ASUS rolled out an update to its firmware (3.0.0.6.102_34791) that now requires users to be over the age of 16 and to send a slew of metrics and data back to ASUS. If you do not agree or do not check the box to verify you are 16y or older, you cannot use the router. At this time, I’m not sure if ASUS has meant to disable the router for anyone under 16 or if it’s a bug.

You can opt out at any time but lose access to a slew of features:

Please note that users are required to agree to share their information before using DDNS, Remote Connection (ASUS Router APP, Lyra APP. AiCloud, AiDisk), AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS, Game Boost and Web history. At any time, users can search the contents of the terms at this page or stop sharing their information with other parties by choosing Withdraw.

Moreover, ASUS disables automatic firmware updates and worse, all security upgrades unless you opt into the data sharing. Security upgrades perform the following:

Security upgrade incorporates security measures that continuously update its security file and scans to protect against malware, malicious scripts, and emerging threats in order to secure the router and ensure system stability. Some upgrades addressing important security issues or meeting legal/regulatory requirements will still be downloaded and installed automatically, even if “Security Upgrade” is turned off.

  • Etterra@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    6 months ago

    Because nobody has ever lied on one of these lol. Still criminally stupid of ASUS though.

    • shottymcb@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      They don’t care if you’re under 16. They have to ask if they want to collect and sell your data. This is a big red sign that says “WE’RE WATCHING EVERYTHING THAT GOES THROUGH YOUR NETWORK AND SELLING IT TO WHOEVER WILL PAY US!”

      • meseek #2982@lemmy.caOP
        link
        fedilink
        arrow-up
        0
        ·
        6 months ago

        Yeah I don’t get why so many focus on “well, just lie and say you’re under 16.” Literally nothing to do with the state of affairs.

    • meseek #2982@lemmy.caOP
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      This isn’t pornhub buddy. This is a setting on a purchased product. Also, lying has nothing to do with collecting telemetry or forcing customers into it. You may want to realign your priorities.

  • ZeDoTelhado@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    6 months ago

    Fantastic. Time to deliver opnsense and/or pfsense to the masses. Or better, recycle a router with openwrt or similar

  • Wilzax@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    6 months ago

    Top level comment to remind the Open WRT fanboys that this ASUS router uses a Broadcom chipset, which is not supported on OpenWRT. Been seeing it recommended by a lot of replies to comments when it won’t be helpful in this case, since Broadcom chips don’t have open drivers

  • narc0tic_bird@lemm.ee
    link
    fedilink
    arrow-up
    0
    ·
    6 months ago

    Should I need a new motherboard, which vendor would you guys recommend that’s not crap (as a company)? Gigabyte? GamersNexus had a few very negative reports on MSI as well.

    • meseek #2982@lemmy.caOP
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      Yeah gigabyte is solid. I was quite happy with the Aorus line up. I have never bought MSI because I’ve always felt them to be cheap and dodgy. So not surprised NG was having issues with them.

      • MightyCuriosity@sh.itjust.works
        link
        fedilink
        arrow-up
        0
        ·
        6 months ago

        I hate gigabyte with a passion. The 980Ti Gaming G1 has explosion issues (literally) including mine and some other people. They didn’t step up. Then there’s the PSU debacle. There was an r/fuckgigabyte for a reason. I think just AsRock is left?

    • sgh@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      IMO, ASRock.

      Considering that they’re probably the only mobo manufacturer that officially supports using consumer AM4 CPUs on a server (see ASRock Rack), and always supported ECC ram on all AM4 motherboards - and that I haven’t had anything negative happen with any of their products so far (at work) - I personally would choose ASRock next.

      Haven’t had the chance to try them for AM5 yet, sadly.

  • fluckx@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    6 months ago

    I guess I’m not updating my routers anymore then. Sucks though. It seemed to be the only Asus product that wasn’t garbage.

    • meseek #2982@lemmy.caOP
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      That sucks too because you miss out security fixes. I would rather run a secure and up to date firmware that leaks data to ASUS than one with known security exploits. If those were my only options.

      • fluckx@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        6 months ago

        I’d rather update it as well. But the routers are behind my ISP router and aren’t externally accessible. The attack surface is smaller in that regard. I’m not happy with the thought of an unpatched router. Maybe I can hold out long enough for merlin to support my routers.

        I dont think the latest few updates I did mentioned any security updates. Only bugfixes.

        I’ll tackle the problem when it presents itself I guess.

  • TheFinn@discuss.tchncs.de
    link
    fedilink
    arrow-up
    0
    ·
    6 months ago

    The data sharing persists even with merlin. I get a prompt about it as soon as I tried to enable those advanced features. I still get updates though.

    • meseek #2982@lemmy.caOP
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      That was the case before the update, but they didn’t bar security updates and firmware upgrades or not let you even into the router without consent. I had those disabled but the update makes opting in mandatory.

