Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> An "automatic" update that would potentially cause the router to reboot and bring down the network would go over very poorly with customers, even if it happens at 3 AM.

Maybe the the trigger for the automatic reboot could be more complicated than just a time-based trigger. Something like

    Reboot when
        localtime > 2AM & 
        localtime < 5AM & 
        traffic averaged over the last 5 min < 5kbs
Basically reboot unless the router detects the network is being used actively.


Of course, if you're on vacation and relying on that router to be available for security cameras, an automatic firmware update that results in a bricked router can be more than a little disruptive.


It's a tradeoff. You have to balance that negative against the negative of having botnets of millions of never-patched routers.

Automatic updates should be the default, but you should be able to shut them off if you want to make a different tradeoff.


Automatic security updates should be the default, all other updates should absolutely not. In case of patching routers there isn't much crapware to be upsold, but in general, if we're ever going to develop some code of ethics in this industry, I wish a part of it would be a rule of hard separation between security patches and feature updates, and another rule that the latter should never be done automatically without explicit opt-in.

Yes, it's extra work for developers, but the result of not doing that is the present situation - a lot of users, including a surprisingly large population of non-tech-savvy people, will go out of their way to shut down automatic updates, to avoid having to deal with broken workflows, upselling, ads sneaking in, and forced reboots in the middle of a business presentation or a game (or a surgery).


Automatic updates has some of the same issues as telemetry. Windows Update for example has to send information on things like drivers to scan for updates.


An update shouldn't brick a well built router; that's what watchdogs and secondary flash is for.


What about links that need to be available for failover or during emergencies? What about organizations that operate at those hours? I used to work at a 24 hour retail chain, and some stores in mining towns had their busiest hours around 4AM as busloads of miners came in to shop before the day started. We could _never_ upgrade those stores in the early morning hours.


So you're saying the defaults should be setup for the unusual use cases like you describe, even if that means we get botnets of millions of routers?

You're not going to define one set of secure-by-default rules that's going to work for everyone. Rather, you want to try to define a set of secure-by-default rules that work for most people. Then but the burden of reconfiguration and maintenance on those with unusual needs, rather than the majority.


Mikrotik's aren't really consumer-grade hardware (most Mikrotik's that is). Some operators deliberately stay a version or so back off the latest due to features breaking or instability, or requiring configuration changes, etc.

Automatic updating could be crippling to ISP operators (Mikrotik's are very popular with WISP's, and other smaller ISP operators).

> Basically reboot unless the router detects the network is being used actively.

For the average Mikrotik router, deployed at some WISP or small ISP, that's unlikely to happen.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: