# ASUS Z390 Motherboards Automatically Push Software into Your Windows Installation



## btarunr (Oct 23, 2018)

During testing for our Intel Core i9-9900K review we found out that new ASUS Z390 motherboards automatically install software and drivers to your Windows 10 System, without the need for network access, and without any user knowledge or confirmation. This process happens in complete network-isolation (i.e. the machine has no Internet or LAN access). Our Windows 10 image is based on Windows 10 April 2018 Update and lacks in-built drivers for the integrated network controllers.

Upon first boot, with the machine having no LAN or Internet connectivity, we were greeted by an ASUS-specific window in the bottom right corner of our screen, asking whether we'd like to install the network drivers and download "Armoury Crate". This got us curious and we scanned the system for any files that aren't part of the standard MS Windows installation. We discovered three ASUS-signed files in our Windows 10 System32 folder, which, so it seems, magically appeared on our harddrive out of thin air. Upon further investigation we also found a new, already running, system service called "AsusUpdateCheck."



 

 

 



These files could not have come from either our Windows image or the network, leaving the motherboard's 16-megabyte UEFI BIOS as the only suspect. The files themselves, which total around 3.6 MB in size, appear harmless, and belong to an ASUS-made program called "ASUS Armoury Crate." This program fetches the latest drivers for your hardware from ASUS servers, and installs them for you in an automated process with little user-intervention. This is a very useful feature, as it establishes a method to install network driver and other drivers easily, without the need for a physical driver disc (in times where nobody has an optical drive anymore). After digging around in the UEFI BIOS, we managed to find a fairly nondescript option "Download and Install ARMOURY CRATE app", which of course defaults to "on"; and it's not easy to find, being located in the "Tool" section of the BIOS setup.

The ASUS UEFI firmware exposes an ACPI table to Windows 10, called "WPBT" or "Windows Platform Binary Table". WPBT is used in the pre-built OEM industry, and is referred to as "the Vendor's Rootkit." Put simply, it is a script that makes Windows copy data from the BIOS to the System32 folder on the machine and execute it during Windows startup - every single time the system is booted. According to the Microsoft WPBT reference, which describes this feature as useful for "anti-theft software", this binary is a "native, user-mode application that is executed by the Windows Session Manager during operating system initialization.", which means "before all other programs, with administrative privileges". This gives pretty much full control over everything, including protected folders and the registry. 



 

The ASUS executable unpacks two more files, registers the "AsusUpdateCheck" service and launches it. Once the desktop is loaded, it manifests itself as a bloatware-looking notification near our system tray, requesting you to install the ASUS Armoury Crate software, by fetching the rest of its installer payload from the Internet. Interestingly, it also installs a basic driver to get the integrated network controller working, which is a nice feature. Windows 10 doesn't support the new Z390 integrated Ethernet controller out of the box. This method of writing data to protected areas of the boot drive may not be uncommon with OEM pre-built desktops and notebooks, but for the PC DIY space, in which consumers seek a higher degree of control and privacy over their hardware and software, it is a first and comes across as intrusive. It should normally take a lot of privilege for anything to write to your System32 folder without user-intervention, at least a UAC dialog authenticating the user's consent. Lenovo has used the same method in 2015, which resulted in a huge scandal. They automatically installed a rootkit, which logged data and pushed bloatware into the user's system.

Our motherboard was supplied within the European Union, and yet the software lacks a GPDR-compliant user consent dialog. If nothing else, a person's IP address will be transmitted to ASUS without consent, possibly more, including details like motherboard model, system specs and installed hardware.

We poked and prodded with the service a bit. Deleting the files (and/or the service) simply restores them at the next reboot. Clicking "cancel" in the first instance of the pop-up doesn't end the service, which keeps running in the background until you manually disable it (and it comes back at next reboot). The only way you can ensure the files stay deleted is by disabling the "ASUS Armoury Crate" option in the UEFI setup program, which disables the ACPI-WPBT table. Running the download & install, and then disagreeing with the license agreement will keep Armoury Crate installed on your system. Even when the Armoury Crate Uninstaller is run from "Programs & Software", the AsusUpdateCheck service doesn't get uninstalled, and the uninstaller also forgets to remove a second service it installed.

By default, the ASUS UEFI setup program for our motherboard has the "Download and Install Armoury Crate App" option enabled. Unsuspecting users who glossed over their UEFI setup configuration before installing their OS for the first time, will see the Armoury Crate pop-up even if their machines are not configured to access the Internet. This would do wonders for increasing the user-base of ASUS' software, but are you comfortable with something like this? Given NAND flash pricing, what stops motherboard vendors from embedding a flash-based USB mass-storage device directly onto their motherboards that installs a host of driver software and sponsored bloatware automatically?

