SoylentNews is people
SoylentNews
On Wednesday, Asus router users around the world took to the Internet to report that their devices suddenly froze up for no apparent reason and then, upon rebooting repeatedly, stopped working every few minutes as device memory became exhausted.
Two days later, the Taiwan-based hardware maker has finally answered the calls for help. The mass outage, the company said, was the result of "an error in the configuration of our server settings file." After fixing the glitch, most users needed to only reboot their devices. In the event that didn't fix the problem, the company's support team advised users to save their current configuration settings and perform a factory reset. The company also apologized.
[...]
"On the 16th, Asus pushed a corrupted definition file for ASD, a built-in security daemon present in a wide range of their routers," one person wrote. "As routers automatically updated and fetched the corrupted definition file, they started running out of filesystem space and memory and crashing."The explanation answered the question of what was causing routers to crash, but it raised a new one: Why were routers affected even when they had been configured to not automatically update and no manual update had been performed? Asus has yet to address this, but the likely answer is that the definitions file for ASD, which resides in memory and scans devices for security threats, gets updated whether or not automatic updates are enabled.
(Score: 4, Interesting) by Snotnose on Wednesday May 24 2023, @07:52PM (4 children)
Last week I spent 2 days troubleshooting my router and was about to buy a new one, thinking this one had bit the dust. Finally Saturday morning it hit the news that folks world wide were having the same problem.
Then again, now I'm intimately familiar with the router's setup screens and, thanks to ssh, the internal filesystem and processes.
When the dust settled America realized it was saved by a porn star.
(Score: 2) by corey on Thursday May 25 2023, @12:14AM (2 children)
I still don’t understand the entrenched “update” culture in the designers of these products. I get that Windows needs to update to patch vulnerabilities but routers route packets around. Why do they need constant updating?
Computer needs updating, web browser needs updating, phone needs updating, phones apps needs updating, fridge firmware needs updating, TV firmware needs updating. Its almost like they ship products out with half baked software and need up rely on ongoing update mechanisms to write the rest of the software and fix the bugs. Time to market minimisation, I suppose. Think I’m getting old.
(Score: 3, Informative) by Snotnose on Thursday May 25 2023, @12:28AM (1 child)
I didn't get it either, especially as I don't automagically update my firmware. Turns out what they pushed was a file with updated malware definitions.
So not a firmware update, but a config update to keep up with the newest threats.
I had no idea they were doing that. Now that I think of it, I'm glad they do.
When the dust settled America realized it was saved by a porn star.
(Score: 2) by wisnoskij on Thursday May 25 2023, @09:39PM
Networking is complicated enough, my computer and tablet both have built in firewalls, I dont need or want multiple layers of firewalls.
(Score: 2) by Freeman on Thursday May 25 2023, @02:15PM
I likely would have been hit by this as well, but recently switched from point-to-point wireless to 5G internet through T-Mobile. The internet bill dropped significantly and I haven't had any issues so far. Also, when we have bad weather, we don't get serious interruptions in service. Unlike our previous provider. Point-to-point wireless shouldn't have that much issue, but it always had issues when bad weather hit.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2, Informative) by pTamok on Wednesday May 24 2023, @10:20PM (3 children)
This is a reason why I use OpenWrt [openwrt.org].
Open-source software can be audited, Libre Open-source software can be modified to remove unwanted stuff and redistributed.
(Score: 2) by Snotnose on Wednesday May 24 2023, @11:04PM (2 children)
Looked into that, and another that's for ASUS specifically that I ran across. Neither supports my router (RT AC66U).
When the dust settled America realized it was saved by a porn star.
(Score: 0) by Anonymous Coward on Wednesday May 24 2023, @11:34PM
That's what you get for having an Anus router.
(Score: 2, Informative) by pTamok on Thursday May 25 2023, @07:38AM
That's a shame - but the problem is the manufacturer using proprietary/non-free components, which makes it difficult for the OpenWrt project to support.
If this bothers you, it might be an idea to see what hardware you can use OpenWrt on, and choose to buy that.
OpenWrt: Table of Hardware [openwrt.org]
There are manufacturers that use components that require proprietary drivers, so they grab a copy of OpenWrt, hack things about a bit, and release hardware 'based on' OpenWrt, but which the OpenWrt project can't support without the same access to the drivers. Some even advertise themselves as using OpenWrt, but offer no updates or further support. There has been some heroic reverse-engineering, but some devices are, in addition, so locked down, it is not possible for the average technically competent end user to replace the software supplied by the manufacturer with OpenWrt.