SR-260 Update

[wappinghigh]

See?

Walk in my shoes...

I'll call it "KB bias.."

Everyone's a genius with a KB in their hands..

A genius...

...and everyone else is just plain stupid...or annoying, or a complainer, or a troll, or has some alternative flat earth or conspiracy belief...

Yep the whole world is out to get me.

I get it.

I look forward to Ryans answer on whether or not I am getting critical security  patch updates in a timely manner (leaving my critical updates permissions box checked)

I have no idea whether or not that is the case.

Good day to you all.

W

[digitaltrader]

17 minutes ago, wappinghigh said:

See?

Walk in my shoes...

I'll call it "KB bias.."

Everyone's a genius with a KB in their hands..

A genius...

...and everyone else is just plain stupid...or annoying, or a complainer, or a troll, or has some alternative flat earth or conspiracy belief...

Yep the whole world is out to get me.

I get it.

I look forward to Ryans answer on whether or not I am getting critical security  patch updates in a timely manner (leaving my critical updates permissions box checked)

I have no idea whether or not that is the case.

Good day to you all.

W

Wap makes a great point here.  No matter his tactics, what he mentions is very important.  C4 hasn’t in the past communicated with the end user in regards to potential security issues and patches.  A simple notification service done directly C4 to consumer is needed.  Any questions or project specific questions would be handled by the dealer, but apparently the Odealer and OP wasn’t aware of the pushed firmware updates.

[Pounce]

48 minutes ago, wappinghigh said:

Difference is we never know about the details of updates....

Ok, let me play devil's advocate. You want auto updates on by default. You want to know what's in the automatic critical update. In your case that means you want to know what was automatically already installed. Did I get that correct? What will you do with the information about the critical patch if its already installed? If it's a critical patch and security related and maybe a vuln how much detail do you want public?

[wappinghigh]

12 minutes ago, digitaltrader said:

Wap makes a great point here.  No matter his tactics, what he mentions is very important.  C4 hasn’t in the past communicated with the end user in regards to potential security issues and patches.  A simple notification service done directly C4 to consumer is needed.  Any questions or project specific questions would be handled by the dealer, but apparently the Odealer and OP wasn’t aware of the pushed firmware updates.

Thank you kind Sir.

 

W

[Pounce]

13 minutes ago, digitaltrader said:

A simple notification service done directly C4 to consumer is needed

Given the current model I don't think this is smart. A subscription model or a way for folks to check seems more prudent.

[wappinghigh]

11 minutes ago, Pounce said:

Ok, let me play devil's advocate. You want auto updates on by default. You want to know what's in the automatic critical update. In your case that means you want to know what was automatically already installed. Did I get that correct? What will you do with the information about the critical patch if its already installed? If it's a critical patch and security related and maybe a vuln how much detail do you want public?

I just want to know what's going on and when.

Like every other 99% of platforms out there...

Obviously details of the specifics of the security are not important...

But details of information of non security changes in some sort of way would be great.

It would help me as a guide as to when to upgrade gear, and what changes to make in my project or to other gear in my house etc in the future etc...

Both before an upgrade is available (and potentially loaded) and also in a log of past firmware...

Perhaps it would even encourage me to spend more on C4..

I'd just like to be more informed on firmware.

I don't see why that's a problem for the company, it's dealers or the "model"..

I just wish the company was more transparent with it's end user base

It's that simple.

W

[Pounce]

Do you have a dealer that you use to service your system and have you talked with them about updates specifically?

[wappinghigh]

1 minute ago, Pounce said:

Do you have a dealer that you use to service your system and have you talked with them about updates specifically?

I don't see why that question is relevant.

In my view if a firmware upgrade or patch is good enough to be released onto my platform, then it should be good enough for me to be allowed to do that myself.

Like every other 99% of computer based products I own in my house.

 

[wappinghigh]

But sure..

The answer to that question is yes...

[Pounce]

1 minute ago, wappinghigh said:

The answer to that question is yes...

So you don't actually have a problem then, correct?

[wappinghigh]

Just now, Pounce said:

So you don't actually have a problem then, correct?

No I don't have any problem at all with my dealer.

I have a problem with getting information about things like firmware from the company

I simply don't see why I need to hassle my dealer for every single minutia of information about things like firmware

I'm a grown man. I have use of the internet. I put my own 50 device network together.  It's nearly 2020.

I am sick of being treated like a child by this company.

And Im tired of copping abuse on this forum simply for trying to get information that in my opinion should be readily available to the owner of my equipment.

That happens to me.

Not my dealer.

 

 

[Pounce]

10 minutes ago, wappinghigh said:

then it should be good enough for me to be allowed to do that myself.

 

[wappinghigh]

Just now, Pounce said:

 

sure

I'm now definitely put of here.

Like I said.

Do Try walk someday in my shoes ol sport...

W

[Pounce]

1 minute ago, wappinghigh said:

Do Try walk someday in my shoes ol sport...

You know what they say about assuming...

[wappinghigh]

 ^ I don't assume anything about you 

You might not have a dealer and have use of pro for all I know 

You might be a dealer 

You might be an ex dealer

You might have a dealer and have use of (his/her) pro

You might have none of this...

