I'm reaching the conclusion that it can't be stopped other than no internet connection 24/7.
Sure blocking internet access overnight stops overnight updates but once that block is off the an update check does happen.
Blocking individual source ports doesn't looking viable as they seem random - obviously not but allocated on the fly. And destination ports cannot be blocked as only 3 seem to be used 80,443 & 5222. Everything on the box uses 80 & 443. Port 5222 is used for checking for recording requests sent from a mobile app.
Blocking individual destination IP addresses , again, doesn't look viable as I blocked all those used by an update check but next time different addresses where used. Blocking IP ranges might work but my Asus router can't do that.
Maybe a managed switch or firewall that can block IP ranges might work but that could be expensive & might not work anyway.
I'm reaching the conclusion that it can't be stopped other than no internet connection 24/7.
Sure blocking internet access overnight stops overnight updates but once that block is off the an update check does happen.
Blocking individual source ports doesn't looking viable as they seem random - obviously not but allocated on the fly. And destination ports cannot be blocked as only 3 seem to be used 80,443 & 5222. Everything on the box uses 80 & 443. Port 5222 is used for checking for recording requests sent from a mobile app.
Blocking individual destination IP addresses , again, doesn't look viable as I blocked all those used by an update check but next time different addresses where used. Blocking IP ranges might work but my Asus router can't do that.
Maybe a managed switch or firewall that can block IP ranges might work but that could be expensive & might not work anyway.
Tim if you read through this thread carefully you'll that Stephen (who works for YouView) has said:
The overnight one is the only one that automatically applies found updates.
So it is possible to stop the box updating if you ensure it's offline overnight.
There are two simple hardware solutions see above. (I'm opting for a timer switch on one of my powerline adaptors.)
I'm reaching the conclusion that it can't be stopped other than no internet connection 24/7.
Sure blocking internet access overnight stops overnight updates but once that block is off the an update check does happen.
Blocking individual source ports doesn't looking viable as they seem random - obviously not but allocated on the fly. And destination ports cannot be blocked as only 3 seem to be used 80,443 & 5222. Everything on the box uses 80 & 443. Port 5222 is used for checking for recording requests sent from a mobile app.
Blocking individual destination IP addresses , again, doesn't look viable as I blocked all those used by an update check but next time different addresses where used. Blocking IP ranges might work but my Asus router can't do that.
Maybe a managed switch or firewall that can block IP ranges might work but that could be expensive & might not work anyway.
And if you then take care to refuse the update when it is offered at switch on, every seven days after that.
‘Have nothing in your houses that you do not know to be useful, or believe to be beautiful’ Wm Morris
I'm reaching the conclusion that it can't be stopped other than no internet connection 24/7.
Sure blocking internet access overnight stops overnight updates but once that block is off the an update check does happen.
Blocking individual source ports doesn't looking viable as they seem random - obviously not but allocated on the fly. And destination ports cannot be blocked as only 3 seem to be used 80,443 & 5222. Everything on the box uses 80 & 443. Port 5222 is used for checking for recording requests sent from a mobile app.
Blocking individual destination IP addresses , again, doesn't look viable as I blocked all those used by an update check but next time different addresses where used. Blocking IP ranges might work but my Asus router can't do that.
Maybe a managed switch or firewall that can block IP ranges might work but that could be expensive & might not work anyway.
Mine was blocked last night from internet access but this morning it had done an update check once internet access was allowed. Maybe it keeps trying until it gets access?
I'm reaching the conclusion that it can't be stopped other than no internet connection 24/7.
Sure blocking internet access overnight stops overnight updates but once that block is off the an update check does happen.
Blocking individual source ports doesn't looking viable as they seem random - obviously not but allocated on the fly. And destination ports cannot be blocked as only 3 seem to be used 80,443 & 5222. Everything on the box uses 80 & 443. Port 5222 is used for checking for recording requests sent from a mobile app.
Blocking individual destination IP addresses , again, doesn't look viable as I blocked all those used by an update check but next time different addresses where used. Blocking IP ranges might work but my Asus router can't do that.