          • TheFinn@discuss.tchncs.de
            link
            fedilink
            arrow-up
            0
            ·
            edit-2
            6 months ago

            Here are some screenshots from my router administration pages. Notice the “Powered by Asuswrt-Merlin”.

            In the first image you can see that I have a particular feature disabled.

            When I toggle it on I receive a warning that my information will be collected by Trend Micro.

            I included another screenshot showing the location where I would withdraw my consent to having my data collected, were I to actually use the advanced features of the router, that I thought I was paying for at the point of sale. Instead I was apparently paying for the privilege of having the option dangled in front of me, behind an agreement for yet another, separate company to collect my family’s data.

            • ipkpjersi@lemmy.ml
              link
              fedilink
              arrow-up
              0
              ·
              6 months ago

              Yeah but that’s not new, that has existed for years even in Merlin firmware. People were saying that this affects Merlin but I’m not seeing any indication of it yet.

              Yes I know ASUS is shitty and evil, and it sucks that those features are gated behind abandoning your privacy, but I was saying that part isn’t new, and I don’t think this new stuff affects Merlin yet.

              We’ll see how it all plays out, though.

              • TheFinn@discuss.tchncs.de
                link
                fedilink
                arrow-up
                0
                ·
                6 months ago

                Sorry about that. I guess I completely missed your point that you were referring to data sharing only via the new “agreement” getting foisted on people. Fingers crossed it doesn’t get into Merlin.

    • PM_Your_Nudes_Please@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      6 months ago

      Unfortunately, lots of ASUS routers (especially the “gamer” oriented ones) use Broadcom chipsets. Broadcom support is severely lacking, (because Broadcom has refused to allow open source drivers) so in many cases switching to openwrt will severely cripple the router. Even basic shit like WiFi will stop working, because there isn’t a WiFi driver available.

  • SomeGuy69@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    6 months ago

    Asus would do good in hiring a real lawyer. Parents accept, kid uses router, data collected of child, illegal. So easy to rip them a new one.

  • TheAnonymouseJoker@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    6 months ago

    This is why I never used to recommend Merlin WRT.

    The ones you should look into are OpenWRT (my favourite), DD-WRT, tools like OPNSense or the more sophisticated Ubiquiti.

  • Xanis@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    6 months ago

    Give it a minute: Tech Jesus and his Nexus friends are having a great time with ASUS recently. I’m sincerely looking forward to how far they take things.

  • DevCat@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    If I bought one of their routers and this came up, I would simply be returning it and giving the person at the counter a printout as to why. Sorry, but this router is not “suitable for purpose”. Look up that phrase and “merchantability”.

    • makingStuffForFun@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      Agree. Straight back for refund. In Australia we can legally choose the manufacturer, or the retailer. I’d go straight to Asus, to give them the message directly.

      • Fubarberry@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        Trying to refund through Asus will result in them dragging their feet, being as unhelpful as possible, or claiming you damaged the product.

        • makingStuffForFun@lemmy.ml
          link
          fedilink
          arrow-up
          0
          ·
          6 months ago

          I’ve been down that road with Samsung. One mention of our consumer laws, with a link to the contact form where I can report them, and refund issued immediately. Australia has good laws. People just need to flex em.

        • Taleya@aussie.zone
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          6 months ago

          Which will result in federal agencies going straight up their arse.

          Many countries outside the US have actual consumer protections

          • Fubarberry@sopuli.xyz
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            I would hope so, but Asus has been doing things like this for at least 10+ years which makes me doubtful that anything will change soon.

    • meseek #2982@lemmy.caOP
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      I would rather not have less options in this world and force companies not to be dicks. I guess to each their own. My router is also 2y old so no returns available.

    • DevCat@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      For the downvoters, in the US:

      https://www.findlaw.com/consumer/consumer-transactions/what-is-the-warranty-of-merchantability.html

      The implied warranty of merchantability guarantees that a product sold to you will work for its intended purposes. In other words, it means you can expect a toaster to toast your bread. If it doesn’t, you have legal protection against losing money on a product that doesn’t work.

      If you bought the router expecting it to work as advertised, you may make a claim if it doesn’t. They would have to spell out ahead of time what the limitations and requirements are in order to avoid trouble.

      • meseek #2982@lemmy.caOP
        link
        fedilink
        arrow-up
        0
        ·
        6 months ago

        You have no claim. The update does not disable the router and even if you opt out, the router itself still functions, except with a few additional features missing. Telemetry and data collection does not void a warranty. There is no claim here.

        • WolfLink@lemmy.ml
          link
          fedilink
          arrow-up
          0
          ·
          6 months ago

          Protecting your network from internet-bound threats is one of the most important jobs of a router, and that involves receiving security updates. Once your router no longer receives security updates, you should stop using it.

        • DevCat@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          6 months ago

          That would be for the legal system to decide. If you purchased it for a specific advertised feature, and that feature was disabled unless unspoken terms were agreed to, you would have a case.