HARDWARE SHIFTER Asus has been soundly criticised not just for its bloatware but for the way the firm updates and serves it.
No one wants bloatware. It is a scratch that you cannot itch, and Asus was recently fingered for being a host of bloat in a report by Duo Security.
The company did not comment on this to us at the time, but we sent an mail and remain hopeful.
In the meantime, there is nothing but negative news to say about this. The slinger here is US security researcher Morgan Gangwere, who explained that Asus LiveUpdate does what you might expect but in a really bad way.
"My advice to anyone who purchased an Asus device: remove LiveUpdate. It's really that simple. If you're an IT administrator, find devices making periodic calls to Asus's domains and blackhole them, get the user to come and see you," said Gangwere in a blog post.
"There is no information on how long this software has been in the wild, but I can speculate it's been since at least the XP days since.
"The Asus LiveUpdate client makes requests over plain, unencrypted HTTP to the Asus update servers (liveupdate01.asus.com or dlcdnet.asus.com, depending on version) and interprets them as XML files (or obfuscated XML). There is no verification done of the authenticity of this XML file or the items it points to."
When it's 2AM and your PoC works pic.twitter.com/HVWGK7cu22— Morgan Gangwere (@indrora) June 6, 2016
Gangmere said that this is open to abuse, which of course it is. Fortunately, even though Asus has not commented to us on this, the firm does offer a page all about how to remove LiveUpdate from your computer. A website called Shouldiremoveit.com polls users on the question. Currently the bulk are in the keep camp, but that could change.
"In tandem with a convenient 'run once an hour' scheduler task, LiveUpdate makes repeated, noisy requests to the LiveUpdate HTTP service. When 'Critical' updates are returned, the default behaviour is to automatically install the updates," added Gangwere.
"This scheduler task is run as any user in the NT Administrators group that the Task Scheduler deems high enough to be considered the most privileged. With a few fiddler intercepts, we can easily make the LiveUpdate application think we have a legitimate update." µ
C3-PO, R2-D2, BB-8 and other Androids
Helpful cyber vigilante gets short changed by customer services
...you know, now it's less confusing...
Firm will no longer provide updates for its first Android mobe