[Release 384/NG] Asuswrt-Merlin 384.5 is now available

[stambeccuccio]

For all the telephony and equipment that have to do with the transmission of data via the Internet and over the air.

I apologize, but I do not have the precise references of the EU directive because it is quite complicated, I am not a lawyer, and on the merits of this directive there is a lot of confusion and different interpretations ... and you can not even understand if all Member States of the European Union have implemented as law this directive and decision of the European Commission (which is, in effect, already law!).

The only fact that I saw and I could see here in Italy, is that the policy of security updates by the giants of telecommunications and all devices including routers, has changed a few months ago.

It is a fact that even Asus, a few months ago, unlike the past, makes monthly updates and even more....

I apologize to everyone for my off topic, but, at the moment, I can not able to be more precise.

 

[RMerlin]

For all the telephony and equipment that have to do with the transmission of data via the Internet and over the air.

I apologize, but I do not have the precise references of the EU directive because it is quite complicated, I am not a lawyer, and on the merits of this directive there is a lot of confusion and different interpretations ... and you can not even understand if all Member States of the European Union have implemented as law this directive and decision of the European Commission (which is, in effect, already law!).

The only fact that I saw and I could see here in Italy, is that the policy of security updates by the giants of telecommunications and all devices including routers, has changed a few months ago.

There is no such law, sorry. Whether it's routers from Netgear/D-Link/TP-Link/Linksys or phones from HTC/Samsung/Motorola/etc..., not a single one of these is issuing monthly security releases either.

It is a fact that even Asus, a few months ago, unlike the past, makes monthly updates and even more....

Actually, Asus used to issue updates almost on a monthly basis back in 2012-2014 era. These days, I believe their semi-official plan is to have one release every two months for most of their high-end models, unless an important issue requires an urgent security release. So actually, their release schedule has been slowed down, not sped up.

 

[rob-tech]

I upgraded my RT-AC87U to 384.5 and managed to get everything to work fine except for 2 things:

1) The initial setup wizard hangs on last step (see thread at: https://www.snbforums.com/threads/rt-ac87u-384-5-quick-internet-setup-stuck-on-last-step.46896/ )

2) Native Ipv6 does not work properly anymore (the clients drop their ipv6 address sporadically and only retain the link-local address, as a consequence all ipv6 test sites fail and the ipv6 internet is not accessible). I noticed the changelogs from the recent firmware of several models mentions fixed ipv6 issues. So I'm assuming this is known and the next Merlin release will include fixes.

 

[D_Day]

I have a 2.4ghz issue with my AC68U.
About a week ago I kept losing connectivity with my first edition PS4 that only has 2.4ghz connection, it was constant reboots until I factory reset the router and then the issue went away but now I have an issue with my Android box that also only has 2.4ghz connection, it drops connection every 10.03 minutes.
I have factory reaet the Android box and it still disconnects at 10.03 minutes. I have have that if I set it a static IP address it will reconnect automatically but over time the connection speeds drop to virtually nothing.
Any ideas?

 

[visortgw]

There is no such law, sorry. Whether it's routers from Netgear/D-Link/TP-Link/Linksys or phones from HTC/Samsung/Motorola/etc..., not a single one of these is issuing monthly security releases either.
...

Actually, Samsung does release monthly security updates for its "current model" phones through its monthly Security Maintenance Release (SMR) process (https://security.samsungmobile.com/workScope.smsb). Current models include:

• Galaxy S series (S9, S9+, S8, S8+, S8 Active, S7, S7 edge, S7 Active, S6 edge+, S6 Active)
• Galaxy Note series (Note 8, Note 5)
• Galaxy A series (A5 (2016), A5 (2017), A8 (2018))

 

[D_Day]

I have a 2.4ghz issue with my AC68U.
About a week ago I kept losing connectivity with my first edition PS4 that only has 2.4ghz connection, it was constant reboots until I factory reset the router and then the issue went away but now I have an issue with my Android box that also only has 2.4ghz connection, it drops connection every 10.03 minutes.
I have factory reaet the Android box and it still disconnects at 10.03 minutes. I have have that if I set it a static IP address it will reconnect automatically but over time the connection speeds drop to virtually nothing.
Any ideas?

After another factory reset i appear to have my Android box staying connected!

