ASUS rolled out an update to its firmware (3.0.0.6.102_34791) that now requires users to be over the age of 16 and to send a slew of metrics and data back to ASUS. If you do not agree or do not check the box to verify you are 16y or older, you cannot use the router. At this time, I’m not sure if ASUS has meant to disable the router for anyone under 16 or if it’s a bug.

You can opt out at any time but lose access to a slew of features:

Please note that users are required to agree to share their information before using DDNS, Remote Connection (ASUS Router APP, Lyra APP. AiCloud, AiDisk), AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS, Game Boost and Web history. At any time, users can search the contents of the terms at this page or stop sharing their information with other parties by choosing Withdraw.

Moreover, ASUS disables automatic firmware updates and worse, all security upgrades unless you opt into the data sharing. Security upgrades perform the following:

Security upgrade incorporates security measures that continuously update its security file and scans to protect against malware, malicious scripts, and emerging threats in order to secure the router and ensure system stability. Some upgrades addressing important security issues or meeting legal/regulatory requirements will still be downloaded and installed automatically, even if “Security Upgrade” is turned off.

Edit: I have personally contacted their CEO’s office, but if others would like to voice their disapproval as well, here is a link: https://www.asus.com/us/support/article/787/

    • ultratiem@lemmy.caOP
      link
      fedilink
      arrow-up
      78
      arrow-down
      1
      ·
      5 months ago

      It doesn’t seem like they give a shit. This is the company that strong armed NexusGaming with their repairs and have scammed a slew of people thru their warranty system.

      If you search for “ASUS repair scam” they have a sorted history of this kind of douchery.

      • PseudorandomNoise@lemmy.world
        link
        fedilink
        English
        arrow-up
        28
        ·
        5 months ago

        Watching the GN video was insane because I had that exact same experience with ASUS 10 years ago. Back when they made the Nexus 7. I had to RMA 3 of those dam things and each time I had to go through that song and dance with the RMA forms. I think when the 4th one failed I just gave up, recycled it, and moved on from this company as a whole.

        Looks like nothing’s changed, which means this way of treating their customers is endemic at this point. They’re a lost cause.

        • ultratiem@lemmy.caOP
          link
          fedilink
          arrow-up
          12
          ·
          5 months ago

          That’s brutal that they get away with that crap. I will never buy anything ASUS branded again. They are on my embargo list now, right under Sony, which I haven’t purchased a single thing from them for about 18 years since they screwed me out of repairs on my phone. Only way IMO.

        • zod000@lemmy.ml
          link
          fedilink
          arrow-up
          12
          ·
          5 months ago

          My experience was similar, but I gave up after my first RMA because I saw everyone else going through the same thing. The N7 started as such a delight and ended up as one of worst product experiences.

      • halcyoncmdr@lemmy.world
        link
        fedilink
        English
        arrow-up
        19
        ·
        5 months ago

        And in return Gamers Nexus is teaching all of their viewers what their consumer rights are, and how to report fraudulent activity to the proper regulatory authorities. This isn’t the first time Gamers Nexus has gotten regulatory agencies involved with computer part manufacturers fucking over customers, and the history of those incidents didn’t go very well for other companies involved.

        On the other hand Gamers Nexus has also gone out of their way to point out companies that have done the right thing when issues came up, to make sure those companies are getting kudos for NOT fucking over consumers. Because sadly that’s all we really want.

        If the FTC gets enough complaints to warrant the manpower to investigate ASUS warranty fraud, there is no doubt in my mind that they’re gonna be fucked based on what we’ve seen so far.

      • ultratiem@lemmy.caOP
        link
        fedilink
        arrow-up
        11
        ·
        5 months ago

        All you need is one lawyer in this case to handle the class action lawsuit that would follow. There is power in numbers.

        • halcyoncmdr@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          5 months ago

          A class action lawsuit with a related FTC warranty fraud investigation is a pretty tough thing to fight.

  • Xanis@lemmy.world
    link
    fedilink
    arrow-up
    58
    arrow-down
    2
    ·
    5 months ago

    Give it a minute: Tech Jesus and his Nexus friends are having a great time with ASUS recently. I’m sincerely looking forward to how far they take things.

    • ultratiem@lemmy.caOP
      link
      fedilink
      arrow-up
      17
      ·
      5 months ago

      I worry about that more than I should. But yeah, that is the central hub that everything goes thru. I actually don’t even want it to ping Asus’s update servers because I can’t be sure what kind of data is being sent.

      I moved to Merlin firmware and hoping that doesn’t have any telemetry. Unfortunately OpenWRT doesn’t support wifi 6/6E routers and even the rare ones it does support, aren’t really the greatest.

      I want the asus hardware, just not their shitty software.

