Welp never buying anything D-Link ever again
I had a couple of dlink gigabit desktop switches. Two failed so far, one has taken down the whole network, not just devices directly connected to it, and the other one fried 2 router ports when it died. I learned my lessons about buying crappy network hardware.
Edit: that happened within a few months, so these switches also have a very clear EOL.
Because they won’t support routers that were EOL a decade ago?
Companies should be forced to release all source code for products that are “EOL”. I will never change my mind on this.
Especially for stuff like medical implants
‘Sorry, your eyes are no longer supported’
And anything that touches on security (i.e. connected to the internet), and routers definitely count here.
Because that bug was so egregious, it demonstrates a rare level of incompetence.
that bug was so egregious, it demonstrates a rare level of incompetence
I wish so much this was true, but it super isn’t. Some of the recent Cisco security flaws are just so brain-dead stupid you wonder if they have any internal quality control at all… and, well, there was the Crowdstrike thing…
Some of the recent Cisco security flaws are just so brain-dead stupid you wonder if they have any internal quality control at all
At the super budget prices Cisco charges, do you really expect quality control to be included? You’ve got to buy a quality control subscription for that. /s
Idk, this was kind of a rare combination of “write secure function; proceed to ignore secure function and rawdog strings instead” + “it can be exploited by entering a string with a semicolon”. Neither of those are anything near as egregious as a use after free or buffer overflow. I get programming is hard but like, yikes. It should have been caught on both ends
May 1st 2024 was a decade ago? (The article has a list and only two are old as you mention, though not quite a decade yet)
Most reached EOL in may of this year.
EOL is still EOL
Then they can open source the code so someone else can fix the issue.
I think it’s easy to blame a company for how they are handling this, but at the same time, if you’re using a router that old you should probably already assume that it has vulnerabilities that haven’t and probably won’t be patched.
Is DDWRT still a thing?
OpenWRT is. Not sure if it’s supported on that hardware tho.
I moved to an OPNsense router a couple of years ago and I’ve never looked back. Hell is shitty consumer routers.
Do you have any recommendations on OPNSense routers?
Oh man, it’s a nightmare and I just happened to be lucky. I ended up buying one of those passively cooled router-esque N100 boxes out of China (AliExpress) and while it was a total punt it turned out to be a great experience, and their customer service was actually good too.
Kingdel was the make/vendor and it’s been rock solid.
This is the way.
but does it run openwrt?
e: no it doesn’t, only one model had half-baked image made and available for download from some sketchy forum post made in 2014
I mean, some of those EOLed nearly a decade ago.
You can argue over what a reasonable EOL is, but all hardware is going to EOL at some point, and at that point, it isn’t going to keep getting updates.
Throw enough money at a vendor, and I’m sure that you can get extended support contracts that will keep it going for however long people are willing to keep chucking money at a vendor – some businesses pay for support on truly ancient hardware – but this is a consumer broadband router. It’s unlikely to make a lot of sense to do so on this – the hardware isn’t worth much, nor is it going to be terribly expensive to replace, and especially if you’re using the wireless functionality, you probably want support for newer WiFi standards anyway that updated hardware will bring.
I do think that there’s maybe a good argument that EOLing hardware should be handled in a better way. Like, maybe hardware should ship with an EOL sticker, so that someone can glance at hardware and see if it’s “expired”. Or maybe network hardware should have some sort of way of reporting EOL in response to a network query, so that someone can audit a network for EOLed hardware.
But EOLing hardware is gonna happen.
The ones with EOL 2015, fair play. But May 2024 isn’t all that long ago.
Edit: Looks like those were launched in early 2015. I guess requesting users to update devices after 8+ years might not be too far fetched.
This is the correct reaction to old home equipment.
Right?
Something this old is going to be power inefficient compared to newer stuff, and simply not perform as well.
I would know, I just booted up a 10 year old consumer router last night, because the current one died. It’ll be OK for a few days until I can get a replacement. Boy, is this thing slow.
I have a netgear router that isn’t even that old and it doesn’t have gigabit ports.
even though I was able to throw openwrt on there to mess around with it’s still e-waste
e-waste? a lot of networks dont need anywhere near gigabit. Especially because at a lot of places around the world even the ISP can’t provide that bandwidth for internet, but this applies to internal networks too. in a lot of cases a 100 mbps capable managed switch (which a router can be, even if with limitations) is enough
My cat likes how much heat they make too.
When the users are in control of the software running on their devices then “EOL” is dependent the user community’s willingness to work on it themselves.
I can still use a 2003 AMD Opteron with the newest builds of Linux. It’s an open standard. As long as the hardware still physically works. The only reason these pieces of hardware are EOL is because they chose to lock them down.
EoL of anything should mean open source code. You don’t want to open source your code? Then you must keep servicing your products and must keep your servers up
EU is cooking something with EU Directive on Liability for Defective Products. I’ve read only part of it, but basically companies are liable for bugs in software unless they opensource it.
I think there should be a handoff procedure, or whatever you want to call it.