 

[RMerlin]

Actually, Samsung does release monthly security updates for its "current model" phones through its monthly Security Maintenance Release (SMR) process

That's a surprising change of stance, as they are usually quite late in supporting any new Android release.

 

[cowst]

That's a surprising change of stance, as they are usually quite late in supporting any new Android release.

Only security releases.
The OS stays light years behind

 

[M@rco]

There is no such law, sorry.

I haven't found any exact timeframes but I guess that @stambeccuccio is referring to the EU General Data Protection Regulation (GDPR, https://www.eugdpr.org/eugdpr.org-1.html) which has come in effect May 25th. Every company with a presence within the EU, which processes private data from EU citizens has to comply to the new regulations or risks a penalty as high as 4% of annual turnover or 20 million euro (whichever is greater). Every company has to appoint a data protection officer and is obligated to report any data protection issues in its broadest sense. The GDPR also implicates that any security issue for connected devices causes an (even more) serious issue to manufacturers than prior to the GDPR. Several tools have been released to test network environments for 'GDPR compliance'. Not sure what's different from other threat detection tools, as the main goal to assess is data security, but hey, I'm no GDPR expert. I did receive about two hundred e-mails from companies all over the global about changing their privacy statements to be GDPR compliant...

Again, I wasn't able to find any exact timeframes in the legislation, as the whole legislation is a monstreous document, but if there's any personal data disclosed or accessible due to, for example, a security issue on a networking device, fixing it asap is now mandatory by law as of May 25th. Companies are also obligated by law to be fully transparent as to what personal data is stored, what personal data has been (possibly) comprised and end users have a right to have their data deleted at any time, no questions asked. Not hardware related (and therefore off topic), but several companies, such as Instapaper for example, have paused their activitities within EU member states as they were not able to comply with GDPR in time and have been advised by their lawyers to pause everything until they're fully compliant.

This is is the biggest change in EU citizens privacy legislation since 23 years and it has far-reaching consequences for every company active within EU member states.

 

[frustin]

is this a bug:

I was reading https://github.com/RMerl/asuswrt-merlin/wiki/Custom-domains-with-dnsmasq
whereby Under: DNS and WINS server setting->DNS server 1-> i added my router ip 10.0.0.1
And i changed: Advertise routers IP in addition to user specified DNS to No

I cant remove and change the setting back to yes (which is what it was by default). It hangs at "Applying Settings..." when i presss Apply.

Can i do it via SSH?

It's spamming this in the log:

Jun  4 17:39:32 rc_service: watchdog 801:notify_rc start_cfgsync
Jun  4 17:39:39 kernel: networkmap[2697]: unhandled level 3 translation fault (11) at 0x00465000, esr 0x92000007
Jun  4 17:39:39 kernel: pgd = ffffffc012c75000
Jun  4 17:39:39 kernel: [00465000] *pgd=0000000014cab003, *pud=0000000014cab003, *pmd=0000000014e9c003, *pte=0000000000000000
Jun  4 17:39:39 kernel: CPU: 1 PID: 2697 Comm: networkmap Tainted: P           O    4.1.27 #2
Jun  4 17:39:39 kernel: Hardware name: Broadcom-v8A (DT)
Jun  4 17:39:39 kernel: task: ffffffc0153cabc0 ti: ffffffc012d0c000 task.ti: ffffffc012d0c000
Jun  4 17:39:39 kernel: PC is at 0x13300
Jun  4 17:39:39 kernel: LR is at 0x465000
Jun  4 17:39:39 kernel: pc : [<0000000000013300>] lr : [<0000000000465000>] pstate: 200f0010
Jun  4 17:39:39 kernel: sp : 00000000ffa6a300
Jun  4 17:39:39 kernel: x12: 000000000002a98c
Jun  4 17:39:39 kernel: x11: 0000000000465000 x10: 00000000004454c0
Jun  4 17:39:39 kernel: x9 : 000000000002a984 x8 : 0000000000000000
Jun  4 17:39:39 kernel: x7 : 00000000000001b8 x6 : 0000000000444d57
Jun  4 17:39:39 kernel: x5 : 00000000f77b6ce0 x4 : 000000000002a984
Jun  4 17:39:39 kernel: x3 : 0000000000000100 x2 : 0000000000000000
Jun  4 17:39:39 kernel: x1 : 0000000000000106 x0 : 0000000000444d57
Jun  4 17:40:02 rc_service: watchdog 801:notify_rc start_cfgsync

 