If you put aside the privacy concerns for a moment, there are both advantages and disadvantages for what ASUS is trying to accomplish. Since it's enabled by default, this method makes installing drivers and system software easier than ever, since it also gets the network controller to work. It's particularly useful given that motherboard vendors continue to ship drivers on a DVD, and optical disc drives are on the decline, leaving people with little option but to copy their drivers onto a USB flash drive, just to get the NIC working. The application also fetches the very latest (most stable) versions of drivers found on ASUS website. The most obvious disadvantage is cybersecurity. If any of ASUS' on-chip code has security vulnerabilities that can be exploited, there is little way to fix it but with BIOS updates from ASUS. 

ASUS needs to make a few changes and release UEFI BIOS updates, on the double. One option could be to disable the Armour Create option in BIOS by default, so unsuspecting users don't get these files. It could be advertised in the home-screen of the UEFI setup instead. Another option could be to properly clean up the installed files if the users chooses to not use Armoury Crate and not install them again on next reboot. Also required is a GPDR-compliant license agreement, that clarifies which data is collected, how it is processed, and whether it is shared with third parties. While this probably won't happen, some kind of ASUS warranty to include liability for any future malware that exploits WPBT to survive OS reinstalls, would go a long way.

We're sure that as a market-leading motherboard vendor, the intentions behind this couldn't have been bad. It only needs a bit of polish, and a lot of transparency with the user.

*View at TechPowerUp Main Site*


----------



## Mayclore (Oct 23, 2018)

Like Windows 10 needs any help with installing bloatware.


----------



## erixx (Oct 23, 2018)

Great and balanced news alert, W1zard. 
Asking Asus to "properly clean up" is maybe asking too much, given it's decades old history of doing the contrary? Needing underground tools like "AI Suite cleaner" to do it? It's amazing that they do not hire software engineers with enough qualification... As you say "they will perfect it"... slowly...  I'll leave it here.


----------



## windwhirl (Oct 23, 2018)

Wow, such a nice feature. How long until someone finds a vulnerability and makes malware for it?


----------



## kastriot (Oct 23, 2018)

Just don't use internet and no probs..


----------



## R-T-B (Oct 23, 2018)

I told everyone earlier, in a certain UEFI spyware thread:

Nothing scares me more than big cheap flashroms on motherboards...  spyware, vendors, all of them have the power to misuse this.



kastriot said:


> Just don't use internet and no probs..



Comprehension fail.


----------



## srsbsns (Oct 23, 2018)

This has happened for a long time with Asus. Why is this news now? My Crosshair VII does this as well. I disable from the Bios and uninstall. problem solved.


----------



## Joss (Oct 23, 2018)

To be able to install a clean copy of Windows and only the software you chose is one of the advantages of building your PC. This move from Asus is inadmissible _and_ a privacy intrusion.
Besides, don't give us the "for your convenience" justification, being a builder is inconvenient per nature, and that's how we like it.


----------



## xkm1948 (Oct 23, 2018)

TPU: We found some potential potential privacy intrusive practice on a multi-national corporations.


--->  *Lawyers* want to know your location/


--->  EU administration intensifies.

Me:


----------



## Agentbb007 (Oct 23, 2018)

Thanks for the heads-up, I will definitely disable this on my XI Hero if Amazon ever ships my 9900k.  I like the idea of installing a NIC driver but other stuff not so much.


----------



## R-T-B (Oct 23, 2018)

srsbsns said:


> This has happened for a long time with Asus. Why is this news now? My Crosshair VII does this as well. I disable from the Bios and uninstall. problem solved.



That's even worse then.

This shouldn't be possible as far as I am concerned, but since that ship has sailed,AT LEAST have some sense and turn it off by default, ASUS.



Agentbb007 said:


> if Amazon ever ships my 9900k.



Amazon is claiming a backlog to december last I heard...


----------



## noel_fs (Oct 23, 2018)

oof asus is a no no for me for now on


----------



## bonehead123 (Oct 23, 2018)

1. no
2. no
3. HELLL NO

No asus craploaders fo me....

isn't it bad enuff that we have to deal with hackers, spywarz, malwarez, meltdowners, specters etc etc etc, and now this........wTf ???????????


----------



## SIGSEGV (Oct 23, 2018)

Is it a new invention from ASUS? /sarcasm 

lol


----------



## Cybrnook2002 (Oct 23, 2018)

windwhirl said:


> Wow, such a nice feature. How long until someone finds a vulnerability and makes malware for it?


You mean like the way the Chinese have supposedly done the same with the BMC and Supermicro? (At least according to Bloomberg) Loading files/code into an installed OS.


