New Firmware Version 3.0.0.4.385.20252-ga052d4c

[Special]

My router shows there is a firmware update Version 3.0.0.4.385.20252-ga052d4c but when I go to Asus website it still lists Version 3.0.0.4.385.10000 as the latest. Anyone else see the same thing?
I think I will wait till the website shows the new firmware before updating.

 

[OzarkEdge]

My router shows there is a firmware update Version 3.0.0.4.385.20252-ga052d4c but when I go to Asus website it still lists Version 3.0.0.4.385.10000 as the latest. Anyone else see the same thing?
I think I will wait till the website shows the new firmware before updating.

It is not uncommon for a new release to be out-of-sync.

It would be useful to know what router you are talking about, RT-?

OE

 

[podkaracz]

It is not uncommon for a new release to be out-of-sync.

It would be useful to know what router you are talking about, RT-?

OE

Hes talking about rt68u probably since i saw his previous firmware name in context of 68u

 

[dave14305]

Also mentioned here: https://www.snbforums.com/threads/new-firmware-ac68u-version-3-0-0-4-385_20252.61794/

 

[podkaracz]

Also its kinda disgusting that asus pushes 2 updates for 68u when noone for 86u which is higher in value and should get better treatment than sloppy and bad performing latest firmwares.

 

[Special]

It's a 68u.

 

[VANT]

Firmware version 3.0.0.4.385_20252
- Release Note - 

1. Fixed the firmware update problem in some special conditions.
2. Fixed UI bugs.

 

[wouterv]

3 months and 10252 releases (from 3.0.0.4.385.10000 to 3.0.0.4.385.20252) that is about 170 discarded releases per working day
There must be another magic behind the numbering.
And what is really fixed?
I believe to see slight differences in the Client list.

 

[Ken Atkinson]

Just updated my ac66u-b1 with this will post if i notice anything unusual, thats 2 updates for it but nothing since september for my main node the AC88U.

 

[RMerlin]

Don't pay too much attention to the version numbers, these are very minor updates. The "real" jump in code will be when they move to the 386_xxxxx releases.

The version numbers do not reflect the number of builds/releases. Numbers get incremented sometimes to denote a particular shift - for instance they jumped from 384_4xxxx to 384_6xxxx, then 384_8xxxx during development.

There is no new firmware for the RT-AC86U simply because the next major release (386_xxxxx) is not ready for prime time yet. The RT-AC86U will get an update once there is actually one ready. There were barely any changes between 384_81351 and 385_10002 for instance, and they were either minor or model-specific, hence only the RT-AC68U got these.

 

[podkaracz]

Don't pay too much attention to the version numbers, these are very minor updates. The "real" jump in code will be when they move to the 386_xxxxx releases.

The version numbers do not reflect the number of builds/releases. Numbers get incremented sometimes to denote a particular shift - for instance they jumped from 384_4xxxx to 384_6xxxx, then 384_8xxxx during development.

There is no new firmware for the RT-AC86U simply because the next major release (386_xxxxx) is not ready for prime time yet. The RT-AC86U will get an update once there is actually one ready. There were barely any changes between 384_81351 and 385_10002 for instance, and they were either minor or model-specific, hence only the RT-AC68U got these.

You wrote this somewhere about router security so is that still an actual state of router firmware ( if yes then ill stick to merlin even tho itll void warranty ) I wanna know if they improved their stock firmware to the point asus merlin wont make difference in security department . To be more specific when it comes to 86u.

"And since SoC manufacturers have little interest in keeping their official SDK up-to-date, preferring instead to push new hardware to their own customers, we end up with hardware running obsolete software from nearly day 1. And by obsolete I don't mean "a few months behind", but "a few years behind".

Router manufacturers share their part of the blame too - there's no reason why they can't keep critical components such as openssl or dnsmasq up-to-date. Quite often, updates are even direct drop-in replacements. For example, anyone using OpenSSL 1.0.0 can directly move to 1.0.2 without having to do any change to their code, and a few very minor tweaks to their makefile recipes."

