Reply
Highlighted

R7000 firmware updates from netgear

Can anyone tell me why netgear shows firmware 1.9.18 but shows a hotfix 1.9.20 available to download but router does not update automatically or manually detects from inside netgear software? I mean the purpose of either selecting automatic updates or even to manual update should work if they list it on there website. Many times I find myself manually downloading and uploading to get firmware, and yes the router has been reset etc to defaults before/factory default. Just curious as to why Netgear publishes new firmware updates with limited information "security fixes" with no real detail as to what changes and doesn't even offer them till weeks later or perhaps if lucky you'll get an email? 

Model: R7000|AC1900 Smart WIFI Router
Message 1 of 5

Accepted Solutions
Highlighted

Re: R7000 firmware updates from netgear

Trust me when I say "there is no security" only layers. But I understand where you are coming from. I've seen most of netgears updates containing bug fixes or errors other than real vulnerabilities and not telling slight details I suppose keeps them from being held responsible till it leaks out.
Opensource code is just that, open. Netgear uses opensource in many products. If the U.S. in my opinion wants better then custom inside house products need to be made. Parts and all, it's a good reason Bitdefender made their box2 in Romania. Their is reasoning behind knowing some details in changes from Netgear due to verifying procedures they keep and getting use to trusting them. Even ddwrt users get to inspect nightly changes. But I consider this resolved. No complaints or disgruntled just curious at Netgears practices of updates.

View solution in original post

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 5 of 5

All Replies
Highlighted
Guru

Re: R7000 firmware updates from netgear

IIRC, they post the updates for manual download before they update their systems for automatic updates.

As to security fixes, it's common for companies to limit the details of the security fixes. This is to protect people who don't update immediately.
Message 2 of 5
Highlighted

Re: R7000 firmware updates from netgear

I would think netgear would push out updates as they become available, as if it is ready to manually download makes sense to provide a HOTFiX asap?
As for not detailing security fixes, they sure post something if it's related in the media. I think they should give link to more detail about their changes. I'm concerned with the openx sharing of router analytics and auto updates if the company doesn't open up more about what they are doing. Too many useless services by default being used now like german telekom 20005 or ports 5000, afp etc or cisco stun...
Just wondering compared to other manufacturers why netgear is lagging in basics of security and making updates more visable without tearing apart chk or bin files etc.
Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 3 of 5
Highlighted

Re: R7000 firmware updates from netgear


@TKoftheCarolina wrote:
I think they should give link to more detail about their changes.


That would be a great way of telling criminals how they can attack unprotected routers.

 

You will find that the IT industry is careful about what it reveals on security issues. It has ways of sharing information about issues inside the industry before they get out into the media and other places where the bad guys hang out.

 


Just wondering compared to other manufacturers why netgear is lagging in basics of security and making updates more visable without tearing apart chk or bin files etc.

 

You'll have to provide evidence for that one if you don't want it dismissed as unsubstantiated wild assertion from one disgruntled customer, or even a crook seeking back doors into Netgear's kit.

Just another user.

My network DM200 -> R7800 -> GS316 -> PL1000 -> Orbi RBR40 -> Orbi RBS50Y -> RBS40V
Message 4 of 5
Highlighted

Re: R7000 firmware updates from netgear

Trust me when I say "there is no security" only layers. But I understand where you are coming from. I've seen most of netgears updates containing bug fixes or errors other than real vulnerabilities and not telling slight details I suppose keeps them from being held responsible till it leaks out.
Opensource code is just that, open. Netgear uses opensource in many products. If the U.S. in my opinion wants better then custom inside house products need to be made. Parts and all, it's a good reason Bitdefender made their box2 in Romania. Their is reasoning behind knowing some details in changes from Netgear due to verifying procedures they keep and getting use to trusting them. Even ddwrt users get to inspect nightly changes. But I consider this resolved. No complaints or disgruntled just curious at Netgears practices of updates.

View solution in original post

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 5 of 5
Top Contributors
Discussion stats
  • 4 replies
  • 4031 views
  • 0 kudos
  • 3 in conversation
Announcements