----------



## Owen1982 (Oct 23, 2018)

It would be nice if you could choose what drivers were installed with tickboxes in the BIOS.


----------



## Octopuss (Oct 23, 2018)

Looks like I won't be buying Asus motherboards if this is common practice then. Out of general principle. I am not paranoid or anything, but I absolutely despise shit being installed without my consent or even knowledge.


----------



## HammerOn1024 (Oct 23, 2018)

" This is a very useful feature, as it establishes a method to install network driver and other drivers easily, without the need for a physical driver disc (in times where nobody has an optical drive anymore)"

Great... jut what I need: Another uncertified software tool downloading software and installing it without my knowledge. Another hackers paradise has been created. Nice move ASUS.

Yet another reason to having nothing to do with Microsift or ASUS.


----------



## TheLaughingMan (Oct 23, 2018)

As if we needed another reason to hate ASUS bloatware. Stop making it. Just stop all RnD for software no one wants or uses. Spend that money on a office party or something, it can't be that much.


----------



## Dimi (Oct 23, 2018)

HammerOn1024 said:


> " This is a very useful feature, as it establishes a method to install network driver and other drivers easily, without the need for a physical driver disc (in times where nobody has an optical drive anymore)"
> 
> Great... jut what I need: Another uncertified software tool downloading software and installing it without my knowledge. Another hackers paradise has been created. Nice move ASUS.
> 
> Yet another reason to having nothing to do with Microsift or ASUS.



It doesn't download anything, did you even read it? 
They are drivers that are built in somewhere on the motherboard. They are loaded, not downloaded from the internet..


----------



## CrAsHnBuRnXp (Oct 23, 2018)

Agentbb007 said:


> Thanks for the heads-up, I will definitely disable this on my XI Hero if Amazon ever ships my 9900k.  I like the idea of installing a NIC driver but other stuff not so much.


I have to second this. Im waiting on my z390 board and 9900k still as well. Amazon is saying between nov 15th and december 12th for my motherboard.



Dimi said:


> It doesn't download anything, did you even read it?
> They are drivers that are built in somewhere on the motherboard. They are loaded, not downloaded from the internet..





> These files could not have come from either our Windows image or the network, leaving the motherboard's 16-megabyte UEFI BIOS as the only suspect. The files themselves, which total around 3.6 MB in size, appear harmless, and belong to an ASUS-made program called "ASUS Armoury Crate." This program fetches the latest drivers for your hardware from ASUS servers,



The Amory Crate downloads from the internet.


----------



## TheinsanegamerN (Oct 23, 2018)

My asus crosshair VII did something similar, it would place some files directly onto the C: drive upon startup, unless the process was disabled via task manager. These files did not come from the internet, as the NIC was not plugged in when I first installed. 

Will probably be my last ASUS board until they stop doing this BS. I dont need my motherboard pushing files to my PC for any reason.


----------



## ZhangirDuyseke (Oct 23, 2018)

I find extremely useful! That means that I don't need to manually download drivers from website after installing OS. Great!  Once again paranoid techpowerup users who believe in conspiracy theories, UFO, FBI spying on you and other bullshit! Evil ASUS want to spy on you and your library of hentai and midget porn, ahahah. Techpowerup users are ridiculous! Always find something to complain. It's done for our convenience and very helpful and saved my time.



Octopuss said:


> Looks like I won't be buying Asus motherboards if this is common practice then. Out of general principle. I am not paranoid or anything, but I absolutely despise shit being installed without my consent or even knowledge.


Even if that's latest drivers and useful software? It seems techpowerup users like it hard way.



Joss said:


> To be able to install a clean copy of Windows and only the software you chose is one of the advantages of building your PC. This move from Asus is inadmissible _and_ a privacy intrusion.
> Besides, don't give us the "for your convenience" justification, being a builder is inconvenient per nature, and that's how we like it.


Don't speak for all builders! Privacy intrusion?! Yeah like ASUS is very "interested" in your hentai and midget porn library, lol. It's extremely useful and saves a lot of time for me. Very convenient


----------



## Joss (Oct 23, 2018)

ZhangirDuyseke said:


> like ASUS is very "interested" in your hentai and midget porn library


It's Victorian nudes if you please


----------



## TheoneandonlyMrK (Oct 23, 2018)

This is not  intel specific, the crosshair 7 hero i bought did the exact same thing, except it calls it asus grid which then downloads updater which then downloads the armoury crate.
I didn't mind being assisted to find driver's and I doubt first time builders or OEM builders mind.

I believe it to have been a good faith , easy use feature that IS easily disabled.

