SoylentNews is people
SoylentNews
Google Chrome 77 Breaks Login Pages on Netgear Devices:
Google Chrome 77, released yesterday, has broken the login pages on modern Netegar[sic] devices, according to an avalanche of complaints on the company's official forum.
Devices like Nighthawk routers [1, 2, 3], Orbi WiFi meshes/routers, N600 modems, and ReadyNAS network-attached storage (NAS) systems [1, 2] appear to have been impacted.
According to reports, users trying to access their devices' admin page are either being redirected to the password page instead, or seeing an access denied error message.
While most people don't need to access their routers or modems' administration pages on a daily basis, the issue has had a more significant impact on owners of Netgear NAS equipment.
Netgear suggests using Firefox or Edge as a workaround.
Personally, I've never been a fan of automatic updating. Feel free to remind me to check, but it should be my decision to actually perform the check and/or update
(Score: 1, Interesting) by Anonymous Coward on Saturday September 14 2019, @06:20AM (5 children)
My phone autouploaded an update to Google Play Services. Now it's throwing error notifications about the dialer and SMS messaging having problems.
It seems par for the course. If I had the skills to patch Google out of my life, this wouldn't happen, but then, my own Congress would consider me to be a criminal for violating copyrighted code.
It still seems to work though, it's just that notification that things are failing is a bit unsettling.
This is Congressional Grade performance, fomented by Congressional Vote, and in my mind, falls short of being a viable public product.
All Congress would have to do is insert a rider exempting bug fixes from prosecution under Copyright Law.
(Score: 5, Informative) by MostCynical on Saturday September 14 2019, @11:46AM (2 children)
No more google?
Try LineageOS [lineageos.org]
(you can even put some, or all of google's stuff back, if you want)
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 2) by Reziac on Sunday September 15 2019, @04:34AM (1 child)
Does anyone offer a naked phone where we can just install what we want without dinking around with the existing locks and OS?
And there is no Alkibiades to come back and save us from ourselves.
(Score: 0) by Anonymous Coward on Sunday September 15 2019, @05:32PM
2 word: firmware drivers. firm-ly in the hands of hardware manufacturers (excluding pretty much only the core CPU).
let's see:
GPS sensor.
camera(s)
microphone + speaker (maybe)
touchscreen
audiochiplet
vibrator
gazillion axis sensor
etc.
they all need some driver-software, and maybe 'cause some genius could reverse the actual transistor layout if the driver software-code is opensource, "someone" would then manufactur that transistor layout cheaper and the original would die a horrible death of bankruptcy *sniff*
(Score: 2, Interesting) by Anonymous Coward on Saturday September 14 2019, @01:07PM
Probably unrelated, but some years back we had a Netgear home router. In 2017 we decided to update it (I think they offered a security update?) All the product numbers (etc) lined up, so we downloaded the latest and greatest from the Netgear website, installed it, and promptly had a broken router.
Tried all the online FAQs and other possible fixes, no way to get back to the previous version. Finally called Netgear and explained that their own update broke it. They were happy to send us a fix...after we bought a service contract that cost approximately as much as the router.
It seems that we weren't the only ones disgusted with this behavior--
https://www.consumeraffairs.com/home_electronics/netgear.html [consumeraffairs.com]
Add me to the list that will never buy Netgear again.
(Score: 0) by Anonymous Coward on Saturday September 14 2019, @02:59PM
In later versions of Android it is no longer possible to natively disable or uninstall Google Pray.
For some reason.
(Score: 4, Insightful) by krishnoid on Saturday September 14 2019, @07:16AM (1 child)
Poorly written, noncompliant [themarysue.com] router administration pages. If this forces them all to get their HTML into compliance and release an update, good for everyone. You could always download a portable version of Chrome and keep that around for a while if you just *have* to use Chrome to administer your devices.
All the updates prior to that point on a backdated Chrome would likely still make it more reliable across the board than the router that's having problems anyway.
(Score: 2, Interesting) by Anonymous Coward on Saturday September 14 2019, @07:46AM
Nope, it is something to do with chrome. Apparently, if you restart Windows after the update, the page will magically start working again in chrome.
