Archive for Asus

#PSA: If You Have An ASUS ZenWiFi XT8, Do NOT Upgrade To Firmware Version 3.0.0.4.388.23285

Posted in Commentary with tags on June 1, 2023 by itnerd

It seems that firmware version 3.0.0.4.388.23285 for the ASUS ZenWiFi XT8 is a must pass. I say that because when I tried to update to it the following happened:

  • My Wife’s work supplied SIP phone stopped working.
  • HomeKit broke in spectacular fashion
  • VPNs would not work
  • Surfing the web was difficult do to the slow speed.
  • It seem to have issue with Bell and the Advanced DMZ method of bypassing their hardware.

Clearly there’s an issue with this firmware as rolling back to 3.0.0.4.388.23012 allowed me to get things back online. Though I will admit that I had to do two factory resets to make that happen. This reminds me of the last time that I had to put out a PSA about ASUS firmware which was this instance a few months ago.

Until ASUS formally addresses this, your best bet is to stay on firmware 3.0.0.4.388.23012. If you have already upgraded to 3.0.0.4.388.23285, then your best bet is to do the following: 

  • Backup the configuration using these instructions
  • Download and install firmware 3.0.0.4.388.23012 using method 2 from these instructions
  • After updating do a factory reset of the router using these instructions
  • Using a computer and a web browser, connect to the router and using the advanced options, upload the backup of the configuration that you saved in the first step. 

The reason why I recommend going this route is that for whatever reason, ASUS routers do not cleanly update the firmware. And that leads to all sorts of weird issues that are hard to track down.

I truly wish ASUS could consistently come out with firmware updates that improve the user experience rather than frustrate users. But until that day comes, if it ever does, your best bet might be to pick a firmware that you know to be stable, and stick to it until there is clear evidence that any newer firmware won’t break your setup.

A Screw Up By ASUS Knocked A Bunch Of Their Routers Offline For A Couple Of Days

Posted in Commentary with tags on May 21, 2023 by itnerd

Earlier this week there were reports of ASUS routers being knocked offline. The reports started to come in on May 16, 2023 and if you were affected by this (I own an ASUS router and I wasn’t affected, though I should have been. More on that shortly), your issues might have lasted a couple of days. Unless you factory reset your router to get back online.

Now the company was pretty silent about what was going on. In fact people complained about the lack of communication from ASUS. But the mystery was solved via this story from ARS Technica which a reader pointed me to:

Two days later, the Taiwan-based hardware maker has finally answered the calls for help. The mass outage, the company said, was the result of “an error in the configuration of our server settings file.” After fixing the glitch, most users needed to only reboot their devices. In the event that didn’t fix the problem, the company’s support team advised users to save their current configuration settings and perform a factory reset. The company also apologized.

Here’s the root cause in detail:

Asus still hasn’t provided details about the configuration error. Various users have offered explanations online that appear to be correct.

“On the 16th, Asus pushed a corrupted definition file for ASD, a built-in security daemon present in a wide range of their routers,” one person wrote. “As routers automatically updated and fetched the corrupted definition file, they started running out of filesystem space and memory and crashing.”

The explanation answered the question of what was causing routers to crash, but it raised a new one: Why were routers affected even when they had been configured to not automatically update and no manual update had been performed? Asus has yet to address this, but the likely answer is that the definitions file for ASD, which resides in memory and scans devices for security threats, gets updated whether or not automatic updates are enabled.

I might be able to answer some of this.

ASD is the AIProtection functionality that is built into many ASUS routers which is made by anti-virus vendor Trend Micro. What this does is block access to questionable websites, protecting users from spyware, malware, and other unwanted applications while preventing potential distributed denial of service (DDOS) attacks and other security incidents. It relies on definition files to update itself. And the downloading of those definition files are completely independent of the downloading of firmware updates for the routers. That’s why users got this update even if firmware updates were turned off. In fact doing some experiments on my ZenWiFi XT8 indicate that the only way to turn off the updates for AIProtection is to turn off AIProtection. The other thing that AIProtection does is send your browsing history to Trend Micro. Presumably to help to improve AIProtection. But I can see that some people would be bothered by this as it makes you the product seeing as AIProtection is free.