It just should be advertised and easily enabled and default to off.


----------



## Salty_sandwich (Oct 23, 2018)

The moment you read the words

"If you put aside the privacy concerns for a moment"

in this day and age? put privacy concerns aside! lol like we have a choice, our privacy is taken at any given chance these days, no matter what ya do....


----------



## ZhangirDuyseke (Oct 23, 2018)

Salty_sandwich said:


> The moment you read the words
> 
> "If you put aside the privacy concerns for a moment"
> 
> in this day and age? put privacy concerns aside! lol like we have a choice, our privacy is taken at any given chance these days, no matter what ya do....


Exactly. Paranoid fools. They are using the internet and whine about privacy. The irony.


----------



## Octopuss (Oct 23, 2018)

ZhangirDuyseke said:


> Even if that's latest drivers and useful software? It seems techpowerup users like it hard way.


It won't be say, three months from now. I like my stuff being up to date, so this would be useless at best pretty quickly. Not to mention Windows 10 has basic drivers for pretty much anything built right in.
Also, what software? I don't need any software for a motherboard. In fact, I don't want any.


----------



## wiak (Oct 23, 2018)

asus should have three options
1. disabled 
2. install network driver only (simply copy and execute .inf install once) (default)
3. ammo crate?

and they should ask on startup maybe?


----------



## ZhangirDuyseke (Oct 23, 2018)

Octopuss said:


> It won't be say, three months from now. I like my stuff being up to date, so this would be useless at best pretty quickly. Not to mention Windows 10 has basic drivers for pretty much anything built right in.
> Also, what software? I don't need any software for a motherboard. In fact, I don't want any.


Actually Windows 10 doesn't install all the drivers like chipset, audio, Sata, wireless and other stuff. Before you had to always visit motherboard manufacturer's website and download everything from drivers page. Now it's by default automatic which is great! ASUS provides very useful utilities like automatic overclocking software and ASUS Ramdisk.


----------



## Octopuss (Oct 23, 2018)

If the software works fine and does something useful, then by all means, but FFS! - make it optional!


----------



## R-T-B (Oct 23, 2018)

Cybrnook2002 said:


> You mean like the way the Chinese have supposedly done the same with the BMC and Supermicro? (At least according to Bloomberg) Loading files/code into an installed OS.



That makes the bloomberg story even more dodgy to be honest:

If China really wanted to do that, there are easier means in frickin official UEFI spec...



ZhangirDuyseke said:


> Don't speak for all builders! Privacy intrusion?! Yeah like ASUS is very "interested" in your hentai and midget porn library, lol. It's extremely useful and saves a lot of time for me. Very convenient



He does however, speak for most I'd wager, excluding our resident "all privacy advocates hide midget porn." claimant.

At any rate this isn't a privacy problem.  More a consent problem.  And it's valid.  We can all be happy.  Just turn the frickin' option off by default.



ZhangirDuyseke said:


> Exactly. Paranoid fools. They are using the internet and whine about privacy. The irony.



Because injustice is a fact makes everyone who complains about it a whiner?  Please.


----------



## holyprof (Oct 23, 2018)

Well, one more "feature" that a company included "for your own good, it will be like we want". If i am building my own PC, installing drivers is what I actually want. If I wanted it done for me, HP, Dell, Acer, Apple and others have more than enough options.
One less brand on my future motherboard list. My last Asus motherboard was 17 years ago when they really made and sell the best stuff. Since then i've been happy with MSI and Gigabyte.


----------



## ZhangirDuyseke (Oct 23, 2018)

holyprof said:


> Well, one more "feature" that a company included "for your own good, it will be like we want". If i am building my own PC, installing drivers is what I actually want. If I wanted it done for me, HP, Dell, Acer, Apple and others have more than enough options.
> One less brand on my future motherboard list. My last Asus motherboard was 17 years ago when they really made and sell the best stuff. Since then i've been happy with MSI and Gigabyte.


ASUS is a leading manufacturer who makes the best motherboards, period. MSI and Gigabyte copy ASUS boards features. Good luck using second-rate hardware, hater.


----------



## Dave65 (Oct 23, 2018)

Does the same thing under Ryzen, pushed ASUS GRID service..


----------



## R-T-B (Oct 24, 2018)

ZhangirDuyseke said:


> ASUS is a leading manufacturer who makes the best motherboards, period. MSI and Gigabyte copy ASUS boards features. Good luck using second-rate hardware, hater.



lol what do they copy exactly, praytell?  And why is ASUS not filing patents if what you say is true?

Please quit trolling.  A lot of board manufacturers are good.  They all offer different features.  Some even do good RMA service...