Maybe a managed switch or firewall that can block IP ranges might work but that could be expensive & might not work anyway.
That's not what Stephen said. And he's a very dependable authority on these technical issues. I suggest you read his earlier comments again.
I'm reaching the conclusion that it can't be stopped other than no internet connection 24/7.
Sure blocking internet access overnight stops overnight updates but once that block is off the an update check does happen.
Blocking individual source ports doesn't looking viable as they seem random - obviously not but allocated on the fly. And destination ports cannot be blocked as only 3 seem to be used 80,443 & 5222. Everything on the box uses 80 & 443. Port 5222 is used for checking for recording requests sent from a mobile app.
Blocking individual destination IP addresses , again, doesn't look viable as I blocked all those used by an update check but next time different addresses where used. Blocking IP ranges might work but my Asus router can't do that.
Maybe a managed switch or firewall that can block IP ranges might work but that could be expensive & might not work anyway.
n.b. if you're scuppering checks, depending on how you do it, you may find the "last checked" date in settings gets updated regardless.
I'm reaching the conclusion that it can't be stopped other than no internet connection 24/7.
Sure blocking internet access overnight stops overnight updates but once that block is off the an update check does happen.
Blocking individual source ports doesn't looking viable as they seem random - obviously not but allocated on the fly. And destination ports cannot be blocked as only 3 seem to be used 80,443 & 5222. Everything on the box uses 80 & 443. Port 5222 is used for checking for recording requests sent from a mobile app.
Blocking individual destination IP addresses , again, doesn't look viable as I blocked all those used by an update check but next time different addresses where used. Blocking IP ranges might work but my Asus router can't do that.
Maybe a managed switch or firewall that can block IP ranges might work but that could be expensive & might not work anyway.
That certainly seems to be the case. I checked one of my boxes this morning whilst the block was still on & indeed it did say the last check was today.
That gives me a bit more confidence that I can prevent an update until I'm happy to do it.
Next-Gen automatic updating now thwarted (I hope)...
Hi Yasha.
That's a good thought. Unfortunately I don't have any easy way of doing a speed measurement (no laptop). The box at the far end of the PLAs is our secondary one, so it has no IP channels that I can watch to see if there's been any adverse effect. However iPlayer looks absolutely fine.
All the lights on the PLAs are green - which is encouraging.
Having said all that I wouldn't expect there to be a problem. It's a purely mechanical switch and all the contacts (including its three pin plug and socket) should be shiny and new. I'm hoping that by the time any corrosion has set in Next-Gen will have had the missing features restored and the MyTV problems resolved ;-) I shall then happily allow the update to take place.
How about configuring the router to block the youview box between those hours?
Sorry to hear that. This kind of confirms that the hardware approach is probably the most reliable - a mains timer controlling a powerline adaptor or controlling a network switch (see below).
I have taken a number of steps to attempt to avoid the updates:
I have assigned a fixed IP to the box via my router. I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls. I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates) I have blocked http://www.humaxtvweb.cloudapp.net I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
I have taken a number of steps to attempt to avoid the updates:
I have assigned a fixed IP to the box via my router. I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls. I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates) I have blocked http://www.humaxtvweb.cloudapp.net I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
I don't know which of these addresses are needed for the day to day running of the box, blocking them may result in the box not performing correctly.
You're making the assumption that the overnight update is done in the same way as a manual update. This is very probably correct, but it might not be - in which case you'll be screwed. I remain convinced that the best chance of success is to choose one of the hardware methods. :-)
I have taken a number of steps to attempt to avoid the updates:
I have assigned a fixed IP to the box via my router. I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls. I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates) I have blocked http://www.humaxtvweb.cloudapp.net I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
I don't know which of these addresses are needed for the day to day running of the box, blocking them may result in the box not performing correctly.
The parental controls on the router will have the same outcome as a hardware timer on a powerline adapter. And is a much better option than a hardware timer on the power socket of the DVR.