 

[bobby blumpkins]

I'm very glad other people saw this firmware and asked about it. I installed this firmware from my RT-AC68U's admin page and then I couldn't find it listed on the ASUS support site which kind of freaked me out so I emailed ASUS and they said "nope there is no new firmware for the ac68u" which really freaked me out so I started to put all of the mesh routers in the microwave but then I found this post. ASUS shouldn't do stuff like this and I think I drink too much coffee.

 

[RMerlin]

You wrote this somewhere about router security so is that still an actual state of router firmware ( if yes then ill stick to merlin even tho itll void warranty ) I wanna know if they improved their stock firmware to the point asus merlin wont make difference in security department . To be more specific when it comes to 86u.

When talking about security regarding Asuswrt vs Asuswrt-Merlin, it's mostly what we call in French "une partie de saute-mouton". Basically, in a typical timeline:

1) I find a security flaw. I fix it in my firmware. My firmware is more secure.
2) Asus fixes it in their firmware, and issues an update. Both firmwares are just as secure.
3) Asus fixes a new security issue, and releases an update. Their firmware is more secure.
4) I merge their code into mine, and release a new firmware. Both are just as secure.

So when people ask me which of us is more secure, it's impossible to answer. Whoever issued the last release is the most secure at that precise point in time.

Now, there are a few extra security enhancement that my firmware has which never made it into the stock firmware. But these are just minor improvements, they aren't major security flaws waiting to be exploited. For instance, I use stricter filesystem permissions on some of the system files. Call it a small layer of security hardening, but nothing major to worry about.

In general, the stock firmware has greatly improved in terms of security. Asus are generally doing a very solid job when people contact them with security flaws they have discovered, communicating with the reporter, and taking steps to fix things in a reasonable timeframe. Of all the non-pro-summer router manufacturers, I consider them, today, as one of the best in that area.

 

[podkaracz]

When talking about security regarding Asuswrt vs Asuswrt-Merlin, it's mostly what we call in French "une partie de saute-mouton". Basically, in a typical timeline:

1) I find a security flaw. I fix it in my firmware. My firmware is more secure.
2) Asus fixes it in their firmware, and issues an update. Both firmwares are just as secure.
3) Asus fixes a new security issue, and releases an update. Their firmware is more secure.
4) I merge their code into mine, and release a new firmware. Both are just as secure.

So when people ask me which of us is more secure, it's impossible to answer. Whoever issued the last release is the most secure at that precise point in time.

Now, there are a few extra security enhancement that my firmware has which never made it into the stock firmware. But these are just minor improvements, they aren't major security flaws waiting to be exploited. For instance, I use stricter filesystem permissions on some of the system files. Call it a small layer of security hardening, but nothing major to worry about.

In general, the stock firmware has greatly improved in terms of security. Asus are generally doing a very solid job when people contact them with security flaws they have discovered, communicating with the reporter, and taking steps to fix things in a reasonable timeframe. Of all the non-pro-summer router manufacturers, I consider them, today, as one of the best in that area.

All in all what you said is that they catched up last years compared to what was before and right now the one to release firmware faster is more secure. And when we compared how often merlin firmware is published and how often official firmware is pushed out we got the answer which is merlin is always more secure because it pushes firmwares more often and is only behind right after asus pushes new firmware which is rare at least for 86u ( aprox 2 firmwares per year where merlin got those 14_1, 14_2 15 alpha 15 beta and stuff ).

 

[eddiez]

All in all what you said is that they catched up last years compared to what was before and right now the one to release firmware faster is more secure. And when we compared how often merlin firmware is published and how often official firmware is pushed out we got the answer which is merlin is always more secure because it pushes firmwares more often and is only behind right after asus pushes new firmware which is rare at least for 86u ( aprox 2 firmwares per year where merlin got those 14_1, 14_2 15 alpha 15 beta and stuff ).

If the base binaries don't change (by Asus), the new Merlin firmware will only contain new features or minor bugfixes.

 

[podkaracz]

If the base binaries don't change (by Asus), the new Merlin firmware will only contain new features or minor bugfixes.

Yes because part of it is closed source thats why i suppose? Also bugfixes and features are still better ( most of time if they dont introduce new problems) than stock. So this sentence is still true.