As EOL approaches, work with whatever open router OS maker is available (currently OpenWRT) to make sure it’s supported, and configs migrate over nicely. Then drop one last update, designed to do a full OS replacement.
Boom, handoff complete.
I’d support a regulation that defines either an expiration date or commitment to open source at the time the hardware is sold.
all hardware is going to EOL at some point, and at that point, it isn’t going to keep getting updates
EOLing hardware should be handled in a better way
Both of these are solved by one thing: open platforms. If I can flash OpenWRT on to an older router then it becomes useful again.
Definitely don’t this in the past (Linksys WRT54G!) but let’s be honest, the kind of people running 10yo Dlink routers aren’t going to flash new firmware, let alone OpenWRT or even know to look for it. It would have to come that way from the factory. And even then I doubt most people even do regular updates, sadly.
Counter point: so it should automatically update every night when updates are available, and should have or migrate to an open standard at mfg EoL or from the factory.
It’s still the mfg fault, full stop.
Bingo.
Either support the device until the heat death of the universe, or provide consumers with the access to maintain it themselves.
But neither of those help corporations make them all the money. So we need regulation to force them to.
Regulation? I think you mean “guillotines”…
Regulation guillotines maybe?
my guillotine is named regulation
If I can flash OpenWRT on to an older router then it becomes useful again.
well, only if it has more than 4 MB storage, 8 MB RAM. I’m practically swimming in older routers that can’t even pass that requirement, and even today the cheaper, that is, more affordable options are still near that for some fucking reason.
Perfect time for users to buy something that isn’t D-Link then innit.
It baffles my mind how people have picked up a cheap knockoff manufacturer and forcibly made it into a major brand… That still produces junk at same 5 dollar knockoff quality level it had from the start.
I’m confused which brands you speak of, Asus used to be very good
then what? the brand thats owned by a chinese company, and even designs not just the software but the hardware too according to Chinese interests, tp-link?
or the one that requires online registration to access the setup page (and so to replace the firmware) that is netgear?what?
The article also mentions Cisco briefly, who also suck. Almost as much as Palo Alto
The DSR-150 is still being sold on Amazon under the D-Link store. Why the hell would you end of life something you still sell.
Just say you are from the Middle East.
Product Status (Revision Series_v1500): Live - The product is actively being manufactured and sold."
Don’t want to get lumbered with a bunch of old stock now, do you?
Technically most if not all Amazon sellers are third party who sell to the warehouse and then it sits there until its listing contract expires.
Thats why Rode Microphone refuses to sell on Amazon.
Then recall all the end of life stock.
I hate to say it, but depending on manufacturers for this kind of stuff will always inevitably lead to these kinds of situations. This is why I always buy OpenWrt compatible routers and DIY my own NAS.
Over the years, I’ve experienced:
- Netgear refusing to patch bugs like their IPv6 firewall essentially letting all traffic through on the R7800
- QNAP shipping NASes with Intel CPUs that had clock drift issues so bad they essentially bricked themselves. They then refused to provide any kind of support for them.
After that I basically said, fuck it, I’ll DIY my own and have been much happier ever since. If you have the know-how and the time, DIY is the way to go for longevity.
A bunch of juvenile D-Linkuents. Get it? D-Link? Nevermind…
a new non dlink router. Since the should be named f-link for a number of reasons.
Cool, so what brand is a good one to replace D-Link with?
Tplink is widely supported by openwrt
Mikrotik and Ubiquity
I have a fourth generation I7 with 8gb of ram running pfsense. Its free and you can’t beat it for baked in capabilities. I run pfblocker ng and snort to block ads maleware and useless(to me) telemety that my non linux machines send in regularly. Microsoft, Amazon and others. I also have wiregurad for vpn access to my home. You can also install the ntopng package and get really good realtime information on what is going on on your network. For years I used open wrt but the two don’t really compare. If you had to compare, openwrt is like a geo metro and pfsense is like a sports car.
Okay so the 2015 EOL ones, yeah I can understand telling the customer to update their shit. They shouldn’t have to support nearly 10 year out of date stuff.
May 2024 EOL ones? Bruh. C’mon now.
Hopefully there’s a mistake in the article.
- It does claim they were both discontinued this year and reached end of support this year. If that’s true, that’s huge and there should be consequences in the market.
- if the article is poorly written and the only concern is they already passed end of support so are no longer being supported , that seems like a tautology.
I would love to know when they stopped selling it compared to the EOL. EOL should be at least 5 years past the last time the models were shipped out, maybe more. So if May 2024 was EOL I sure hope they weren’t selling them after 2018.
Commodity hardware & open source software for the win.
When my Western Digital NAS was never going to get critical security patches, I was so freaking glad to find out that they just used software raid… I threw the HDDs in a Debian server and never looked back.
It’s certainly nice to have things that are turn-key, but if you can find your way around any OS, just avoid proprietary everything.
I agree. Buy a new router that isn’t Dlink.
Yeah after gettin screwed by the DLink you might as well use the TP-Link