----------



## TheoneandonlyMrK (Oct 24, 2018)

R-T-B said:


> lol what do they copy exactly, praytell?  And why is ASUS not filing patents if what you say is true?
> 
> Please quit trolling.  A lot of board manufacturers are good.  They all offer different features.  Some even do good RMA service...


That's true asus but i got one , features tut. Got me now.


----------



## lexluthermiester (Oct 24, 2018)

This is seriously shady. No thank you ASUS. It's *not* your place to install anything without user knowledge and consent. Completely unacceptable.


----------



## ZhangirDuyseke (Oct 24, 2018)

R-T-B said:


> lol what do they copy exactly, praytell?  And why is ASUS not filing patents if what you say is true?
> 
> Please quit trolling.  A lot of board manufacturers are good.  They all offer different features.  Some even do good RMA service...


Yeah, good. Lol. Take a look at MSI godlike board which has 4 PCIe 16 lanes on chipset with





lexluthermiester said:


> This is seriously shady. No thank you ASUS. It's *not* your place to install anything without user knowledge and consent. Completely unacceptable.


Another paranoid. What are you all?! Techpowerup users are so fucking suspicious because 
they are cybercriminals and terrorists or what?soQUOTE="lexluthermiester, post: 3928479, member: 134537"]This is seriously shady. No thank you ASUS. It's *not* your place to install anything without user knowledge and consent. Completely unacceptable.[/QUOTE]


----------



## R-T-B (Oct 24, 2018)

ZhangirDuyseke said:


> Another paranoid. What are you all?! Techpowerup users are so fucking suspicious because
> they are cybercriminals and terrorists or what?



We value privacy.  We are not cybercriminals or terrorists.  You however are being quite the troll.  Post reported.

It should be noted that legally speaking, this software install method is probably illegal in the EU.


----------



## lexluthermiester (Oct 24, 2018)

R-T-B said:


> It should be noted that legally speaking, this software install method is probably illegal in the EU.


Likely is.


----------



## xkm1948 (Oct 24, 2018)

lexluthermiester said:


> Likely is.



A lot of things are illegal in EU



Spoiler



So EU can fine you on those things, quick cash!


----------



## Dave65 (Oct 24, 2018)

ZhangirDuyseke said:


> ASUS is a leading manufacturer who makes the best motherboards, period. MSI and Gigabyte copy ASUS boards features. Good luck using second-rate hardware, hater.


Try again, Asus is second rate, they have the worst customer service... Try harder next time!


----------



## hat (Oct 24, 2018)

Hmm... I might be okay with this if it were set up in such a way where you had to explicitly select a specific option in the UEFI, such as "Reboot & Install Drivers", with further options to install drivers only, or install drivers and additional crap, like that ASUS Armoury Crate. I originally thought of shipping flash drives like they used to (in place of driver CDs), but if the tech is already there in a way where it can be done not only more conveniently, but also with less waste (there won't be many thousands of flash drives produced for this purpose... how many driver CDs exist in landfills now?), why not? However, I maintain that automatically installing garbage without the user's consent, or even knowledge, is bad. Aside from that point, how is it even convenient to install it automatically? Who on Earth is capable of reinstalling Windows, or worse yet, building a computer and installing Windows for the first time, yet is incapable of finding the install drivers option in UEFI?

That said, I could see this also being used as an attack vector. Imagine a new generation of malware that attacks this memory chip on the board. By installing itself to this memory chip, it would persist even through total reformat/reinstallation of the OS. Sounds a lot like that case our own @R-T-B was working on not too long ago... only instead of a weird one-off case, it could become common if features like this become common. What's to stop that from happening? No antivirus is 100% perfect, and the users of the computers with these features damn sure aren't, either. I wonder what this free cat screensaver is in my email? That's another reason why having to explicitly select an option in the UEFI to install would be a good thing... unless the malware could force install itself, anyways. Malware doesn't always play by the rules.

As for privacy? While I value privacy as much as the next guy on TPU, I don't think privacy is really a concern here. Sure, the potential for throwing user data at ASUS through the ASUS Armoury Crate app exists (I've never used the software, so don't shoot me if there's no telemetry there), but I think the bigger concern here is the fact that many PC enthusiasts, like, the people most likely to buy ASUS motherboards, usually don't want tons of bloatware apps running with their computer... so now PC enthusiasts who like ASUS now have to deal with this self installing ASUS Armoury Crate. As for me, I don't even like the fact that I have MSI Afterburner running at startup, but I have to live with it because I can't edit and flash my own GPU BIOS anymore like I used to in the old days (I'd find out what clocks my card was happy at, edit those into the BIOS along with a modified fan curve/min speed, flash, then uninstall whatever OC tool I used), so I'd likely be blocking this app as well. Why have unnecessary crap running? If privacy was that big of a concern, better just turn off the Internet. Every hardware and software device, even on your own network, be it your modem, router, operating system (Windows 10 says hello) or even the network driver carries the possibility of having backdoors/throwing your data somewhere/etc... and that's not even starting with what's _outside_ your network. So yeah... I build my own computer for many reasons, but one of those reasons is because I don't want my computer coming with 50 free trials, which I didn't ask for, starting up with my computer. This move from ASUS doesn't fall in line with that too well.


