WNDR3800 Firmware download from Netgear is corrupt-please fix

Retired_Member
Sep 15, 2020
There is still a problem, but it is with their site. They need to spend a little money for a secure address. That way, myself and others I would not have to deal with people like you, who seem to be just waiting to find fault and call someone stupid. With your sledge-hammer-like approach for information, I doubt it would help you to know that yes, indeed I had read and was following the f_cking directions. It seems that unless you are using the latest Windows 10 version yourself, you will not understand because you have to know exact wording of messages received. If I try to login to my router, I get a message it is a macilous site. If I try to download the Genie, it says it is a malicious site. The only thing safe left to do was to try opening the files? Nothing wrong with that, at to most people.

Actually, I am surprised you don't seem to recognize when someone is complaining vs. when someone actually needs help. Unless you really don't give a dam_ about others. If that is the case, then you must be getting paid by Netgear or are a disgruntled, former employee. H-E-double toothpicks, perhaps you're the owner!

I eventually by-passed the message and downloaded Genie. The next day when I logged-in, Windows had a pop-up saying it was not allowing certain portions of the Genie program to get through the firewall, because why, the SITE IS NOT SAFE. So, I unistalled it.

I learned what I needed to learn - although the router is connected to the internet at all times, it still needs someone via a computer to tell it to download the latest firmwear. This had already been done on our other computer. Figured it all out by myself.

You wrote that you are scared I will report you. Sorry to blow your node bubble, but decided to complain about you yesterday anyway. You actually did help at this point though, because I found a way to complain about you and their non-secure site at the same time. Plus, I filled out a form saying I would NOT recommend this product to anyone else, although it is actually a good product. Within your Sage-like existance, I would think you should be able tell when someone is frustrated. Right, doctor Node?

I think you should change your name to the to Sage-gistic Dr. Node-it-all. I am going to complain a second time, this time about your response I received via email. Hopefully, someone will finally take and realize that you are not a help to their cheap-o, customer service run-around.

I have included that message here:
> [...] I tried both. [...]
   What, exactly, does "tried" mean to you?
> [...] I am doing this corrrectly, but there is a problem. [...]
   You are "doing" _what_, exactly? My guess is that the problem is
that you're not following instructions. But, with descriptions like
"tried" and "doing this corrrectly", I can only guess at what you're
actually doing.
>    When you do _what_, exactly? "will not" is not a useful problem
> description. It does not say what you did. It does not say what
> happened when you did it. As usual, showing actual actions (commands)
> with their actual results (error messages, LED indicators, ...) can be
> more helpful than vague descriptions or interpretations.
   Which part of "actual" was unclear?
> [...] I am not the one who needs to do this differently. [...]
   You know that because what you've been doing has worked so well?
With that attitude, I see little hope for progress.
Or, one of us needs to do something differently. One possibility:
      https://en.wikipedia.org/wiki/RTFM
> [...] Sending me a link to a Wiki article that I need to 'Read the
> F_ckingManual" is abusive. Do it again and I will report you.
   Oooh. Please, don't hurt me.
>    Possibly interesting:
>       https://community.netgear.com/t5/x/x/m-p/1721037#M124018
   Still true. But, if you refuse to read and follow some relatively
clear instructions because your vast experience and expertise tell you
that you've been doing everything "correctly" up to now, then at least
one of us may be doomed to failure.

Dear Dr. Node: You have a nice retirement. Our house is paid off, and our future is looking secure. No failure here in the long run, but life does has its ups and downs.
- antinode
  Guru
  Sep 15, 2020
  > There is still a problem, but it is with their site. [...]
  
     What, exactly, does "their site" mean to you?
  
  > [...] indeed I had read and was following the f_cking directions.
  > [...]
  
     _Which_ "the f_cking directions", exactly, were you "following"? The
  world is filled with directions, and, with my weak psychic powers, I
  can't see what you were doing. All I have to work with here are your
  (detail-free) descriptions of what you're doing, and what happens when
  you do whatever you do.
  
  > [...] you have to know exact wording of messages received. [...]
  
     An actual quotation _is_ more helpful than your interpretation of
  what the message means to you, yes. That's especially true when one is
  doing a Web or forum search for the relevant text.
  
     Again, I can't see what you did, or what happened when you did it,
  but, if all you're seeing is a complaint from your web browser about
  sending some user credentials over an unencrypted/insecure link
  ("http://" instead of "https://"), then the easy thing to do is ignore
  the warning, and proceed. Presumably, you're talking to your own gizmo
  on your own LAN. If someone can overlisten to that traffic, then you're
  already in big trouble.
  
  > [...] it still needs someone via a computer to tell it to download
  > the latest firmwear. [...]
  
