to be the only Asus product that wasn’t garbage.
I’m sure asuswrt-merlin won’t have this nonsense.
Routers aren’t supported by merlin unfortunately :(
Do you mean modems?
Look into OpenWRT. It is more complex to setup but it is a Swiss army knife.
That sucks too because you miss out security fixes. I would rather run a secure and up to date firmware that leaks data to ASUS than one with known security exploits. If those were my only options.
I’d rather update it as well. But the routers are behind my ISP router and aren’t externally accessible. The attack surface is smaller in that regard. I’m not happy with the thought of an unpatched router. Maybe I can hold out long enough for merlin to support my routers.
I dont think the latest few updates I did mentioned any security updates. Only bugfixes.
I’ll tackle the problem when it presents itself I guess.
FYI the open source OpenWRT based Banana Pi R3 AX 4x4 is a thing. Don’t buy closed source Routers/APs on purpose.
You can just buy a off the shelf router and flash OpenWRT many devices are supported. If you want to be sure just look it up before you buy.