----------



## ensabrenoir (Oct 24, 2018)

....near as i can tell...privacy died in the 70's.  All we have left  now is varying   levels  of self delusion in which we find some comfort.  carbon nano tube hats for everyone.......


----------



## kn00tcn (Oct 24, 2018)

doesnt seem so hidden if the option is in one of the top level menus, do people not take a quick skim of their bios settings? you have to in the first place to enable XMP or set boot order

connecting to the internet is unnaceptable before windows updates, not to mention malware installing itself into that uefi area

now what happens if you use some open wifi? how do you know it's downloading from asus? how did asus set it up (http/https/ftp/is it same as website support page)? what if they make a coding mistake or there's an incompatibility if your windows source install is too old or too new? but no, the disgusting troll in the thread bullying 'TPU users' as he said so by name is either retarded or has a disinformation agenda

now what's this nonsense about not being allowed to talk about priv issues, obviously it concerns the net, obviously it will be discussed on the net, why does everything need to be perfectly absolute all or nothing, what a crap excuse to be lazy... other social issues continue to have discussions & regulations changing over time, where is this 'dead' submissive talk for driving or alcohol or entertainment censorship or abortion or anything else


----------



## 95Viper (Oct 24, 2018)

Enough of the insults and retaliatory comments.
Keep it on topic.

Thank You.


----------



## ty_ger (Oct 24, 2018)

ZhangirDuyseke said:


> ASUS is a leading manufacturer who makes the best motherboards, period. MSI and Gigabyte copy ASUS boards features. Good luck using second-rate hardware, hater.


Interesting. Doesn't GIGABYTE manufacture ASUS's motherboards?  Yes.


----------



## R-T-B (Oct 24, 2018)

ensabrenoir said:


> ....near as i can tell...privacy died in the 70's.  All we have left  now is varying   levels  of self delusion in which we find some comfort.  carbon nano tube hats for everyone.......



This isn't even a privacy issue really, so unsure why people keep going there...

Regardless, privacy is still managable to a limited extent if you know how.



ty_ger said:


> Interesting. Doesn't GIGABYTE manufacture ASUS's motherboards?  Yes.



No?


----------



## ensabrenoir (Oct 24, 2018)

R-T-B said:


> This isn't even a privacy issue really, so unsure why people keep going there...
> 
> Regardless, privacy is still managable to a limited extent if you know how.


.

The potential  for it to be exploited  could present a risk of exposing one's personal data and online habits. Especially to those who aren't  too familiar or just starting out with computers.


----------



## R-T-B (Oct 24, 2018)

ensabrenoir said:


> .
> 
> The potential  for it to be exploited  could present a risk of exposing one's personal data and online habits.



Yes, but that is certainly not the core issue.  The core issue is persistent unrequested software installation.


----------



## lexluthermiester (Oct 24, 2018)

R-T-B said:


> persistent unrequested software installation.


Persistent, unrequested and unwanted software installation. It's very similar to the unwanted(and unremovable unless you root) bloatware that comes on phones.


----------



## R-T-B (Oct 24, 2018)

lexluthermiester said:


> Persistent, unrequested and unwanted software installation. It's very similar to the unwanted(and unremovable unless you root) bloatware that comes on phones.



Even if it was wanted...  choice should come first.  We don't want to become like the cell phone market, exactly.


----------



## lexluthermiester (Oct 24, 2018)

R-T-B said:


> Even if it was wanted... choice should come first.


Very much agreed. No manufacturer has the right to install anything without user knowledge.


----------



## ty_ger (Oct 25, 2018)

R-T-B said:


> No?



Look it up.  ASUS entered a partnership with GIGABYTE for GIGABYTE to manufacture ASUS motherboards.  GIGABYTE is one of the few companies which actually manufactures motherboards.  The majority of the rest contract to companies like Foxconn.


----------



## R-T-B (Oct 25, 2018)

ty_ger said:


> Look it up.  ASUS entered a partnership with GIGABYTE for GIGABYTE to manufacture ASUS motherboards.  GIGABYTE is one of the few companies which actually manufactures motherboards.  The majority of the rest contract to companies like Foxconn.



