Ubiquiti, go write on the board 100 times, 'I must validate input data before using it'... Update silently breaks IDS/IPS Ubiquiti got a lesson in never blindly trusting external input this month. Its intrusion detection and prevention system (IDS/IPS) feature on its gateway hardware fetched a set of rules from an outside source that were broken, and rather than ignore the invalid data and fall back to known-valid data, it simply silently stopped …
This post has been deleted by its author
This post has been deleted by its author
This post has been deleted by its author
"[1] a beta security service operating live?"
Many security product manufacturers have opt-in beta channels for those who really like to test upcoming features. As long as Ubiquiti has clearly flagged (?) this feature with an appopriate warning, I would have no problem with it.
"[2] just shows what we all guessed - security appliance software development is as sloppy as it is for everything else."
Perhaps it is, but drawing conclusions from a single incident is unwise.
Also, grouping all software development in the same "sloppy basket" doesn't seem to reflect reality.
I use and like Ubiquiti gear, but any longtime user will tell you that all of their Unifi "stable" releases are betas. Unless a new version contains a specific fix that I need urgently, I let their releases soak for a month or two before installing on production equipment.
Fortunately, their forums and r/ubiquiti are filled with masochists super-conscientious admins who install every release as soon as it's published and post about the aftermath result.
Ubiquiti leaves promised and advertised features as "beta" for years. Apparently "beta" on their planet means both "broken" and "working as designed". If it filled a checkbox in a pseudo-review and got you to buy the product, it's working as designed, and by calling it "beta" they don't have to actually deliver a working component.
They also string customers along with "next update" promises until they declare the item End-of-Life and drop even pretend support. They're permanently on my Never Again list after spending resources to redo the website instead of actual feature development.
That's a little harsh, they've added a whole augmented reality rack view so you don't even have to look at the management console to see what's plugged into your switches.
It's not like anyone actually uses layer 3 in production?
Mine's the one with the inter-vlan ACL's in the pocket.
Their dashboard has plenty of useless data. So the site downloaded 90 gb of data? Over what time frame as it isn't mentioned except in conflicting forum posts. Throw in a white text on black design mixed with black text on white for a nearly unreadable system and version specific chrome requirements make their web interface look amateurish. Their support forums tend to have their search engine optimization around the wrong way so looking for a problem will result in the 5 year old solution, not the current one. If they put google parseable dates in their metadata would fix that problem. One USG has dropped out 4 times in the last month requiring power resets. That was after replacing a unit that died more than a dozen times over the last few months and it usually happens in the wee hours of the morning. Being a "cloud" device, there is no viability into it and a serious lack of logs that can be pulled off it after a reboot. Someone needs to tell them about a watchdog feature. Their radios do tend to work well but the USG seems like a joke of a product and I'll be looking for a replacement if they can't find and fix the problem real soon as it isn't up to the task.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
