Reminder to self: mid-term solution for replacing Ubiquiti access points
Posted by jpluimers on 2023/12/11
Last year, after an already long sequence of doing stupid things, Ubiquiti sued Brian Krebs.
For many this was a reason to think about what to replace their Ubiquiti.
My cloud key had already died, I never installed the USG router, so this is the reminder to see if anything has come up to replace the Unifi access points that is easy to manage in a self-hosted way are powered over ethernet, do the same seamless handover and cooperative WiFi antenna management.
Some links from back then:
On the day (my day in Amsterdam, not USA):
- [Wayback/Archive] Jeroen Wiert Pluimers on Twitter: “I agree with Kris: need a medium term solution to replace my Ubiquity gear. It is just wireless access points (all other stuff is different brands), but Ubiquiti UniFi AP-AC Lite were one of the few affordable brands that really do WiFi handover well.”
- [Wayback/Archive] Kris on Twitter: “Ich habe keine Ahnung, wann und wieso Ubiquiti genau über den Hai gesprungen ist, aber ich bin genervt, weil ich mir jetzt mittelfristig andere Tech suchen muß. Dabei war ich so froh, daß ich endlich den ganzen brennenden OpenWRT Dreck vom Hacken habe.” / Twitter
- [Wayback/Archive] Nach Cyberattacke: Ubiquiti verklagt Brian Krebs wegen angeblicher Verleumdung – Golem.de
- [Wayback/Archive] Pieter on Twitter: “@isotopp Was hattest du für Schmerzen mit OpenWrt?” / Twitter
- [Wayback/Archive] Kris on Twitter: “@pfhllnts Drahtverhau aus Shell generiert config aus config, falsch. Router Hardware alle sechs Monate kaputt (Drecksflash). Kein Handover beim Wechseln des Stockwerk. Router sehen sich nicht gegenseitig und stimmen Sendeleistung und Channel nicht automatisch ab.” / Twitter
- [Wayback/Archive] Kris on Twitter: “@pfhllnts Das heißt, die lösen das falsche Problem mit unzureichenden Tools auf instabiler Hardware.”
- [Wayback/Archive] Jeroen Wiert Pluimers on Twitter: “@Zugschlus @isotopp EdgeOS was based on Vyatta/VyOS which is based on debian, but UniOS seems to be based on Alpine. Not sure about the AP software. The cool thing was that with UniKey/docker you could run everything self-hosted and things would work well together. No real competition there yet?”
- [Wayback/Archive] Kris on Twitter: “Ich habe drei AP von denen, und hatte noch drei Switches auf der zu-ersetzen-Liste. Was nehme ich denn nun, was vergleichbar ist?”
- [Wayback/Archive] Kris on Twitter: “Ich habe keine Ahnung, wann und wieso Ubiquiti genau über den Hai gesprungen ist, aber ich bin genervt, weil ich mir jetzt mittelfristig andere Tech suchen muß. Dabei war ich so froh, daß ich endlich den ganzen brennenden OpenWRT Dreck vom Hacken habe.” / Twitter
- [Wayback/Archive] Jason Porter on Twitter: “@jpluimers Ruckus Wireless is a good option.”
- [Wayback/Archive] Glenn Dufke on Twitter: “@jpluimers Take a look at the GrandStream GWN series access points, they’re quite nice for their price-performance and sits in the same price segment as ubnt” / Twitter
- [Wayback/Archive] Glenn Dufke on Twitter: “@webguy @jpluimers Ubnt are technically obligated to provide the GPL licensed source code parts and toolchain as the AP firmware is built around embedded Linux. They do advertise it on their download page but have made it quite difficult to get your hands on. OpenWRT does support most of the hw” / Twitter
- [Wayback/Archive] Glenn Dufke on Twitter: “@webguy @jpluimers The challenge with signed firmwares are something FCC introduced as requirements som years ago to make sure the radios, especially the 5GHz are only operating within approved frequencies” / Twitter
Earlier in the night:
- [Wayback/Archive] Chris Bensen on Twitter: “@geerlingguy In my opinion the cameras are unusable. The dream machine is in a class of its own but that isn’t saying I endorse it. I’d sell it for a loss and replace it in a heartbeat if something matched it price/features. And I used ubiquity for the worlds largest pi cluster!” / Twitter
- [Wayback/Archive] Jeff Geerling on Twitter: “Maybe this is the final mail in the coffin for many? Ubiquity at one time seemed to have a stranglehold on certain market segments. Some of these decisions in the past 5 years have really worn down their community reputation.” / Twitter
- [Wayback/Archive] Stephen Foskett on Twitter: “Really @Ubiquiti? Suing @briankrebs? And claiming this would in trash traffic and web revenue on his site? Makes me want to rip out my Ubiquiti install.” / Twitter
- [Wayback/Archive] Corey Quinn on Twitter: “So I’ve been a *mostly* happy @Ubiquiti customer, despite a few hiccups with their Cloud Key Gen 2+ model space heater. And a security breach. That I first found out about from @briankrebs. Against whom Ubiquiti has apparently just filed a lawsuit. ” / Twitter
- [Wayback/Archive] Thread by @QuinnyPig on Thread Reader App
So I’ve been a *mostly* happy @Ubiquiti customer, despite a few hiccups with their Cloud Key Gen 2+ model space heater.
