What's new

How to protest ASUS privacy invasion in US.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
@ColinTaylor, it supported DDNS and Adaptive QoS. I used that in daily basic. Now I was forced to agree their EULA in order to get it works again. That's functional regression. It really pissed me off.

@gattaca, I don't take it as granted. I will look into ASUS release source code and see where/how they collect my information.

I believe the stock firmware prompting the EULA again is due to GDPR in Europe.
 
I have not missed anything, what is very clear is that you have no idea what you are talking about.

If you don't want to use TrendMicro AiProtection DON'T TURN IT ON !

If you don't accept the EULA and do not run it then NOTHING can be collected.

I don't even have AiProtection features. I really don't care.

But in order to get back DDNS and Adaptive QoS works again, I have to agree their EULA. Otherwise, those features are disabled. It is software function regression. If you have ever developed any commercial software, that's a big deal. You have to sell a good story to tell your customers why you take away what already provides.
 
@ColinTaylor, it supported DDNS and Adaptive QoS. I used that in daily basic. Now I was forced to agree their EULA in order to get it works again. That's functional regression. It really pissed me off.
The RT-AC66U doesn't support Adaptive QoS and never has.

I believe the stock firmware prompting the EULA again is due to GDPR in Europe.
Yes, this has already been discussed at length in previous threads.
 
@ColinTaylor

I mispoke QoS. But QoS features has changed from time to time. It really didn't work that well.

I'm looking into stock version source code. I'd wonder if anyone has done that before to find out the location that ASUS collect and send our information. I'd wonder what information and where did it send to even without TrendMicro AiProtection things.
 
@RMerlin In stock version FW, reject/withdraw EULA means it take away not only AiProtection (which I don't want) but also rest of software features. See below the list of software features:

These are two separate EULA: one from Trend Micro (which only affects features using the Trend Micro engine) and one from Asus (for their own services). You can reject the Trend Micro EULA, and still have access to every other feature that doesn't use the Trend Micro engine.
 
@RMerlin

Correct. My old router doesn't have AiProtection. I'm OK with it. But I have to accept ASUS EULA to keep Dynamic DNS work. That's a regression.

I did a static analysis on their stock firmware this afternoon. There are 40+ binary blob at application level (excluding wireless drivers). I don't think there are any trade secrets there. It makes no sense to keep them closed source.
 
Do you have a smartphone? Do you have a PC? Do you have a tablet? You can't turn these on without accepting multiple EULAs these days so I'm not sure why you are freaking out. Load your original firmware back on your router if you don't like the requirements in the updates. Closed source. Of course it makes sense.
 
@RMerlin

All ASUS service seem to run as the same OS account by the way services.c launching each application service. Do they all runs as root?

@dosborne

I have never used Merlin. I don't mean to offense anyone. To me, it is not OK. If you know GPL, it links the whole damned closed source statically with GPL source code. By law, they must release their source code.

Let me give you an example:
This is GPLed:

https://github.com/rickyzhang82/asu....382.51640/release/src/router/shared/base64.c

But they link their binary blob:

https://github.com/rickyzhang82/asu....382.51640/release/src/router/shared/prebuild
 
Load your original firmware back on your router if you don't like the requirements in the updates.
Plus all the other stuff I said :)
 
I did a static analysis on their stock firmware this afternoon. There are 40+ binary blob at application level (excluding wireless drivers). I don't think there are any trade secrets there. It makes no sense to keep them closed source.

A lot of the closed source components contain Broadcom code that is labeled as Confidential by Broadcom themselves, and for which any redistribution is forbidden by their license.

There's also proprietary features such as AiCloud which Asus invested a lot of money to develop for their own products, and they are taking steps to prevent their competitors from reusing all of their investment, for free. Keep in mind that device manufacturers don't just sell hardware, they sell software and functionalities as well.

I'm surprised nobody raise their voice on ASUS GPL violation.

Because there isn't any that has been reported, and whenever an issue is reported to them, they promptly resolved it? For example, a few years ago, they made the robocfg source code closed. Since that tool was actually written by the open-source community (and it included code that I personally wrote as well), I pointed it out to them. They said it was a mistake (they assumed the switch-related code came from Broadcom's SDK - it didn't), and they reopened it in the following release.

Honestly, you are barking at the wrong tree. Of all the major router manufacturers, Asus is one of the most open-source friendly. Look at Netgear for example. Their entire firewall configuration, and their web server are both completely closed source, preventing developers like @Voxel from even being able to modify it. He can't even add new pages to the webui due to how closed Netgear's code is. And when he tried to get in touch with Netgear to get their cooperation, they didn't just ignore him, but they started removing additional components from their GPL releases, making his job next to impossible.

So, I'm not sure why you seem to be on some kind of war path against Asus when I see far more flagrant issues with various competitors. For example, where is the Netduma OS source code (it's based on OpenWRT)? Or the SabaiOS source code (it's based off Tomato)?
 
All ASUS service seem to run as the same OS account by the way services.c launching each application service. Do they all runs as root?

Most of them do. A few that support non-privileged users (like dnsmasq) will drop their privileges at run time. This is common for pretty much all these home-class devices, as their software stack dates back to the mid-2000s, back when devices had very limited amounts of RAM and CPU, and software security wasn't as much of a concern as today. They are based on a monolithic design rather than a modular one.
 
@RMerlin

I always used ASUS stock firmware (Don't take this as offense. I was happy with what the stock version offers until now). I never take a close look in ASUS router. Because I believe they are completely "open source". In this way, people like you or the community can safeguard any wrong doings from ASUS.

But the recent ASUS EULA take-it-or-leave-it dialog popping up from my 4+ years old router suddenly wakes me up. I never knew they have been collecting my DDNS record including IP and MAC behind my back. For sure I'm not happy. What makes the matter worse, I'm forced to accept their EULA otherwise they will take away some software features which are already provided from the day one I made my purchase.

I believe you and I both want the vendors complete open source. Am I really barking at the wrong tree? Just because ASUS is a lesser evil. It doesn't mean it is OK to violate GPL. If ASUS fully open source all their own application, I will love them more. Plain simple.

Forget about the competition excuse. Even pfsense is open source, I'm still happy to pay for their Netgate router. Most of the users want to have hassle free upgrade experiences.

With respect to ASUS running services as root, thanks for your confirmation. Now I'm more determined to find a dedicated firewall.
 
I have never used Merlin. I don't mean to offense anyone.
I don't believe you are actually reading what EVERYONE is trying to tell you. I don't see anywhere where anyone is saying anything about "merlin" vs "stock". I give up. Good luck with your quest.
 
Status
Not open for further replies.
Similar threads
Thread starter Title Forum Replies Date
D Forum bias toward Netgear and Asus? Other Discussions 33

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top