Now this incident highlights the risks of having this sort of functionality built into your router. And if you’re someone who is concerned about this and want another option, I’ll give you two. There’s CIRA Canadian Shield which is a DNS service that offers a lot of this sort of functionality. Along with that is HYAS Protect At Home which is the same sort of product, but it’s a lot more advanced as it is based on their corporate security tech.

A final word about this. ASUS has a bit of a history of finding themselves in bad situations, and screwing the attempts to diffuse the situation in question. This incident is an example of that. It should not have taken ASUS two days to say anything about this issue. And their apology is pretty lame. ASUS really need to learn how to do a better job of managing a crisis situation that affected a large number of their customers. Otherwise, they will not have any customers.

ASUS Finally Seems To Have A Firmware For The ZenWiFi XT8 That Works

Posted in Commentary with tags on February 20, 2023 by itnerd

Over the last few months, I’ve been telling out to either avoid or be cautious about firmware updates for the ASUS ZenWiFi XT8. And in the latter case, I said this:

ASUS really needs to get a firmware release out that stabilizes things for the vast majority of their users. And unfortunately, this specific firmware doesn’t seem to be it. Based on what I am reading in the Reddit threads that I linked to above, some people are getting fed up with being treated as “beta testers”. That in the long term will affect the probability that these users will buy another ASUS product in a negative way. Thus ASUS would be well advised to get on getting a firmware out that is stable for all.

Well we might, key word MIGHT have that firmware. Last week ASUS rolled out version 3.0.0.4.388.22525 of their firmware and it from all reports has been stable for most. Specifically, the connection between the nodes which has been a source of grief for many. I’ve been testing this for the last few days and have found zero issues with it myself. But I should note that I found zero issues with the last firmware that ASUS put out before Christmas, while many other had issues. But what gives me hope that this is stable is that looking at places like SNB Forums, the majority of users seem to be having a good experience with this firmware.

My firmware upgrade process for ASUS routers is as follows: 

  • Log into the router using a computer and a web browser
  • Backup the configuration using these instructions
  • Update the firmware.
  • After updating I do a factory reset of the router using these instructions
  • Using a computer and a web browser, connect to the router and using the advanced options in the setup wizard, upload the backup of the configuration that I saved in the first step.

I do this because I have found that simply upgrading to the latest ASUS firmware can create problems. And doing this while taking up to 30 – 40 minutes to perform results in zero issues.

I would be very interested to hear the experience of other XT8 owners with this firmware. Is it better? Is it worse? Please leave a comment and share your thoughts.

A Follow Up To The ASUS ZenWiFi XT8 Firmware That Was Released Just Before Christmas

Posted in Commentary with tags on December 26, 2022 by itnerd

I promised a follow up to the odd decision by ASUS to release a new firmware for their ZenWiFi XT8 mesh router just before Christmas. My experience has been positive so far. I have had zero issues with it. I had a brief look at my logs as since I factory reset my XT8 nodes after upgrading to this firmware. I didn’t see anything out of the ordinary. I also note that memory usage on both nodes was around 72% of the 512MB of RAM. Previous firmwares had the RAM usage about 10% higher. That implies that the mesh router is operating more efficiently.

But to make sure that I wasn’t simply missing out on anything, I’ve been following a pair of threads on Reddit along with a thread on SNBForums. And in those places, the results are more mixed. The most common issue that has been reported is that there have been issues with the nodes disconnecting. Once that happens, it may be a challenge to get them to reconnect. Or they may never reconnect at all. Meanwhile others report no issues.

Based on that, this is clearly a your mileage may vary situation. If you are on a ASUS firmware for the XT8 that is stable, you may be better off staying on that version until whatever stability issues that I am not seeing are sorted out. However, if you do decide to upgrade, you should note the version of firmware that you are currently running so that you can downgrade back to it if problems present themselves. Specifically, losing connection to one of the nodes.

ASUS really needs to get a firmware release out that stabilizes things for the vast majority of their users. And unfortunately, this specific firmware doesn’t seem to be it. Based on what I am reading in the Reddit threads that I linked to above, some people are getting fed up with being treated as “beta testers”. That in the long term will affect the probability that these users will buy another ASUS product in a negative way. Thus ASUS would be well advised to get on getting a firmware out that is stable for all.