  • SomeGuy69@lemmy.world
    link
    fedilink
    arrow-up
    36
    ·
    5 months ago

    Asus would do good in hiring a real lawyer. Parents accept, kid uses router, data collected of child, illegal. So easy to rip them a new one.

    • ultratiem@lemmy.caOP
      link
      fedilink
      arrow-up
      17
      ·
      5 months ago

      NP. I was pretty pissed as they haven’t released a new update in almost a year and when they did, this is all that’s been changed.

      Good news is moving to WRT Merlin is a piece of cake and even carries over all your original settings. Hopefully they rip out this crap with their own firmware.

  • macniel@feddit.de
    link
    fedilink
    arrow-up
    32
    ·
    5 months ago

    Because they aren’t legally allowed to spy on minors they add this shit to bypass it?

      • fluckx@lemmy.world
        link
        fedilink
        arrow-up
        16
        ·
        5 months ago

        Is the train of thought that if the adult approves they can harvest data from minors regardless? It harvests data from anybody using the internet, not just person handling the settings. It doesn’t seem legal that the data harvest agreement binds all users in a household rather than the one managing the settings?

        Is that legal in Europe? is it legal to suddenly semi brick a device if you dont allow them to data harvest? Is it really considered giving consent freely when the device you paid $$ for suddenly no longer does 90% because you disagree with sudden data harvest practices?

        I can understand a feature not working because you disagree on sharing something. E.g: can’t tell you which pizza place is near you if you dont share your location.

        But this? I hope it’s illegal and they get sued into oblivion for this. This is super invasive.

        • ultratiem@lemmy.caOP
          link
          fedilink
          arrow-up
          5
          ·
          5 months ago

          I think it’s literally just legalize to appease law makers with regards to collecting info from a minor. That’s typically a no-no in NA. If you lie and click the box but you’re 15, that’s on you. There isn’t any legal recourse if someone just lies. I’m totally ok not needing to send anyone “proof” of my age for anything on the net (this, porn, NSFW, etc,).

          • fluckx@lemmy.world
            link
            fedilink
            arrow-up
            7
            ·
            5 months ago

            But that’s the point. You, the 15 year old, never click or see the box. Your data is harvested because somebody somewhere else agreed to it.

            It’s like giving any website the right to farm your data because somebody else on the same shared IP clicked accept all.

            I’m also totally okay not having to send any identity data over the net. I fully agree there. It’s just their standpoint of “let an admin click it and we can farm everybody’s data behind that device” seems like a very unstable legal standpoint.

            Then again. I’m not a lawyer and the law doesn’t work based on how lawful i feel something is or should be.

      • Kilgore Trout@feddit.it
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 months ago

        It builds on devices’ source code published by ASUS. The is no data sharing with ASUS.

        Merlin’s privacy disclosure:

        The only outbound connection made with me by this firmware is when the firmware checks for availability of a new version.

            • TheFinn@discuss.tchncs.de
              link
              fedilink
              arrow-up
              2
              ·
              5 months ago

              Here are some screenshots from my router administration pages. Notice the “Powered by Asuswrt-Merlin”.

              In the first image you can see that I have a particular feature disabled.

              When I toggle it on I receive a warning that my information will be collected by Trend Micro.

              I included another screenshot showing the location where I would withdraw my consent to having my data collected, were I to actually use the advanced features of the router, that I thought I was paying for at the point of sale. Instead I was apparently paying for the privilege of having the option dangled in front of me, behind an agreement for yet another, separate company to collect my family’s data.

  • Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    29
    ·
    5 months ago

    OpenWRT is better for a lot of reasons. It isn’t as user friendly but if you know a little networking you will be fine. The big thing is that automatic updates aren’t a thing so make sure you manually update.

      • Possibly linux@lemmy.zip
        link
        fedilink
        English
        arrow-up
        4
        ·
        5 months ago

        It isn’t half bad but it does use a lot of terminology and can be overwhelming because it has so many options

        • BorgDrone@lemmy.one
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          5 months ago

          It isn’t half bad but it does use a lot of terminology

          That’s why it’s user friendly. Try configuring one of those “user friendly” consumer grade crap routers. Due to the use non-standard descriptions in a misguided effort to be user friendly no one actually has any clue what settings actually do.

          • Possibly linux@lemmy.zip
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            5 months ago

            Good point but most people don’t have a good networking background. That’s why some companies ship openWRT with custom skins

            • PM_Your_Nudes_Please@lemmy.world
              link
              fedilink
              arrow-up
              5
              ·
              edit-2
              5 months ago

              Good point but most people do have a good networking background.

              Relevant xkcd

              I know the target demographic for a privacy community will likely have a good networking background. But “most” is likely an overstatement. I think most people don’t even know what a router does, much less how to configure one.