Didn't know, will have to google when I get home.

EDIT:  From what I read, it sounds more like ASUS is manufacturing GIGABYTE boards.  ASUS is also an OEM BTW (Used to be much bigger when they owned Pegatron).


----------



## holyprof (Oct 25, 2018)

ty_ger said:


> Interesting. Doesn't GIGABYTE manufacture ASUS's motherboards?  Yes.


As much as I dislike the new, post year 2002 ASUS, it's one of the biggest PC parts manufacturer and even split into 2 different ones (Asus and AsRock) https://en.wikipedia.org/wiki/ASRock#History
So yes, they make their motherboards and even made (and probably still do) laptop motherboards for different brands. My old toshiba laptop (from 2006) had an Asus motherboard in it.


----------



## Turmania (Oct 25, 2018)

They should give users the choice to enable or disable it. If not fine them.


----------



## hat (Oct 27, 2018)

Turmania said:


> They should give users the choice to enable or disable it. If not fine them.


That's what I was saying. There's an option for it, but it's enabled by default, and it automatically pushes the files when enabled. I think it should be a one-time option when exiting setup... "Reboot & Install" with further options to install everything (ASUS Armoury Crate) or just drivers.


----------



## lexluthermiester (Oct 27, 2018)

hat said:


> There's an option for it, but it's enabled by default, and it automatically pushes the files when enabled.


Still, this kind of thing is very unsettling and has huge potential for abuse. Very much against it. Yet another thing to check against when shopping for hardware. ASUS and Gigabyte are now off my lists.


----------



## Tsukiyomi91 (Oct 28, 2018)

Wow... seems OEMs are getting desperate to "simplify end user's hassle" by using this kind of method, eh? This is a big finding. And I thought that bloatware is bad enough... OEMs are even putting an automated process that installs those crap without network & user's consent.


----------



## GC_PaNzerFIN (Oct 28, 2018)

Can't afford to put that <1GB USB stick with network drivers on the box with that 300-500 bucks motherboard. Nope.
They rather install crap on your PC from UEFI without asking for it. 

I stopped buying and recommending Gigabyte boards when they started not giving a flying duck about their BIOSes and solely relied on high-end Asus boards, but oh boy are they making it harder to recommend every day over this kind of BS things.


----------



## micropage7 (Oct 28, 2018)

Octopuss said:


> Looks like I won't be buying Asus motherboards if this is common practice then. Out of general principle. I am not paranoid or anything, but I absolutely despise shit being installed without my consent or even knowledge.


agree, at least give some notification or option which one that user want to install


----------



## Tsukiyomi91 (Oct 29, 2018)

Guess every system builder is gonna go to the UEFI & disable such features if they want a clean install of Windows & not getting those "intrusive" greetings that OEM vendors have been putting in.


----------



## Viking73 (Nov 2, 2018)

I'm aghast that Windows provides this driver 'auto-load' feature for any motherboard that exposes a 'WPBT' in its UEFI. Asus is just leveraging a UEFI and Windows feature:



> The ASUS UEFI firmware exposes an ACPI table to Windows 10, called "WPBT" or "Windows Platform Binary Table". WPBT is used in the pre-built OEM industry, and is referred to as "the Vendor's Rootkit." Put simply, it is a script that makes Windows copy data from the BIOS to the System32 folder on the machine and execute it during Windows startup - every single time the system is booted.



I don't think this feature should be automatically enabled in *retail* versions of Windows. If the UEFI has drivers to install then Windows should ask for your permission *first. *Unfortunately, its probably necessary to enable it in OEM windows to meet the goals of the pre-built OEM PC industry.

Yet another reason to use Linux...


----------



## hat (Nov 5, 2018)

GC_PaNzerFIN said:


> Can't afford to put that <1GB USB stick with network drivers on the box with that 300-500 bucks motherboard. Nope.
> They rather install crap on your PC from UEFI without asking for it.
> 
> I stopped buying and recommending Gigabyte boards when they started not giving a flying duck about their BIOSes and solely relied on high-end Asus boards, but oh boy are they making it harder to recommend every day over this kind of BS things.


Why, though, when you can just load from UEFI which already exists and is large enough to accommodate? Including an unnecessary USB stick would be wasteful on many levels. How many old driver CDs do you think have been dumped in the garbage all over the world? It's a good idea, but implemented all wrong. You should have to explicitly tell the UEFI to do this.


----------



## lexluthermiester (Nov 5, 2018)

hat said:


> You should have to explicitly tell the UEFI to do this.


While this is a good point, it's still a bad idea that has the potential for serious abuse!


