*** Official Ubiquiti Discussion Thread ***

Mark M said:
Ive got an odd issue with the wifi in my office and hoping someone can give me some pointers. The office is similar to a 2 story terrace house with a concrete floor on the first floor so I tried one AP-LR upstairs which didnt seem to get through the concrete floor particularly well so I added another AP-LR down stairs and get great coverage throughout. On the unifi controller my network is 96% good however 2 devices keep dropping out despite having full wifi signal, both are MS Surface laptops but may just be a conincidence as I dont have anything else to try it with. One Macbook connects no problem and appears to stay connected (although is going to get smashed over the users head if he says "should have bought a Mac" one more time :mad:).

Is there anything that I can check or change? Could the 2 AP's be conflicting with each other perhaps as its probably not big enough for 2 but I have the issue with the floor. Any pointers greatly appreciated.
Click to expand...
What channels are both access points on?

What's the channel utilisation in the area like?

Lower the power on both access points.
 
Have you seen the reports that 4.0.66 is collecting information and phoning it home to Ubiquiti? There is supposedly no opt- out although if you choose to send it to a black hole nothing happens to your controller.
 
No, that's news to me. Got any links to hand?

I had a quick scan through the controller (I'm running 5.11.52) and can't see anywhere it can be controlled. I'll pull the config off an AP and switch to see if there's anything of interest in there.

Edit - A useful video here. Apparently they're phoning home to trace.svc.ui.com but checking both my Pi-Hole instances I don't see any queries for the A or AAAA record.
 
Last edited:
Hmm. I don't like that. I have no problem with Ubnt having this sort of thing but it should be opt in rather than opt out and there's no way they should silenty enable or or enable it prior to the opt out being possible.

There's a post in that thread where someone says they're not seeing any hits to trace.svc.ui.com but are seeing a hit every 5 minutes to ping.ui.com - this is the same as I'm seeing. They got 4.0.66 as a beta (or was it RC? I forget) which is the same as I did.

For now I'll blackhole ping.ui.com and when I have some time I'll dig out Wireshark and see what those packets are.
 
It was only a matter of time before they shot themselves in the foot. As above, if it was opt-in, the community as a whole generally has enough love to enable it but just silently rolling it in the background is a really underhand move.

Won't be upgrading any firmware until I have a chance to read more on this and even then it'd better be a good reason. Been after an excuse to put new hardware in and this may be it.
 
As layer 2 devices APs and the like should be blocked from WAN access anyway. Has anyone here flashed their Unifi UAP AC* with OpenWRT/lede? I didn't even know it was possible until tonight, but their page has instructions and confirmation it works. Switching from Ubiquiti's closed source controller malarkey and having the device have a stand-alone (FOSS) interface while maintaining the full AC + roaming capability would be fantastic (and kill two birds with one stone in light of the latest backdoor sneakiness).
 
Rainmaker said:
As layer 2 devices APs and the like should be blocked from WAN access anyway. Has anyone here flashed their Unifi UAP AC* with OpenWRT/lede? I didn't even know it was possible until tonight, but their page has instructions and confirmation it works. Switching from Ubiquiti's closed source controller malarkey and having the device have a stand-alone (FOSS) interface while maintaining the full AC + roaming capability would be fantastic (and kill two birds with one stone in light of the latest backdoor sneakiness).
Click to expand...

That's boring though and doesn't involve any shiny new hardware lol
 
Interesting... We know that Ubiquiti is harvesting data. We know that if the AP is blocked from accessing the Internet then - if the user also has a USG - that will even bypass its own firewall rules to deliver home the telemetry (very naughty). Since I blocked ping.ui.com and trace.svc.ui.com and made my AP unable to access the WAN, I found something new...

My DNS logs show a clear change over from the AP accessing the aforementioned two domains (when it was blocked), and the controller on my NAS (Docker) taking over and accessing unifi-report.ubnt.com on the hour, every hour, ever since. Not. Cool. :mad: Not only is the entire thing dubious under GDPR, but despite Ubiquiti's assurances on their forum about there being 'no penalty' for blocking the telemetry at DNS/network level, clearly they simply move the goal posts and swap between other UI devices on the network (and multiple domains) to keep on collecting user data.
 
The only issue I have with it, is they won’t say what they’re collecting. And it’s end-to-end encrypted, so good luck trying to analyse it thoroughly.
 
UDM is on general release now in the US, out of early access. Maintained it’s $299 price.

Wonder how long until it’s available here.

edit: actually it’s on the EU store too, hopefully OCUK can get them soon?
 
Last edited:
Does anyone know if a UDM-EU is likely to be the correct unit for the UK? I'm not sure how much their devices usually differ at all globally. I can deal with getting an EU plug or something. I'm assuming radios etc are the same EU wide.
 
uchuff said:
Does anyone know if a UDM-EU is likely to be the correct unit for the UK? I'm not sure how much their devices usually differ at all globally. I can deal with getting an EU plug or something. I'm assuming radios etc are the same EU wide.
Click to expand...

Yes, you set the radio in initial setup when you choose the country code.
 
You must log in or register to reply here.
Back
Top Bottom