ASUS Slips Out A New Firmware For The ZenWiFi XT8 Four Days Before Christmas….. That’s Odd

Posted in Commentary with tags on December 21, 2022 by itnerd

I got pinged by a reader while I was dealing with a client this morning. I couldn’t look into it then, but when I got home I did. When I logged into my ZenWifi XT8 mesh WiFi system I say that an update was available. I clicked on it and saw this:

I also checked the ASUS website and didn’t see anything on this firmware. That was odd because ASUS usually updates the website with new firmware releases pretty quickly. Unless this slipped out by accident which I have seen a couple of times. In that case, ASUS usually releases a newer firmware to replace it. The other theory that I have is that ASUS felt that they had to roll out this firmware four days before Christmas because this firmware fix couldn’t wait until after the holidays. I point that out because companies don’t typically roll out stuff like this a week or two before Christmas due to not having staff on hand to answer phone calls or fix something if it goes off the rails. Making this an unusual release.

Since I have told you not to upgrade in the past due to serious issues with their firmware, as well as telling you when it was safe to upgrade, I decided to install it and report back to you my early impressions. And I also will follow up with you in a week’s time with longer term impressions. My upgrade process for ASUS routers is as follows:

  • Log into the router using a computer and a web browser
  • Backup the configuration using these instructions
  • Update the firmware.
  • After updating I do a factory reset of the router using these instructions
  • Using a computer and a web browser, connect to the router and using the advanced options in the setup wizard, upload the backup of the configuration that I saved in the first step.

I do this because I have found that simply upgrading to the latest ASUS firmware can create problems. For example, one firmware upgrade broke HomeKit for almost a day until I figured out that doing factory reset it followed by setting it up from scratch was the fastest and best way to resolve the issue. Since then, this has been my upgrade process and it has never failed me.

After walking through those steps I was back online and I started doing some testing. Right away I noticed that TimeMachine backups were way faster from all the Macs in the home. I also noted that when I had to do a VPN connection to fix something for a client, that was way faster as well. The reason why I put the words “way faster” in bold is because it was truly much faster than what I had been used to. I tried to run Speed Tests from my iPhone 14 Pro and didn’t find a difference in terms of WiFi speed. So my best guess is that besides what little is in the release notes, ASUS must have done something to make device to router connections faster. Other than that, I have noted no stability issues like I have seen previously. Nor have I noted any other improvements.

I’ll be running this for about a week and I will report back as it takes about that long before any serious issues become apparent. Also, if release notes do appear, I’ll be sure to link them here.

UPDATE 12/22/2022: ASUS just posted release notes for this firmware update on their website. It has more details than the screenshot above:

So these release notes explained why I am seeing the better VPN performance. But it doesn’t explain the improved WiFi performance that I am seeing. In terms of my observations, it’s the same as what I reported above. It seem stable and reliable thus far.

UPDATE #2: I have an update on this firmware here.

A Follow Up To My Recommendation For ASUS ZenWiFi XT8 Users To Not Install Firmware 3.0.0.4.388.21099

Posted in Commentary with tags on November 27, 2022 by itnerd

You might remember that a few weeks ago I put out a public service announcement for owners of The ASUS ZenWiFi XT8 to not install firmware 3.0.0.4.388.21099 as it was incredibly unstable. In fact, it was so unstable that I recommended rolling back to the previous firmware and provided instructions on how to do so. Earlier this week, ASUS released an updated firmware which is listed as version 3.0.0.4.388.21617 that claims to optimize memory usage and improve stability among other things. You can read the release notes here. Since I suggested to people that they shouldn’t try the previous firmware, I decided to try this firmware. Now first, let me describe how to update the firmware as for whatever reason, if you don’t follow this method you will have issues. More on the issues that you will have in a minute. But here’s my process:

  • Log into the router using a computer and a web browser
  • Backup the configuration using these instructions
  • Update the firmware using method 1 from these instructions.
  • After updating do a factory reset of the router using these instructions
  • Using a computer and a web browser, connect to the router and using the advanced options in the setup wizard, upload the backup of the configuration that you saved in the first step.