I'm sure there are a myriad of combinations of how we can use our products...

All you have told me is you work in software 

Why does any of this matter?

If i say I'd like more direct information on product software, firmware, heck be able to upgrade firmware myself even.. so what?

If i upgrade and I stuff it up, what's it to you or frankly anyone??

Heck!..Might be even more work for my dealer.. (fixing up the mess)

I'm just fed up being treated like a child by this company.

They need to grow up and realise it's nearly 2020 the world has changed, and stop holding everyones hands like we are a bunch of babies...

Heaven forbid our platforms might actually become more robust, and we might stop asking dumb questions on this forum! 

Good day to you Sir!

 

[Cyknight]

1 hour ago, digitaltrader said:

 C4 hasn’t in the past communicated with the end user in regards to potential security issues and patches.  A simple notification service done directly C4 to consumer is needed. 

You mean the, I think THREE in nearly 15 years, instances where there was a true potential system DOWN case - where they DID communicate that to all consumers on their registered account email?

The fact that you do not see any 'true' SECURITY issue emails is much simpler than you think: There have been no SYSTEM based security vulnerabilities or issues. There WAS the one instance, when the semi-dark web search engine started listing systems with OPENED PORTS (and default logins) which were vulnerable where they sent out an updated security advisory - again to all dealers AND all customer account emails.

[digitaltrader]

2 minutes ago, Cyknight said:

You mean the, I think THREE in nearly 15 years, instances where there was a true potential system DOWN case - where they DID communicate that to all consumers on their registered account email?

The fact that you do not see any 'true' SECURITY issue emails is much simpler than you think: There have been no SYSTEM based security vulnerabilities or issues. There WAS the one instance, when the semi-dark web search engine started listing systems with OPENED PORTS (and default logins) which were vulnerable where they sent out an updated security advisory - again to all dealers AND all customer account emails.

And how would I know that without being a dealer?  Communication is important even with the lack of vulnerability.  

[Cyknight]

26 minutes ago, wappinghigh said:

If i say I'd like more direct information on product software, firmware, heck be able to upgrade firmware myself even.. so what?

You can certainly express your preference the first part as such is actually fairly reasonable. It's the long winded rants that you put around it that bury these type of things (not to mentioned the answer to the original question) and undermining any normal 'wishlist' and questions you have. This whole thread would have been quite different, if you simply asked in you first post what the firmware was about, instead of, in order:

Quote

 

Lol

 

Dealer user name*....

Password* .....

 

W.

 

 

Sent from my iPhone using Tapatalk

 

Quote

This is an open public forum.

Why not just *tell* us?

Why all the secrecy?

All it is, is just basically a universal remote ....





Sent from my iPhone using Tapatalk

You always complain that you get shot down - thing is, you constantly draw first, even if you don't draw first blood.

[wappinghigh]

1 minute ago, Cyknight said:

You can certainly express your preference the first part as such is actually fairly reasonable. It's the long winded rants that you put around it that bury these type of things (not to mentioned the answer to the original question) and undermining any normal 'wishlist' and questions you have. This whole thread would have been quite different, if you simply asked in you first post what the firmware was about, instead of, in order:

You always complain that you get shot down - thing is, you constantly draw first, even if you don't draw first blood.

That's because reasonable answers to reasonable questions are never given

The direct approach failed years ago 

 

[Cyknight]

4 minutes ago, digitaltrader said:

And how would I know that without being a dealer?  Communication is important even with the lack of vulnerability.  

You missed the part that they HAVE consistently contacted end-users with an account on exactly that. I even believe they sent out an email when there was some concern about ZigBee in general explaining that C4's own stack was not subject to those vulnerabilities.

That most people don't READ those emails (or use fake or unchecked email addresses) is not the fault of the sender.

[Cyknight]

Just now, wappinghigh said:

That's because reasonable answers to reasonable questions are never given

The direct approach failed years ago 

 

Nonsense WAP.

This comment is either intended as another jab at some imaginary plight, or you truly believe it - which would be funny if it wasn't so sad.

[wappinghigh]

Just now, Cyknight said:

Nonsense WAP.

This comment is either intended as another jab at some imaginary plight, or you truly believe it - which would be funny if it wasn't so sad.

Ok..  So this question is now directed at you CY...

"Do you find it unreasonable for an end user of software to want details of firmware and patches in a timely and efficient manner?" 

Please answer yes or no. 

[Cyknight]

15 minutes ago, Cyknight said:

You can certainly express your preference the first part as such is actually fairly reasonable

I already answered that WAP.

No I do not find it unreasonable for anyone to desire information.

 

Desire for something does NOT equal a right, not to mention that TIMELY MANNER is a matter of opinion. So would be who's responsibility it is to provide that information, or if it should be something GIVEN or ASKED for.

[wappinghigh]

^ Ok cool....Direct question no 2.

(For CY)

What specific problems (if any) would you envisage there would be, with providing a log of past firmware changes and any likely future changes, direct notification re security patches etc  straight to the end user. In an upgrade process that is dealer controlled? 

[wappinghigh]

Direct question 3.

Would there be any direct threat to anyone else's Control4 project, Control4's servers, the platform as a whole, IP theft etc - if an end user crashed or broke their own project updating firmware themselves?