[speedingcheetah]

@RMerlin I just wanted to post here to tell you that flashing your firmware to my AC68U fixed the odd wifi issues I was having with the last few versions of the Official Asus Firmware. The issue I am referring to in the Offical Firmware is in this thread: https://www.snbforums.com/threads/ac68u-lan-to-wifi-downlink-throughput-issue.46992/

 

[pauligrinder]

I updated my RT-AC56U to 384.5. It seemed pretty nice at first, but two major things did not work at all for me:
* My USB modem would not connect at all. I tried everything I could think of, but it just did not connect. It said "network cable is unplugged" even though WAN settings were clearly set to USB and so on.
* My Raspberry Pi, which I've configured to boot of NFS hosted on the router, refused to boot since it couldn't connect. showmount -e showed the exports as usual on the router, but it just didn't work.

I fought the router for two hours trying to get these to work, but to no avail. So I downgraded to 380.7 (which I previously had), and both worked straight out, without even rebooting the router after downgrading...

Anyway, I'll be staying on this version for now, and will look into the newer version again once I'm home alone.

 

[RMerlin]

@RMerlin I just wanted to post here to tell you that flashing your firmware to my AC68U fixed the odd wifi issues I was having with the last few versions of the Official Asus Firmware. The issue I am referring to in the Offical Firmware is in this thread: https://www.snbforums.com/threads/ac68u-lan-to-wifi-downlink-throughput-issue.46992/

Kinda surprising since the wireless code is 100% identical, as I have no control over it.

 

[RMerlin]

It's spamming this in the log:

That service is closed source, therefore it's impossible for me to debug anything tied to it.

 

[RMerlin]

This is is the biggest change in EU citizens privacy legislation since 23 years and it has far-reaching consequences for every company active within EU member states.

While I haven't even tried to understand the details behind GDPR, I was under the impression it was only related to how companies handled customer data, and any security issue was related to THEIR organization, not their products (i.e. if there is a security breach in their corporate networks, then they are bound by law to provide proper disclosure and take proper actions). I'd be surprised if it dictated anything related to end-user products being sold, because that is simply impossible to enforce.

 

[frustin]

That service is closed source, therefore it's impossible for me to debug anything tied to it.

thanks. i factory reset and it's working again now.

 

[Beherit]

While I haven't even tried to understand the details behind GDPR, I was under the impression it was only related to how companies handled customer data, and any security issue was related to THEIR organization, not their products (i.e. if there is a security breach in their corporate networks, then they are bound by law to provide proper disclosure and take proper actions). I'd be surprised if it dictated anything related to end-user products being sold, because that is simply impossible to enforce.

You're correct.

I suspect that the original statement made in this thread is a combo of a hoax and a series of articles regarding an appeal to the courts in Netherlands that led to this hoax. The manufacturers were afraid that if the Dutch Consumers Association would win, it'd eventually lead to all manufacturers to be forced by the EU to update their devices regularly and for as long as 4+ years.

They lost, Samsung won: https://www.theregister.co.uk/2018/...has_no_obligation_to_keep_old_phones_patched/

 

[frustin]

Now i've reflashed and factory reset, the 5GHz wireless adapter says it is "disabled" in Tools. the Wifi symbol in the top right shows only half on (2.4Ghz only).

i have smart connect enabled in the wireless settings.

Any ideas how to switch the 5GHz on?

 

[jass]

Now i've reflashed and factory reset, the 5GHz wireless adapter says it is "disabled" in Tools. the Wifi symbol in the top right shows only half on (2.4Ghz only).

i have smart connect enabled in the wireless settings.

Any ideas how to switch the 5GHz on?

Wireless-> Professional-> Band 5GHz-> Activate radio-> Apply

Not sure if a reboot is required for the wireless change to take effect....

 

[pauligrinder]

While I haven't even tried to understand the details behind GDPR, I was under the impression it was only related to how companies handled customer data, and any security issue was related to THEIR organization, not their products (i.e. if there is a security breach in their corporate networks, then they are bound by law to provide proper disclosure and take proper actions). I'd be surprised if it dictated anything related to end-user products being sold, because that is simply impossible to enforce.

Yeah, I'd say it only has to do with services that collect and store user data, not devices. I'm pretty familiar with GDPR because I'm a software developer and we just did a few GDPR updates for various services and apps. Mostly just some changes in the privacy policies, really.