            • BorgDrone@lemmy.one
              link
              fedilink
              arrow-up
              2
              ·
              5 months ago

              But with those ‘user friendly’ UI’s no one knows what they’re doing. The user doesn’t know regardless and now the expert they ask for help has no clue either.

  • DevCat@lemmy.world
    link
    fedilink
    English
    arrow-up
    22
    arrow-down
    3
    ·
    5 months ago

    If I bought one of their routers and this came up, I would simply be returning it and giving the person at the counter a printout as to why. Sorry, but this router is not “suitable for purpose”. Look up that phrase and “merchantability”.

    • makingStuffForFun@lemmy.ml
      link
      fedilink
      arrow-up
      17
      ·
      5 months ago

      Agree. Straight back for refund. In Australia we can legally choose the manufacturer, or the retailer. I’d go straight to Asus, to give them the message directly.

      • Fubarberry@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        6
        ·
        5 months ago

        Trying to refund through Asus will result in them dragging their feet, being as unhelpful as possible, or claiming you damaged the product.

        • Taleya@aussie.zone
          link
          fedilink
          arrow-up
          10
          ·
          edit-2
          5 months ago

          Which will result in federal agencies going straight up their arse.

          Many countries outside the US have actual consumer protections

          • Fubarberry@sopuli.xyz
            link
            fedilink
            English
            arrow-up
            3
            ·
            5 months ago

            I would hope so, but Asus has been doing things like this for at least 10+ years which makes me doubtful that anything will change soon.

        • makingStuffForFun@lemmy.ml
          link
          fedilink
          arrow-up
          4
          ·
          5 months ago

          I’ve been down that road with Samsung. One mention of our consumer laws, with a link to the contact form where I can report them, and refund issued immediately. Australia has good laws. People just need to flex em.

    • DevCat@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      1
      ·
      5 months ago

      For the downvoters, in the US:

      https://www.findlaw.com/consumer/consumer-transactions/what-is-the-warranty-of-merchantability.html

      The implied warranty of merchantability guarantees that a product sold to you will work for its intended purposes. In other words, it means you can expect a toaster to toast your bread. If it doesn’t, you have legal protection against losing money on a product that doesn’t work.

      If you bought the router expecting it to work as advertised, you may make a claim if it doesn’t. They would have to spell out ahead of time what the limitations and requirements are in order to avoid trouble.

      • ultratiem@lemmy.caOP
        link
        fedilink
        arrow-up
        3
        arrow-down
        2
        ·
        5 months ago

        You have no claim. The update does not disable the router and even if you opt out, the router itself still functions, except with a few additional features missing. Telemetry and data collection does not void a warranty. There is no claim here.

        • DevCat@lemmy.world
          link
          fedilink
          arrow-up
          3
          ·
          5 months ago

          That would be for the legal system to decide. If you purchased it for a specific advertised feature, and that feature was disabled unless unspoken terms were agreed to, you would have a case.

        • WolfLink@lemmy.ml
          link
          fedilink
          arrow-up
          2
          ·
          5 months ago

          Protecting your network from internet-bound threats is one of the most important jobs of a router, and that involves receiving security updates. Once your router no longer receives security updates, you should stop using it.

        • PM_Your_Nudes_Please@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          5 months ago

          That depends on how the product is marketed. If the product has any of those disabled features on the box and doesn’t outright say you need to send them telemetry data to use it, then you could argue that you bought it for that feature and can’t use it.

          For instance, maybe I want to use the VPN feature, so I bought a router that supports that. And now I’m locked out of that feature unless I agree to a miles long privacy policy and sharing my telemetry data.

          Plus, the lack of security updates is, at best, extremely concerning. The firewall’s primary function is to act as a first line of defense against attacks coming in via WAN. They have locked those security updates behind the telemetry sharing, and therefore it can’t even be used as a proper firewall.

    • ultratiem@lemmy.caOP
      link
      fedilink
      arrow-up
      5
      arrow-down
      3
      ·
      5 months ago

      I would rather not have less options in this world and force companies not to be dicks. I guess to each their own. My router is also 2y old so no returns available.

    • ultratiem@lemmy.caOP
      link
      fedilink
      arrow-up
      8
      ·
      5 months ago

      Yeah. When I bought my ASUS router I was looking into OpenWRT supported routers but they are really hard to come by (at least in NA) and quite dated. Router manufacturers really don’t want to have their telemetry removed.

      • space@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        One of those tiny low power PCs with OpenSense is a good alternative, but a bit more work. The only downside is that you need a separate switch and wifi access point.

    • You999@sh.itjust.works
      link
      fedilink
      arrow-up
      9
      ·
      5 months ago

      There’s a few routes (pun intended) you could go.

      DIY with opnsense on an old PC will give you the most flexibility and will allow you to build your router to your exact needs.