The reason why I recommend going this route is that for whatever reason, ASUS routers do not cleanly update the firmware. And that leads to all sorts of weird issues that are hard to track down. In my case, it breaks HomeKit unless I go through the steps above. Going this route avoids all of that.

Now I have been testing this firmware for a few days, and so far it has been stable for me. And it has been stable for others based on reports from places like SNB Forums. Thus I am cautiously optimistic that you should be okay to update your ZenWiFi XT8 to this firmware. Though I would wait another week or maybe two to see if any issues appear by monitoring the thread in SNB Forums just to be safe.

If you have any feedback about this firmware, please share them in the comments below. And if I notice anything that is a deal breaker, I will will post an update.

#PSA – @ASUS ZenWiFi XT8 Users Should NOT Upgrade To Firmware Version 3.0.0.4.388.21099

Posted in Commentary with tags on October 24, 2022 by itnerd

I’ve only done this once before with Linksys routers, but I am being forced to do this again as ASUS has put out a firmware version for their ZenWiFi XT8 router that will cause you problems. Specifically the firmware version is 3.0.0.4.388.21099 which was released on October 3rd. This firmware appears to have some sort memory leak issue. Meaning that it consumes all available RAM memory on the router until it runs out and crashes. When this happens, you will see the following:

  • The router will work fine for four or five days.
  • The child node will suddenly disconnect and you will see a blue flashing light.
  • The primary node will look fine with a white light, but there is no WiFi available.

A reboot will bring everything back online. But only for four or five days where the above will repeat. This has been reported in a couple of places like Reddit and SNBForums. What’s interesting is that UKTechHub has posted that ASUS has released a new firmware to a user on that forum that seems to address this issue. That implies that ASUS knows that this issue exists. Why ASUS hasn’t widely released a newer firmware that addresses this problem that they seem to know about remains a bit of an open question.

Until ASUS formally addresses this, your best bet is to stay on firmware 3.0.0.4.386.49873. If you have already upgraded to 3.0.0.4.388.21099, then your best bet is to do the following:

  • Backup the configuration using these instructions.
  • Download and install firmware 3.0.0.4.388.21099 using method 2 from these instructions.
  • After updating do a factory reset of the router using these instructions.
  • Using a computer and a web browser, connect to the router and using the advanced options, upload the backup of the configuration that you saved in the first step.

The reason why I recommend going this route is that for whatever reason, ASUS routers do not cleanly update the firmware. And that leads to all sorts of weird issues that are hard to track down. In my case, it breaks HomeKit unless I go through the steps above.

Now you could just stay on 3.0.0.4.388.21099 until ASUS decides to fix this. But you’ll have to reboot your router every four or five days which is a pain. Thus I would hope that ASUS decides to step up to the plate and addresses this with a firmware fix. But I am not holding my breath as based on my recent experience with them and how they support their customers, ASUS doesn’t seem to be that sort of company. Though they are free to prove me wrong.

UPDATE: ASUS has released a newer firmware to address these issues. More info here.

Asustor Devices Hit By The Same Ransomware That Hit QNAP Devices

Posted in Commentary with tags , on February 22, 2022 by itnerd

For the last month or so I’ve been writing about QNAP devices being hit by various ransomware strains. Most recently, I said this when news filtered out that QNAP was extending support to end of life devices to fight these sorts of attacks:

The company admits that this is a “special effort to help users protect their devices from today’s security threats”. Which is likely true. But it also is likely an attempt to keep people like yours truly from dumping their QNAP NAS devices and moving to competing brands such as Synology as I don’t hear about such widespread pwnage with those devices, or other devices that QNAP competes against. 

Well, I may have to eat those words as there’s news that Asustor devices are now being hit by Deadbolt ransomware. If that name sounds familiar, it should. It’s one of the strains that has hit QNAP devices:

Asustor NAS owners on Reddit and the official Asustor forums have reported that they’ve fallen victim to a DeadBolt ransomware attack. DeadBolt has been in the wild for some time now, infecting unprotected NAS systems connected to the Internet. The same ransomware previously wreaked havoc on QNAP devices, and it would appear that Asustor was the next target.