And a security breach.
That I first found out about from @briankrebs.
Against whom Ubiquiti has apparently just filed a lawsuit.
As a customer, this is the email that I got and didn’t catch at the time. “Sooo, just FYI, there’s been an attack against our systems with DB. Maybe consider changing your password?” Hugs and puppies, Ubiquiti.
Yeah, the fact that credentials were not invalidated and immediately reset means that this section is complete bullshit.It’s an example of “Ubiquiti and other companies disregard(ing) their customers’ online security” because that’s exactly what they did. That’s not clickbait.
That’s funny, “we found a backdoor in our systems” in the filing is in no way the tone that your email struck, @Ubiquiti. What’s the deal with that?
Yeah, sorry. As one of those quaint things called “a paying customer,” I assure you that the risk factor here is not your competition figuring out the secret to making space heaters reboot.
Uh…. you *did* downplay the severity here. Whether it was an insider or an outsider isn’t really the relevant part of the story, so much as “you failed to secure the data that I had entrusted to you.”
Oh come on @Ubiquiti. Even Krebs’s story and the claims therein didn’t shine as much light on your failings as your own lawsuit filing is doing. My god…
Welp @briankrebs is getting pride of place in my RSS reader for the next decade based upon this.And at this point we’ve only seen the suit. Krebs hasn’t filed a response yet!
Ubiquiti seems awfully convinced that “it wasn’t an outside attacker, we just suck at detecting insider threats” is a far stronger position than it is here in reality.I don’t care who pushed you or what you were carrying; everyone saw you eat shit down the stairs.
The meat of the accusation is that the inside attacker was @briankrebs’s source. I really fail to see the problem if that’s true; that guy kinda seems like one of the more competent people running the store over at @Ubiquiti right about now.
Think to all of the books you’ve read, the movies you’ve seen.When someone sues a journalist, how often are they presented as “the good guys?”
It appears @Ubiquiti is represented by @ClareLockeLLP, who proudly boasts about… suing journalists. Genius PR move, folks.
I eagerly await being added to the lawsuit because I have enough Twitter followers to look like media if you squint hard enough, and I too have said things about you on the internet that are likely to cause you some grief, @Ubiquiti.
Be sure you get the rest of the kids saying mean things about you on the playground too, you poor delicate $18B publicly traded company.
- [Wayback/Archive] Thread by @QuinnyPig on Thread Reader App
- [Wayback/Archive] Corey Quinn on Twitter: “So I’ve been a *mostly* happy @Ubiquiti customer, despite a few hiccups with their Cloud Key Gen 2+ model space heater. And a security breach. That I first found out about from @briankrebs. Against whom Ubiquiti has apparently just filed a lawsuit. ” / Twitter
- [Wayback/Archive] Stephen Foskett on Twitter: “Really @Ubiquiti? Suing @briankrebs? And claiming this would in trash traffic and web revenue on his site? Makes me want to rip out my Ubiquiti install.” / Twitter
- [Wayback/Archive] Jeff Geerling on Twitter: “Maybe this is the final mail in the coffin for many? Ubiquity at one time seemed to have a stranglehold on certain market segments. Some of these decisions in the past 5 years have really worn down their community reputation.” / Twitter
–jeroen
The Wiert Corner - irregular stream of stuff 
Leave a comment