Looking for feedback: Anyone considering AiCloud important to them?

[DJones]

@RMerlin would it not be simple to write some documentation on what would need to be reenable for AiCloud if users want to build the firmware themselves with the appropriate configuration. At that point it’s completely up to them, and users without knowledge that probably need protection will just give up and users that insist on using it will just build the firmware.

Download the latest source code from GitHub

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng

github.com

 

[Tech9]

Why not the opposite? Let advanced users build themselves the firmware they want.

 

[sfx2000]

Use a VPN to directly access the network share.

I think perhaps this is one use-case - what happens with AiCloud behind either CGNAT or 464XLAT - where IPv6 is perhaps a better path because of poor handling of IPv4?

AiCloud | ASUS USA

www.asus.com

The right answer here is not just a VPN hosted by a router, but something like TailScale... I've been a big fan of TailScale - they're smart, and a good entry into their platform...

Again, as previously mentioned - in favor of removing the Asus implementation, as long as there is something else to back it up...

I'm not directly affected, but I'll advocate for those who might be impacted

 

[DJones]

Why not the opposite? Let advanced users build themselves the firmware they want.

Because advanced users of Asuswrt-Merlin are less likely to use the AiCloud service which means it would remain off anyways. Removing the service or keeping the service makes no difference to us if he never used it to begin with. So their is zero incentive to manually build a firmware with it removed.

On the other hand users with no experience who are high risk to themselves will have the choice of staying on stock or using better alternatives within Merlin or if it’s absolutely necessary they use AiCloud with Asuswrt-Merlin their is the possibility of building the firmware with that feature.

The benefit is their is a skill gate requirement. If you want to use the feature with Merlin your going to have to read documentation that suggests you stop and think about the problems that come along with using this feature. And then you’ll still have to jump through hoops to build it. It’s not impossible, just very difficult for novice users. Simply put a disclaimer their isn’t support if you do this.

It’s clear the need for AiCloud isn’t enough in Asuswrt-Merlin or we’re still not reaching any vocal audience that is willing to advocate it stay. We’re pretty much just waiting and playing devils advocate.

Point is it keeps weapons out of the hands of people that will shoot themselves and blame everyone else but themselves.

I know it seems insulting to users to remove “choice” by default. But their is good intentions behind it, and it’s not a absolute blockade of its use. Just not a function offered out of the box. I wouldn’t be offended if Merlin wanted to endorse more custom feature into his firmware to make it stand out from stock versions. If he wanted to make tailscale a feature to replace it I’d be fine with that. Or a simple warning on the AiCloud page would be fine too whichever is easiest.

 

[RMerlin]

@RMerlin would it not be simple to write some documentation on what would need to be reenable for AiCloud if users want to build the firmware themselves with the appropriate configuration. At that point it’s completely up to them, and users without knowledge that probably need protection will just give up and users that insist on using it will just build the firmware.

Download the latest source code from GitHub

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng

github.com

People can`t even be bothered to read release notes...

 

[DJones]

People can`t even be bothered to read release notes...

That’s fair. But that should speak loudly about the user base and what actions you may or may not wish to enforce on their behalf.

 

[Tech9]

Point is it keeps weapons out of the hands of people that will shoot themselves and blame everyone else but themselves.

Did you remove your signature before or after posting this? I remember your own statements about your knowledge level and have no concerns whatsoever removing quite a bit of features from your firmware just to protect you. You can build your own after if not happy.

 

[DJones]

Did you remove your signature before or after posting this? I remember your own statements about your knowledge level.

My signature has nothing to do with this. It stated I’m not a security researcher which is true. And that I may end up shotgunning information which may not be helpful. I of course can make mistakes with my suggestions. But don’t insult me.

 

[Tech9]

But don’t insult me.

Why you're taking it personally? I'm trying to help you in exactly the same way you are trying to help others after categorizing them as dangerous to themselves. "Not an expert...", remember? Trust me, it's for your protection. I called some experts and they all agreed it's a good idea.

 

[Tech9]

The benefit is their is a skill gate requirement.

Suggesting networking skill test before downloading Asuswrt-Merlin firmware. Can't pass - not for you, stay with Asuswrt.

 

[DJones]

It’s fine I can see this isn’t going to be constructive. The only baseline I’m suggesting is they read documentation readily available which is why I suggested RMerlin provide this. The skill gate I referred was simply the level of difficulty it may present to users that do not have a background in Linux, VM’s, networking. Each experience you have with these will help your overall success in building a firmware from documentation. I’m not saying it’s required I’m saying without knowing these things it’s going to be difficult task. Which would discourage users from attempting this.

Well in this case yes I’m fine with ripping something that’s unnecessary out of the firmware. I don’t think that is the correct course of action for every vulnerability out there and have never stated anything like that in my signature. If it can be patched that’s wonderful, but if the problem is reoccurring their comes a time to reevaluate it’s usefulness which is what I’m trying to make a point of.

If you want the feature that’s fine. I’m not saying your opinion doesn’t matter however you’ve only stated it’s a annoyance to support on the forums to remove it.

Where I take offence is I was generalizing the community I don’t expect everyone to have the same level of knowledge. I’m quite aware individuals within the community are not infallible to threats they don’t know about. I’ve worked technical support I know from experience if you have an issue you’re probably contacting support because you lack certain knowledge and need help to learn about the product. That’s fine. We’re here to help.

Maybe I’m at fault for not being an optimist.

You on the other hand seemed to directed it toward my level of knowledge. My knowledge varies sure. But but your point seemed to insinuate that I lack enough knowledge or that it has no value. I’m not an expert I still have things I can learn so I wouldn’t categorize myself as such and put myself where everything I say is accurate without fault. Just a guy on a forum who isn’t paid to be a “expert” here.

Yes I can certainly remove the feature myself, but I have no desire to do that if all it requires of me is to not use the feature. Im just discussing the pro’s and con’s.

Anyways that’s enough I said my peace on the issue.