DeadBolt’s modus operandi hasn’t changed much. The attacker remotely slips into the victim’s NAS, encrypts the latter’s information, and consequently asks for a ransom in bitcoins. Each victim receives a unique Bitcoin address to send the funds. Once the payment goes through, the criminal sends the victim the decryption key to decrypt the files on the infected NAS system. The perpetrators are asking for 0.03 bitcoin, which by today’s exchange rate is around $1,154. It’s the same sum that the hijackers had demanded from their QNAP victims. Surprisingly, the gang didn’t make Asustor any offers. With QNAP, the group had offered to share the vulnerability details with the company for five bitcoins ($184,000) or sell it the universal decryption master key for 50 bitcoins ($1.85 million)

So it seems that the playbook is the same. Which is that the threat actors go after NAS devices that are exposed to the Internet. Which means that if you don’t have your Asustor NAS exposed to the Internet, and you stop using Asustor’s EZ Connect utility, you don’t have a problem. Or at least as much of a problem.

It does make me wonder if Asus shares some of its NAS hardware and software with QNAP. After all, it does seem kind of weird that two different companies got pwned in this manner. Watch this space for more as I keep an eye on this.

UPDATE: Saumitra Das, CTO and Cofounder, Blue Hexagon provided this commentary:

“Attackers have been targeting a lot of non-PC devices like storage and other IoT type devices (routers, camera) which tend to be less easily patched and not well maintained to gain access to consumer and enterprise networks. In the case of storage devices which today are full-fledged desktops running Linux or Windows or even multiple VMs, lot of unpatched vulnerabilities may exist and remain unpatched specially on the consumer side. Users should keep such devices off the network or create a secondary air gapped or cloud backup of their important data.”

ASUS Serves Up Some Great Gifts For The Tech Lover In Your Life

Posted in Commentary with tags on November 22, 2021 by itnerd

Tech lovers are sometimes difficult to buy for. Fortunately ASUS has a few different products for your consideration. They are suited to a variety of users, from the tech enthusiast to the casual internet browser, and everyone in between:

  • ProArt Display PA329CV :  Designed for the serious creative, the ProArt Display PA329CV features a 32” 4K UHD display, ProArt preset ProArt Preset, USB-C connection, and calman verified display. With a 3840 x 2160 resolution – 4X more than full HD – users will find crystal clear visuals even in the finest details of photos and text. $1449 @ Amazon
  • AC1750 Dual Band Gigabit WiFi 5 Router: Powered by 5G Wi-Fi and 256QAM technology, this router is perfect for the household managing multiple WFH workers. On a 5GHz band it blazes to 1300 Mbps letting users connect multiple devices without sacrificing speed. $79.99 @ The Source
  • ZenBeam Latte : A wireless mini projector that will take movie nights anywhere. Sitting at the size of a coffee mug, this projector  holds three hours of projection or 12 hours of audio playback, projects up to 300 LED lumens output and 720p native resolution and can connect through wireless connectivity, bluetooth, or a USB-A port. 549 @ Canada Computers
  • Chromebook Flip C433 : A super versatile laptop designed for work and play. The Chromebook Flip features an Intel® Core™ m3 processor, 8 GB RAM, and a 14” touchscreen. It has 360 degree hinge lettering users use it as a laptop or tablet. $499 @ Amazon
  • ASUS ROG Gladius II Wireless: Co-designed with Pro gamers for ultimate comfort, this mouse features right-handed ergonomics and ROG-exclusive socket design enabling easy switch-replacements to customize click force. $155.78 @ Amazon

If northing on this list strikes your fancy, check out ASUS.com for even more gift ideas.

ASUS Announces New Chromebook Flip CX3

Posted in Commentary with tags on October 13, 2021 by itnerd

ASUS today announced ASUS Chromebook Flip CX3, a laptop that empowers the way users work and play. This elegant 14-inch laptop offers an exquisite blend of powerful performance and versatility for doing more from anywhere, featuring up to an Intel® CoreTM processor, an ultra-quiet fanless design and WiFi 6 connectivity. Also, a garaged stylus, dual cameras and a 360° ErgoLift hinge spice up entertainment experiences and expand capabilities, while military-grade durability keeps ASUS Chromebook Flip CX3 protected when on the go.