----------



## hat (Nov 5, 2018)

As do all things... but it could be neat if done right.


----------



## lexluthermiester (Nov 5, 2018)

hat said:


> but it could be neat if done right.


Technologically, heck yes that is a very cool idea.


----------



## Hockster (Nov 28, 2018)

My Crosshair VII Hero has the same thing with a fresh install.


----------



## Manoa (Feb 4, 2019)

this is like the management engine, which exists since core 2 and it is a much bigger threat than this.
this you at least know about and have control to disable in BIOS or delete the files, with ME you got no control at all.


----------



## bb1000 (Apr 30, 2019)

When was virus made. It had already happened 

https://www.marketwatch.com/story/a...auto-update-virus-researchers-warn-2019-03-25


----------



## R-T-B (Apr 30, 2019)

Manoa said:


> this is like the management engine, which exists since core 2 and it is a much bigger threat than this.
> this you at least know about and have control to disable in BIOS or delete the files, with ME you got no control at all.



Believe me, I'm well aware.  The Intel ME needs to die as does all "security subsystems" not under direct user control (Yes, AMD has one too).


----------



## lexluthermiester (May 2, 2019)

R-T-B said:


> Believe me, I'm well aware.  The Intel ME needs to die as does all "security subsystems" not under direct user control (Yes, AMD has one too).


This! Yes! A Thousand times yes!


----------



## John Naylor (May 2, 2019)

1.  I always install windows when not connected to the network so I can prevent Windows from doing this.

2.  There should be a warning sticker on the manual cover

3.  Don't see why everyone doesn't do it the Autodesk way  .... when you get a system crash, there's a pop up that says to the effect ... "The program has crashed.   You file with all progress up to the moment of crash can be recovered by restarting the program and using the "Drawing Recovery Manager".  If you'd like to send us information on what caused the crash, hit yes."



ty_ger said:


> Interesting. Doesn't GIGABYTE manufacture ASUS's motherboards?  Yes.



Not to my knowledge ... Pegatron owns several divisions that used to belong to Asus and still performs services designs and builds products for Asus:

Pagatron aquired AsRock in 2010 shortly before it was spun off from Asus.

Pegatron acquired Unihan Corporation from Asus in January 2008. Since then, the Unihan Corporation has been a subsidiary of Pegatron Corporation that designs and manufactures computers, peripherals,  and audio-video products .

Asus Laptops are made by Pegatron

PEGA Design and Engineering is Pegatron's design team that used to be the Asus design team. The PEGA D&E helps Pegatron's clients (including Asus) do product development, market research, conceptualization, product design, materials study and production.

For a time, Pegatron was handling Asus' Tech Support and RMA processes .... I believe this stopped around 2015 as emails on Asus TS inquiries that I get no longer come from Pegatron.com

PEGA CASA design team (again formerly the Asus design team)  does design for notebooks, smartphone,  e-books, network communication equipment, displays, projectors, cleaning robots, home appliances , fashion and vehicle accessories), building interior design and building materials, multimedia ads and marketing and spo on.



R-T-B said:


> This isn't even a privacy issue really, so unsure why people keep going there...
> 
> Regardless, privacy is still managable to a limited extent if you know how.
> 
> No?



I understand the concern.... If my neighbor asks to borrow my lawnmower, I'll say grab it , its in the garage  and he does... I'm fine with that.  If he takes it without my knowledge or consent, then Im pissed.

Asus used to do this very well ... along with many other things.  Not so much anymore.   Provide a DVD or USB stick which instals a set up utility ONLY.   Uon installation, it opens a small window (1  of  4) ... the 1st thing in that window should be an option to a)  Install PDF Reader and b) "Open Manual".  The 2nd window should be a drop down listing all drivers with checkboxes so you can install what ya want.  Clicking on each driver should open a description of the driver, what it does and potential issues.  The 3rd window should be all utilities w/ same features as above.  The 4th window should have TS info.

Opening the setup utility at any time should present that same page 2 / 3 where the same check boxes are present  listing each driver with 2 columns of checkboxes

A) Installed .... driver version listed for each installed driver
B)  Upgrade Available  ... list new driver version

With a  check in the box, it's installed when ya hit "Install / Uninstall All Items" button... unchecked boxes get uninstalled.


----------



## znd125 (Sep 22, 2019)

Great article. Just built a system with ASUS X570 board and surprised with the Armoury Crate pop-up. Now I know how it is implemented.
Notwithstanding the privacy and security concerns, I welcome such software. I do think motherboard manufacturers need to provide a built-in software for automatically managing driver and firmware updates (which can be a security feature too), like what the big system integrator offer.


----------

