NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Orbi software change without notice
Im curious where, in the T&C for netgear I agreed to when registering my Orbi, I said it was OK for Netgear to do software uploads to my Orbi without my knowledge and permission? Between last night and this morning, a software update was made to my router. NOT the firmware, but a software addition that a) required me to revalidate myself to my own router and b) caused several connected devices to go off line until I figured out what the proximate cause was - the unannounced software update that shoves A security (?) onto my router.
This begs the question: how does Netgear get into my router without asking my permission? This seems like a fundamental security issue that needs to be explained and addressed by Netgear. The only one I want access my router in an admin mode is ME!!
12 Replies
What do you mean by software update?
The only item on any Orbi system that gets updated is Firmware. This would included on of the additional features like Circle and Armor.
On Orbi systems, NG has the ability to push FW to users systems via the Auto Update feature which the system check to see if there is any new FW available. If there is, it will update the FW. Something some users don't care for and NG doesn't allow the autoupdate feature to be disabled for unknown reasons. :smileyfrustrated:
What Firmware is currently loaded?
Yesterday there were 5 items on the home screen: Internet, wireless, attached devices, parental controls, guest network.
Today, there are 6 items on the home screen: internet, wireless, attach devices, parental controls, guest network, A security.
Current firmware version is indicated as 2.3.1.44. The last time I updated this was shortly after I installed the system (december/january timeframe of this year). A weekly check is made by me and the last check there was not update available.
So, since NG can push, without permission, firmware updates (echos of Microsoft!), what port/ports are used to do that?
Just checked the logs, and around 0250 firmware 2.3.1.44 was initialized. So NG has direct access to my router, bypassing my admin login credentials, even though they are set to NOT allow external access. This is very disconcerting and worrysome. "Trust us, we are a big company and know what we are doing" is not a comforting answer.
Earlier today I got the V2.3.1.44
I was on the version listed below.
Looks like v44 doesn't need v212 or v32 to be installed prior. Interesting.
Is the system working for you after the update?
JammasterC wrote:
Earlier today I got the V2.3.1.44
I was on the version listed below.
You seem not to understand how this works. The Orbi, like many other routers, and smart devices, generally, automatically checks for and installs updates. But the Orbi is sending a request to the Netgear servers and asking whether it has the current firmware version. Netgear is NOT remotely logging in and installing it. Many other home routers do this, too, because there is a known issue where users buy a router, configure it, and then never check for updates, leaving them vulnerable to attacks, malware, botnets, etc.
While it's great that you manually check for updates weekly, many users don't. But even checking weekly means potentialy being vulnerable for nearly an entire week. If you check on Sundays, and then Netgear published an update on Monday for some critical vulnerability, you wouldn't have it patched until the following Sunday, which is better than many, but still not as good as checking daily.
I got home tonight, my Orbi won't connect to most websites - including netgears sites.
Disconnected Orbi, connected my old Netgear router. Put in a support ticket - over four hours ago - got a ticket number but no responce. No phone #, No online chat.
Looked that the "community". did a "factory reset" per instructions on Orbi and satellites. Still won't connect to many websites - 404, 401, "security"
This is just bull**bleep**. They break my hardware remotely and there is no support. **bleep** them. I want my money back.
doesorbiwork wrote:
I got home tonight, my Orbi won't connect to most websites - including netgears sites.
Disconnected Orbi, connected my old Netgear router. Put in a support ticket - over four hours ago - got a ticket number but no responce. No phone #, No online chat.
Looked that the "community". did a "factory reset" per instructions on Orbi and satellites. Still won't connect to many websites - 404, 401, "security"
This is just bull**bleep**. They break my hardware remotely and there is no support. **bleep** them. I want my money back.
Sounds like there could be another router in the mix?
If you describe your network setup (Orbi model, # of Sats, type of connection to internet, make/model of modem, and mode of Orbi operation) we could probably help make it work better than ever with the new FW.