(Score: 0) by Anonymous Coward on Saturday September 14 2019, @07:40AM (4 children)
Disable some auth-committed-interstitials? Let's see what is this all about:
Not getting any wiser from that. Let's get more of it:
Well, I think those millenials are really dooomed...
(Score: 5, Informative) by choose another one on Saturday September 14 2019, @08:59AM (3 children)
Gory detail of what it all means is in https://bugs.chromium.org/p/chromium/issues/detail?id=992639 [chromium.org]
In short, first 401 response handling - interstitial responses / pages that are usually never seen. The routers may be doing a client-side redirect in the 401 content, which I don't think is anything out-of-spec, chrome shouldn't be displaying the content at that point.
Reading down the thread this was all debugged and the change disabled for the release - but someone ****ed up the merge, and ****ed up checking the final code result and the bug wasn't actually fixed.
Detail:
401 is IIRC effectively a challenge not a permanent failure, and an auth header must be included, client is supposed to ask for credentials and then try again with credentials, only a failure later in the process should result in the actual 401 content being displayed. If there is a javascript redirect or similar in 401 _content_ (which I don't think is anything out-of-spec) and the browser is rendering the 401 content on first sight (which is, umm, odd, and possibly out-of-spec), then the auth process never gets a chance.
Relevant bit of RFC - I would say Chrome suddenly decided to ignore the "if"s:
(Score: 2, Interesting) by Anonymous Coward on Saturday September 14 2019, @12:12PM (1 child)
So basically the Chrome devs don't know what the F they are doing. Starting with removing the protocol from the urlbar, which is still causing problems to this day, it's just been a shitshow.
(Score: 0) by Anonymous Coward on Saturday September 14 2019, @02:18PM
Given all the crap the Chrome dev's have been doing (remove http: from url bar, etc.), yes, the Chrome dev's simply do not know what the F they are doing.
Stop using Chrome.... That is the only option.
(Score: 0) by Anonymous Coward on Sunday September 15 2019, @04:57AM
That is weird. I followed the workaround on the support page and rebooted my Windows machine and it worked in Chrome. If it is what you say, how would that have fixed it? It definitely didn't update to a new version before I tried after reboot.
(Score: 0) by Anonymous Coward on Saturday September 14 2019, @07:44AM (1 child)
Business software fail with chrome.
Worst case is that chrome is placing userid into every last field on page if empty.
Common guys... standards?
(Score: 3, Insightful) by Anonymous Coward on Saturday September 14 2019, @02:20PM
This is what you get when one commercial company, one where you, the browser user are actually the product, and the real customers are the advertisers, gets big enough. They start feeling like they can simply decide to "set the standard" to whatever it is that best serves their true customers (the advertisers).
The only solution: Stop using Chrome.
(Score: 5, Interesting) by doke on Saturday September 14 2019, @02:41PM
I have two Netgear access points, that I've converted to dd-wrt. I was very impressed with how much more stable, and featureful, dd-wrt was compared to the original firmware. They went from crashing a couple times a day to staying up for months. I gained far more control over power levels, channels, mac filtering, etc. There are many more configuration options that I didn't use. For example, there's lots more router/firewall/dns-server/dhcp-server configuration items, but I didn't play with them since I only use these as local access points, and have a separate internet gateway/firewall.
There would still be a problem getting dd-wrt loaded. You have to use the stock firmware to upload and install the dd-wrt firmware. So for that, you would need to use Firefox, IE, Edge or something. After that, you could use any standard browser.
(Score: 2, Interesting) by Anonymous Coward on Saturday September 14 2019, @07:22PM (1 child)
I have a 2014 OS and am surprised by the number of sites that are starting to not work on it - newest failure is CreativeCow - what are people doing in JavaScript that a 2014 web browser isn't good enough??
(Score: 2) by Reziac on Sunday September 15 2019, @04:38AM
Or is it the HTML5 at fault?
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2) by kazzie on Sunday September 15 2019, @09:51AM
Looks like someone was too netegar to get TFA published.