     It depends. Sometimes the semi-/automatic update scheme works;
  sometimes it doesn't.
  
  > [...] I would think you should be able tell when someone is
  > frustrated. [...]
  
     Your state of mind does not transform a useless problem description
  into a useful one. Its defects remain the same, as do my questions and
  suggestions.
  
  > [...] Figured it all out by myself.
  
     No doubt, that detailed description of the solution which you figured
  out will greatly assist some future reader of this woeful thread.
  
  > You wrote that you are scared I will report you. [...]
  
     Sarcasm loses another battle...
  
  > I have included that message here: [...]
  
     Had it gone missing, or did you enjoy it so much the first time, or
  what?
- schumaku
  Guru - Experienced User
  Sep 15, 2020
  Retired_Member wrote:
  There is still a problem, but it is with their site.
  Which site exactly, please?
  
  Retired_Member wrote:
  They need to spend a little money for a secure address.
  Netgear does have a valid signed and trusted wildcard certificate (and private key obviously). Well possible there are older infrastructure servers which might not have https on board - because of these were used by older embedded systems (like many routers, extenders, switches, whatever) for M2M downloads e.g. of XML feeds for firmware versions, firmware images, and the like - and many of these elderly system (or low-resource systems) don't have the capability to connect by TLS.
  
  Retired_Member wrote:
  ...I doubt it would help you to know that yes, indeed I had read and was following the f_cking directions. ...
  Hm, reminds me on the attempt of opening the firmware image for your router, unluckily sharing an extension identified by Windows and MacOS as a disk image above ... never mind. We're all humans and have the right to make errors.
  
  Retired_Member wrote:
  It seems that unless you are using the latest Windows 10 version yourself, you will not understand because you have to know exact wording of messages received.
  Not sure - most of the things happen in Web browers. If unclear, screenshots would help, regardless of the Windows language in place btw. Usually I don't see the Windows security environment jump in with messages - there must be something going on long before.
  
  Retired_Member wrote:
  If I try to login to my router, I get a message it is a macilous site.
  Really? Screenshot with the URL would be helpful here again.
  
  Let's try to break this down into some details...
  
  Most older routers only offer a http access - even the latest routers still allow http connection (reasonably secure on a private home and SOHO network. We can connect from a Web browser either using the router LAN IP address or one of these DNS-captured domains like routerlogin.com or routerlogin.net (and several others on different mode lines). Leaving the differences of the Web browsers alone (all say essentially the same, like "you are not securely connected" or "this site is not safe") when accessing a http Web site, the most informative (for me, not a Mozilla fanboy) is Firefox:
  
  Here (and on any other common browsers) no word of a malicious Web site. Note: This is not Netgear's Web site - this is on our own local routers.
  
  Retired_Member wrote:
  If I try to download the Genie, it says it is a malicious site.
  Uhhhh - Genie is a legacy App, the distribution was unluckily done over the M2M server used for older router firmware updates and so on. Let's see. However, if something pops-in stating it's a malicious site it's not the one and only available download from Netgear - which does start here on the Genie landing page:
  
  https://www.netgear.com/home/discover/apps/genie.aspx
  
  Once closing the full-screen pop-up "Out with the old, in with the new!" using the top right [X], we find near to the end of the page about this:
  
  App Store | Google Play | DOWNLOAD PC | DOWNLOAD Mac
  
  Indeed, the PC and Mac downloads are pointing to that http-only server (reasons explained above):
  
  http://updates1.netgear.com/netgeargenie/update/NETGEARGenie-install.exe
  http://updates1.netgear.com/netgeargenie/mac/update/NETGEARGenieInstaller.dmg
  
  For example when using Chrome 85 it says "can't be downloaded securely" (in fact a newer change on Chrome, it's Microsoft brother Edge does not say a word as of writing, similar to earlier Chrome).
  
  That's correct - the download from these links for the legacy app is fine. Fingers crossed no bad boys are capturing the DNS and put up a fake server somewhere of course.
  
  And again, no warning of a malicious site here again.
  
  Retired_Member wrote:
  The only thing safe left to do was to try opening the files? Nothing wrong with that, at to most people.
  Nothing wrong with having a good awareness against possible risks!
  
  If there there were _really_ warnings about malicious site(s) involved I would keep my fingers off the mouse button. Under the conditions we can download it from our systems here (and I'm not Netgear, too) the risk can be mitigated. Just like the http only access to a router on a closed private [W]LAN.
  
  Regards,
  -Kurt.
  - schumaku
    Guru - Experienced User
    Sep 15, 2020
    Update: The same http Genie downloads are referred on the older router support pages of course, to.

Forum Discussion

WNDR3800 Firmware download from Netgear is corrupt-please fix