      Ubiquiti is also another choice albeit a contentious one. Their hardware is pretty good which also doesn’t require a recurring charge to use (unfortunately rare when you get into the enterprise grade gear). The software side is where people have such mixed feelings as for consumers and prosumers it’s pretty good but when you start getting into enterprise level configurations you’ll find their software pretty lacking. For example if you need a L3 switch for inter VLAN routing you’ll want to go with a different vendor as ubiquiti’s L3 is practically broken.

      • Damage@feddit.it
        link
        fedilink
        arrow-up
        5
        ·
        5 months ago

        I went with Mikrotik and it’s great, but honestly I cannot endorse them as consumer routers, they are very hard to set up

        • You999@sh.itjust.works
          link
          fedilink
          arrow-up
          4
          ·
          5 months ago

          I love mikrotik especially their switches as they are the only vendor making relatively affordable 100 gigabit gear. I completely agree their software isn’t user friendly which I why I didn’t endorse them. Plus I don’t really have experience with their wireless access points nor have I seen any in the wild.

          • Damage@feddit.it
            link
            fedilink
            arrow-up
            1
            ·
            5 months ago

            I have a 5-years-old wAP, and it… Works. Not super fast TBH, and I had to tweak it a bit to get it there, 'cause the default settings were slow. At this point I don’t remember what I did tho.

      • bobs_monkey@lemm.ee
        link
        fedilink
        arrow-up
        4
        ·
        5 months ago

        And Ubiquiti’s support is non-existent. Don’t get me wrong, I like their hardware, and their software works just fine for my needs, especially at their price point. But if you have issues, you’re searching forums or are SOL.

        Ruckus gear is pretty good too, though I don’t have much hands-on experience with it. And it’s expensive. Like really expensive.

        • You999@sh.itjust.works
          link
          fedilink
          arrow-up
          3
          ·
          5 months ago

          I’ve actually never had any problems with their support the two times I had to RMA some dead products but maybe I’ve been lucky.

      • Aceticon@lemmy.world
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        5 months ago

        You can also get a Celeron-based (for example with a N100) fanless mini-pc meant for use as DIY routers like these and install something like pfSense on it.

        Personally my really old router still does what I need so I’m leaving it be, though I’ve replaced my media box and my NAS with a similar device running Lubuntu but can’t really make it also be the router since it only has 1 ethernet port.

    • ultratiem@lemmy.caOP
      link
      fedilink
      arrow-up
      5
      ·
      5 months ago

      Man, idk. I installed WRT Merlin in hopes this doesn’t make it there. OpenWRT is really hard to get onto routers. Even the ones that support it (which tend to be pretty dated) have a ton of hurdles or restrictions as manufacturers really don’t want to lose the telemetry.

      Asus makes great hardware unfortunately. Some of the fastest and most performant routers out there. Moreover, they don’t rely on subscriptions to gate some of the features like pretty much every one else.

      I tried TP Link and Netgear (if their “legendary” Nighthawk) and the Asus just blew them away on every level. Especially stability and reliability.

      • BaumGeist@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        5 months ago

        OpenWRT is really hard to get onto routers

        I bought the Nanopi R4S, and it was extremely easy to switch out their modified OpenWRT for vanilla (literally just use a command/program to install the image on an SDcard). Granted, I did have to find a solution for wifi, but even that was easy with the Belkin RT3200s and the instructions (more in-depth, but still hand-holding). I also flashed it onto a Netgear AC1200 using nmrpflash, which sounds imposing, but really just entailed installing the pre-reqs, hooking the router’s ethernet port directly to my PC’s and running the command.

        I did have to do my research to arrive at my decision to buy these specific models for their compatibility with OpenWRT. If you don’t, you might end up with something that requires popping open the shell and setting up serial comms, which is a pain.

        As far as I could find, out of the three Wifi6 enabled Asus models (RT-AX###) that are compatible with OpenWRT, 2 require ssh and running commands that are given in the guide; the other one, and all of the supported AC### models, seemed to work using ASUS’s built-in web-app to upload the OWRT image. I wouldn’t say any of it is easy, but I also can’t agree with “really hard.”

        Another consideration is setup and maintenance. Proprietary firmware tends toward being as “click here to set and forget everything, here are the only 3 pieces of info you need to know from now on”; OpenWRT is definitely more hands on and requires a lot of RTFMing and routine maintenance.

  • ky56@aussie.zone
    link
    fedilink
    arrow-up
    16
    arrow-down
    1
    ·
    5 months ago

    FYI the open source OpenWRT based Banana Pi R3 AX 4x4 is a thing. Don’t buy closed source Routers/APs on purpose.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      7
      ·
      5 months ago

      You can just buy a off the shelf router and flash OpenWRT many devices are supported. If you want to be sure just look it up before you buy.