this post was submitted on 30 May 2024
477 points (99.8% liked)

Privacy

32159 readers
621 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

ASUS rolled out an update to its firmware (3.0.0.6.102_34791) that now requires users to be over the age of 16 and to send a slew of metrics and data back to ASUS. If you do not agree or do not check the box to verify you are 16y or older, you cannot use the router. At this time, I’m not sure if ASUS has meant to disable the router for anyone under 16 or if it’s a bug.

You can opt out at any time but lose access to a slew of features:

Please note that users are required to agree to share their information before using DDNS, Remote Connection (ASUS Router APP, Lyra APP. AiCloud, AiDisk), AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS, Game Boost and Web history. At any time, users can search the contents of the terms at this page or stop sharing their information with other parties by choosing Withdraw.

Moreover, ASUS disables automatic firmware updates and worse, all security upgrades unless you opt into the data sharing. Security upgrades perform the following:

Security upgrade incorporates security measures that continuously update its security file and scans to protect against malware, malicious scripts, and emerging threats in order to secure the router and ensure system stability. Some upgrades addressing important security issues or meeting legal/regulatory requirements will still be downloaded and installed automatically, even if "Security Upgrade" is turned off.

Edit: I have personally contacted their CEO's office, but if others would like to voice their disapproval as well, here is a link: https://www.asus.com/us/support/article/787/

you are viewing a single comment's thread
view the rest of the comments
[–] TheFinn@discuss.tchncs.de 7 points 5 months ago (1 children)

The data sharing happens on merlin too

[–] kilgore_trout@feddit.it 1 points 5 months ago (1 children)

It builds on devices' source code published by ASUS. The is no data sharing with ASUS.

Merlin's privacy disclosure:

The only outbound connection made with me by this firmware is when the firmware checks for availability of a new version.

[–] TheFinn@discuss.tchncs.de 0 points 5 months ago (1 children)
[–] kilgore_trout@feddit.it 2 points 5 months ago (1 children)

That thread is about the official firmware as distributed by ASUS.

[–] TheFinn@discuss.tchncs.de 2 points 5 months ago

Here are some screenshots from my router administration pages. Notice the "Powered by Asuswrt-Merlin".

In the first image you can see that I have a particular feature disabled.

When I toggle it on I receive a warning that my information will be collected by Trend Micro.

I included another screenshot showing the location where I would withdraw my consent to having my data collected, were I to actually use the advanced features of the router, that I thought I was paying for at the point of sale. Instead I was apparently paying for the privilege of having the option dangled in front of me, behind an agreement for yet another, separate company to collect my family's data.