Looking for feedback: Anyone considering AiCloud important to them?

[doczenith1]

So am I right this setting is automatically enabled and ok to leave it at that? Never used AiCloud before or even navigate to that page. Behind CG-Nat anyway.

View attachment 62632

Seems like you've had plenty of responses but none directly answering your question. I am fairly certain that the setting in your screenshot is a default as my router is the same and I've never used AiCloud. Based on that my answer to the second part of your question is that it's ok to leave it that way.

 

[bennor]

So am I right this setting is automatically enabled and ok to leave it at that? Never used AiCloud before or even navigate to that page. Behind CG-Nat anyway.

Yes. In Asus-Merlin the Enable Password Protection Feature default setting is enabled/on even when one doesn't have any other AiCloud 2.0 features (Cloud Disk, Smart Access, AiCloud Sync) enabled.

 

[Mogsy]

Seems like you've had plenty of responses but none directly answering your question. I am fairly certain that the setting in your screenshot is a default as my router is the same and I've never used AiCloud. Based on that my answer to the second part of your question is that it's ok to leave it that way.

Yes. In Asus-Merlin the Enable Password Protection Feature default setting is enabled/on even when one doesn't have any other AiCloud 2.0 features (Cloud Disk, Smart Access, AiCloud Sync) enabled.

Thank you both, hard to get straight forward answers lately.
Hopefully all these feedbacks will be useful for @RMerlin going forward.

 

[bluzfanmr1]

I just logged into a router that I manage and needs updated as it's a few updates behind, specifically before the Cloud Disk issues. It did not have Cloud Disk or the other stuff enabled, but that password button was set to off by default as it's never been used. I turned on the password button until I can update the firmware as I know the more recent updates have it on.

Anyone reading this may want to check the setting on their routers to ensure the password button is on.

 

[Ripshod]

Password on or off made no difference to the recent malware. Just don't use it.

 

[ColinTaylor]

I just logged into a router that I manage and needs updated as it's a few updates behind, specifically before the Cloud Disk issues. It did not have Cloud Disk or the other stuff enabled, but that password button was set to off by default as it's never been used. I turned on the password button until I can update the firmware as I know the more recent updates have it on.

Anyone reading this may want to check the setting on their routers to ensure the password button is on.

It has defaulted to Off on my router as well. This seems to be the default when looking at the source code (link).

 

[Ripshod]

That is strange as it's on on my router (never used it). Seems different models have different defaults.

 

[ExtremeFiretop]

I was initially going to stay quiet, since RMerlin was looking for feedback from users that do use it, and I didn't want to foul the thread.

But seeing it's already pretty "dirty" here, I may as well add the fact that I also do not use it and would not care if it went missing tomorrow. While the security stance is likely moot to someone that has a disabled. The fact that it causes extra work for RMerlin to issue emergency releases is really what is concerning. RMerlin is donating his time as this is a passion of his, but when these types of situations happen it pressures him to issue something "asap" right away and we can't always expect that.

I also manage 2 other routers for family, etc and they also do not use AiCloud and I can speak on their behalf as a regular user that they don't even know what it is.

Anything they would need setup I would use an alternative solution.

 

[bennor]

On two RT-AC68U's,

Thank you both, hard to get straight forward answers lately.
Hopefully all these feedbacks will be useful for @RMerlin going forward.

On two RT-AC68U's, one running Asus firmware the other running Asus Merlin, both default having that setting set to enabled/On with AiCloud disabled.

 

[heysoundude]

I think perhaps this is one use-case - what happens with AiCloud behind either CGNAT or 464XLAT - where IPv6 is perhaps a better path because of poor handling of IPv4?

AiCloud | ASUS USA

www.asus.com

The right answer here is not just a VPN hosted by a router, but something like TailScale... I've been a big fan of TailScale - they're smart, and a good entry into their platform...

Again, as previously mentioned - in favor of removing the Asus implementation, as long as there is something else to back it up...

I'm not directly affected, but I'll advocate for those who might be impacted

I knew I like the cut of your jib - ipv6, tailscale/wireguard...

I don't use it but some people might be on a CGNAT ISP and cant route a VPN [inbound].

see above, friend. it may inspire some to put some effort into expanding/modernizing their way of thinking...heck, I was just watching a video yesterday with an engineer from Meta stating that they use IPv4aaS

Interesting discussion...

 

[elbubi]

Just to share my thoughts: I'm not fan of any kind of sensorship, and even if I can't care less if AiCloud is gone forever, I have mix feelings about it and it makes me "noise" to cripple some feature even if it is for good reason and wholehearted like it is in this case.

May be some softer approach can be taken, as in example disabled by default, strong advise against it when enabling, and maybe also a time triggered deactivation (once a month). That way, the majority of people that enables it and does not really make any use of it (I was one of those some time ago) will not renable it again and get less expossed. People who uses it, will learn to establish a vpn server connection to renable it (if they are away from lan device), and may be decides to not use it any longer and replace it with more secure procedures.

Just my 2 cents, thanks Eric for your hard work and to others for sharing so much knowledge.

 

[KingBravery]

Personally, I dont use AiCloud features

 

[Unisoft]

Won't Asus get the hump you are disabling features, and make things harder or more closed shop even from commercial point of view.

By disabling AICloud every merlin update as said previously, less savvy users get protected whilst those that really need it can re-enable it. That would also keep Asus happy as well as new comers who might think Merlin is inferior due to less features than stock.
ANY feature can get compromised over time but if you strip the feature out, it gets less and less. I've never used AiCloud as said before so it makes no odds to me, I wouldn't trust it even before the vulnerabilities.

 

[RMerlin]

Won't Asus get the hump you are disabling features

No.

 

[Crazy]

I use aicloud but only on the local lan. What does everyone that don't use aicloud use to access files and video? Is there any free options?

 

[sfx2000]

By disabling AICloud every merlin update as said previously, less savvy users get protected whilst those that really need it can re-enable it. That would also keep Asus happy as well as new comers who might think Merlin is inferior due to less features than stock.

If folks want the AICloud features - they can always run the stock firmware...

There are features and capabilities within AsusWRT-RMerlin and this enables the whole Entware and 3rd party script folks... Nothing say negative, but those communities are focused on specific features that do maybe depend on some level of expert knowledge...

Most end-users are actually fine on the Stock Asus Firmware, and fully supported there with all the features...

 

[visortgw]

I use aicloud but only on the local lan. What does everyone that don't use aicloud use to access files and video? Is there any free options?

There is no need to use AiCloud to access files via LAN only. The issue remains that while you may not be accessing AiCloud from outside your network, WAN access is still enabled, which leaves you vulnerable.

One simple alternative is SFTP (with SSH disabled for WAN on router):

1. Install amtm via ssh.
2. Install entware via amtm menu.
3. Install enware SFTP server via ssh: opkg install openssh-sftp-server
4. Use ftp client of your choice to access files from devices on your LAN (or from WAN with VPN connection).

 

[MDM]

I use aicloud but only on the local lan. What does everyone that don't use aicloud use to access files and video? Is there any free options?

That's not AiCloud (meant for internet access) but USB Application - Samba or Media Server (meant for local access)...

P.S.
visortgw was quicker to answer...

 

[MDM]

One simple alternative is SFTP

Why complicate when there already is FTP on the router, and since it is local access no need for the secure SFTP type..?

 

[visortgw]

Why complicate when there already is FTP on the router, and since it is local access no need for the secure SFTP type..?

Personal preference and cybersecurity background prior to retirement — IMO, it's a rather simple security upgrade.