Powerful performance and connectivity

ASUS Chromebook Flip CX3 is powered by up to the latest 11th Generation Intel Core i7 processor and features up to 16 GB of memory and 512 GB of storage, delivering performance and responsiveness for incredible productivity. Thanks to a fanless design, this laptop keeps work spaces ultra-quiet while delivering powerful performance.

For ultrafast WiFi 6 connections, ASUS Chromebook Flip CX3 is tested and certified with ASUS WiFi Master for Chrome OS. Connections are further improved by exclusive ASUS technologies that enhance speed, stability and range.

Stunning style and visuals

With an eye-catching new color — AI Blue — ASUS Chromebook Flip CX3 offers an elegant, stylish aesthetic. The precision-crafted chassis features a dual-tapered design, in which the body and lid converge to form a V-shaped edge that facilitates opening the device.

ASUS Chromebook Flip CX3 also pleases the eye with its seamless visuals. The four-sided NanoEdge display maximizes screen area with an 80% screen-to-body ratio, making viewing experiences more immersive. The 14-inch Full HD IPS panel also offers wide, 178° viewing angles and exceptional color reproduction for incredibly vivid, true-to-life imagery.

Versatility and ergonomics for doing more

ASUS Chromebook Flip CX3 offers a variety of features that expand user capabilities and maximize ergonomics. An included stylus1 quickly and automatically charges when garaged — only 15 seconds of charging provides up to 45 minutes of use — keeping it ready for use and providing a safe place to store it. The intuitive stylus is a quick, precise way to unleash creativity and productivity. For further creative pursuits, ASUS Chromebook Flip CX3 has two cameras: one standard webcam and a special world-facing camera. The standard HD webcam has a shield that simply slides over it to ensure privacy, while the 5 MP world-facing camera is located beside the keyboard and allows users to easily capture photos and videos in tablet mode.

For excellent ergonomics, a precision-engineered 360° ErgoLift hinge smoothly adjusts the display at any angle and lifts and tilts the keyboard into the most comfortable typing position. The laptop has a full-sized keyboard with 1.4 mm key travel for greater typing comfort, and the backlighting on the keyboard lets users type effortlessly in dark environments.

Tough, flexible design for on-the-go use

With structural reinforcements to boost chassis strength, ASUS Chromebook Flip CX3 is built to provide toughness for on-the-go lifestyles. It also meets next-level and industry-leading U.S. MIL-STD 810H durability standards, which are more rigorous and demanding than ever before. Additionally, the device undergoes stringent in-house testing — including panel-pressure, shock and drop tests — to ensure maximal toughness.

For flexibility when traveling or moving around, ASUS Chromebook Flip CX3 offers up to 11 hours of battery life on a single charge. It also features two full-function, reversible USB-C® 3.2 Gen 1 ports for charging devices, streaming media or connecting with peripherals, and two USB Type-A ports for even more connectivity options. In addition, a microSD slot enables extra storage for maximum convenience and compatibility.

The best of Google

For work and play, ASUS Chromebook Flip CX3 unlocks the very best of Google. Users can enjoy full access to Google Play, and Google Assistant is always ready to help. Chrome OS offers the full power of Google Workspace, including Google productivity apps such as Gmail, Docs, Drive, Calendar, Meet and more, allowing users to collaborate quickly and to seamlessly stay in sync with favorite apps. Also, a 12-month Google One trial subscription with 100 GB of cloud storage is available with purchase of an ASUS Chromebook Flip CX3 laptop.

Automatic updates and built-in virus protection seamlessly keep ASUS Chromebook Flip CX3 safe, secure and always up to date. The laptop is also built around the rock-solid security of a personal Google account, so all private documents, emails, photos and confidential data are kept safe at all times.

AVAILABILITY & PRICING

ASUS Chromebook Flip CX3 will be available in Q4 in Canada at a suggested MSRP of $999 CAD.