I currently have 1.2.59 installed in my devices. How do I go back to 1.2.52? It would be awesome if the app would let you go backwards. We get the update option anytime we download new firmware. I am using a plugin for ATAK, and I need the older firmware to make it work.
Thankyou.
You can download the firmware directly from GitHub:
… or if you’re in Meshtastic Flasher, click on “Get Versions” and then click on the drop down link on the version selector on the left.
Unfortunately, this only goes back a few versions. Right now for example when I’m trying to go back to 2.4 to escape the new nightmarish admin channel implementation, I cannot.
The new admin channel is a huge security improvement and works great, I would revisit your config and make sure you deleted your old admin channel and disabled legacy admin.
There is nothing in the docs about deleting the admin channel to make the new system work. The admin channel is also still required to control legacy devices so deleting it would be a huge pita. Having tested it extensively now with 4 different devices and finding it a total failure I’m flashing them all back to 2.4 until it’s fixed.
You can’t really do both, the new admin channel is the more secure option and is what you should use.
Wow.
OP: “New Coke really tastes like shit. Where can I get some Coke Classic?”
Coca-Cola: “Classic sux, just drink New Coke.”
OP: “But it tastes like sweaty ass. I just want my old Coke.”
Coca-Cola: “You will drink New Coke and like it.”
Yeah I’ll just hire a cherry picker and get up those trees and towers to update firmware, eh?
No. This is remote administration. The whole idea is that it allows remote admin of devices I can’t access. Making it only partially backward-compatible is a UX-FU and forgets the whole point of remote admin.
So I pulled the zip file from the github and flashed all my local devices back to 2.4. Now to work out how to stop the android app from Seppuku preventing me using them.
Security holes need to be closed, the old admin channel is not secure and should not be used
Use inexpensive airgapped Android tablets as your EUDs, and don’t connect them to the internet except behind a good firewall with a device specific whitelist, or something will eventually get upgefukt.
Holes need to be plugged, but breaking compatibility with everything out there without clear warnings… well.
The insecure implementation of AES is a far more urgent issue, for one thing. also, I see there’s some code in the later updates that addresses burning a device identifier into a node permanently using efuse, and that’s something users should be made aware of. I think a large segment of the potential user base are concerned with privacy and anonymity, and permanent alteration of an unsuspecting user’s hardware in a way that could easily be exploited to track individual devices is concerning, to say the least.
Much better that device sit up there on the tower with no remote access at all, so I can’t even shut it down, indefinitely “insecure”, than have backward compatibility. That’s pure genius. And there is no remote ota fw update so … UXFU to me.
I’ll install it on an old phone and airgap it now. Good idea thanks.