ASUS rolled out an update to its firmware (3.0.0.6.102_34791) that now requires users to be over the age of 16 and to send a slew of metrics and data back to ASUS. If you do not agree or do not check the box to verify you are 16y or older, you cannot use the router. At this time, I’m not sure if ASUS has meant to disable the router for anyone under 16 or if it’s a bug.
You can opt out at any time but lose access to a slew of features:
Please note that users are required to agree to share their information before using DDNS, Remote Connection (ASUS Router APP, Lyra APP. AiCloud, AiDisk), AiProtection, Traffic analyzer, Apps analyzer, Adaptive QoS, Game Boost and Web history. At any time, users can search the contents of the terms at this page or stop sharing their information with other parties by choosing Withdraw.
Moreover, ASUS disables automatic firmware updates and worse, all security upgrades unless you opt into the data sharing. Security upgrades perform the following:
Security upgrade incorporates security measures that continuously update its security file and scans to protect against malware, malicious scripts, and emerging threats in order to secure the router and ensure system stability. Some upgrades addressing important security issues or meeting legal/regulatory requirements will still be downloaded and installed automatically, even if “Security Upgrade” is turned off.
Edit: I have personally contacted their CEO’s office, but if others would like to voice their disapproval as well, here is a link: https://www.asus.com/us/support/article/787/
I mean if you’re using their servers for all of that cloud management can you really expect them not to take a look? You can buy a router and install open source firmware that doesn’t scrub your data or keep giving money to giant corporations that put profits over customers.
Because nobody has ever lied on one of these lol. Still criminally stupid of ASUS though.
They don’t care if you’re under 16. They have to ask if they want to collect and sell your data. This is a big red sign that says “WE’RE WATCHING EVERYTHING THAT GOES THROUGH YOUR NETWORK AND SELLING IT TO WHOEVER WILL PAY US!”
If I bought one of their routers and this came up, I would simply be returning it and giving the person at the counter a printout as to why. Sorry, but this router is not “suitable for purpose”. Look up that phrase and “merchantability”.
For the downvoters, in the US:
https://www.findlaw.com/consumer/consumer-transactions/what-is-the-warranty-of-merchantability.html
The implied warranty of merchantability guarantees that a product sold to you will work for its intended purposes. In other words, it means you can expect a toaster to toast your bread. If it doesn’t, you have legal protection against losing money on a product that doesn’t work.
If you bought the router expecting it to work as advertised, you may make a claim if it doesn’t. They would have to spell out ahead of time what the limitations and requirements are in order to avoid trouble.
You have no claim. The update does not disable the router and even if you opt out, the router itself still functions, except with a few additional features missing. Telemetry and data collection does not void a warranty. There is no claim here.
That depends on how the product is marketed. If the product has any of those disabled features on the box and doesn’t outright say you need to send them telemetry data to use it, then you could argue that you bought it for that feature and can’t use it.
For instance, maybe I want to use the VPN feature, so I bought a router that supports that. And now I’m locked out of that feature unless I agree to a miles long privacy policy and sharing my telemetry data.
Plus, the lack of security updates is, at best, extremely concerning. The firewall’s primary function is to act as a first line of defense against attacks coming in via WAN. They have locked those security updates behind the telemetry sharing, and therefore it can’t even be used as a proper firewall.
Agree. Straight back for refund. In Australia we can legally choose the manufacturer, or the retailer. I’d go straight to Asus, to give them the message directly.
Trying to refund through Asus will result in them dragging their feet, being as unhelpful as possible, or claiming you damaged the product.
Which will result in federal agencies going straight up their arse.
Many countries outside the US have actual consumer protections
I’m seeing a few comments suggesting OpenWRT, which is what I use and love: the correct response to this level of capitalist tomfoolery should absolutely be to 1. buy hardware that supports FOSS out of the box, or 2. install FOSS firmware.
BUT: OpenWRT isn’t for everyone. Installation on supported devices is usually pretty easy, but it does require being invested in setup, maintenance, and understanding of the software. There is little built-in handholding, and most setup beyond basic functions requires reading the docs and wiki; sometimes, some functionality requires running commands directly on the device rather than the LuCI web-interface.
This kind of understanding and investment should be the end-goal of all privacy-oriented tech users. Technology is complicated, and each layer of handholding that devs add also necessarily obfuscates behind-the-scenes functionality, which runs counter to privacy and security. That being said, the barrier for entry to privacy-respecting tech shouldn’t be “a masters in CompSci,” and thus any alternative to major tech brands is still a step up from just accepting what they give you. Just be aware that your current firmware may be a stepping stone towards software freedom, instead of a stopping point.
Give it a minute: Tech Jesus and his Nexus friends are having a great time with ASUS recently. I’m sincerely looking forward to how far they take things.
Stephen Burke, Editor-in-Chief and founder of Gamers Nexus. They do computer hardware reviews, consumer advocacy and sometimes even investigative journalism. Steve has a majestic mane, earning him that nickname.
See https://gamersnexus.net/ and https://www.youtube.com/@GamersNexus
Here is an alternative Piped link(s):
https://www.piped.video/@GamersNexus
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