I have taken a number of steps to attempt to avoid the updates:
I have assigned a fixed IP to the box via my router. I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls. I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates) I have blocked http://www.humaxtvweb.cloudapp.net I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
I have taken a number of steps to attempt to avoid the updates:
I have assigned a fixed IP to the box via my router. I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls. I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates) I have blocked http://www.humaxtvweb.cloudapp.net I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
I have taken a number of steps to attempt to avoid the updates:
I have assigned a fixed IP to the box via my router. I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls. I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates) I have blocked http://www.humaxtvweb.cloudapp.net I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
I don't know which of these addresses are needed for the day to day running of the box, blocking them may result in the box not performing correctly.
I started off by analysing what the box was looking for when a manual update was performed and then blocked the hosts that it connected to. It was only after reading this thread that I thought about using the parental controls to block the box completely from the internet during automatic updating hours.
I will continue blocking the hosts that I identified to hopefully prevent any accidental updates during the day or on start up.
I'm using an ASUS AC68U with Merlin's firmware. I think most routers nowadays have similar parental control functionality.
I have taken a number of steps to attempt to avoid the updates:
I have assigned a fixed IP to the box via my router. I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls. I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates) I have blocked http://www.humaxtvweb.cloudapp.net I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
I don't know which of these addresses are needed for the day to day running of the box, blocking them may result in the box not performing correctly.
I think the conclusion that we reached with this thread was that if you block the internet connection overnight you're safe from an update being applied without your consent. As Stephen explained earlier other updates are only applied if you consent to them. I've had a quick look at my TalkTalk router and couldn't find any parental controls. It would be interesting to know if the current BT router has them.
I have taken a number of steps to attempt to avoid the updates:
I have assigned a fixed IP to the box via my router. I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls. I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates) I have blocked http://www.humaxtvweb.cloudapp.net I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
I have taken a number of steps to attempt to avoid the updates:
I have assigned a fixed IP to the box via my router. I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls. I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates) I have blocked http://www.humaxtvweb.cloudapp.net I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
I have taken a number of steps to attempt to avoid the updates:
I have assigned a fixed IP to the box via my router. I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls. I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates) I have blocked http://www.humaxtvweb.cloudapp.net I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
As an experiment, I've tried whipping out the hard drive and cloning it to a spare drive I had lying around, so I've got an emergency backup. The cloned drive runs perfectly, and the box even noticed it was bigger and increased my recording capacity by 50%, which I wasn't expecting! I used Acronis True Image, but there are plenty of good freebies out there - just make sure the one you choose can make an exact clone of the entire drive, including weird formats and partitions, most of them will. As long as there are no changes made to the bootloader during the update, then swapping them back should revert the system in case of an accidental upgrade. The downside would be that any recordings made after this time would be lost, but you can't have everything. It would be interesting to find someone with a T 1000 nearby, preferably with the update, to try it out on. If it will swap, and work on an updated box, then there's the possibility of a way back to normality for those who want it!
As an experiment, I've tried whipping out the hard drive and cloning it to a spare drive I had lying around, so I've got an emergency backup. The cloned drive runs perfectly, and the box even noticed it was bigger and increased my recording capacity by 50%, which I wasn't expecting! I used Acronis True Image, but there are plenty of good freebies out there - just make sure the one you choose can make an exact clone of the entire drive, including weird formats and partitions, most of them will. As long as there are no changes made to the bootloader during the update, then swapping them back should revert the system in case of an accidental upgrade. The downside would be that any recordings made after this time would be lost, but you can't have everything. It would be interesting to find someone with a T 1000 nearby, preferably with the update, to try it out on. If it will swap, and work on an updated box, then there's the possibility of a way back to normality for those who want it!
I'm amazed that everything is stored on the hard disk. I had assumed the operating system was in firmware. No wonder it's so slow.
As an experiment, I've tried whipping out the hard drive and cloning it to a spare drive I had lying around, so I've got an emergency backup. The cloned drive runs perfectly, and the box even noticed it was bigger and increased my recording capacity by 50%, which I wasn't expecting! I used Acronis True Image, but there are plenty of good freebies out there - just make sure the one you choose can make an exact clone of the entire drive, including weird formats and partitions, most of them will. As long as there are no changes made to the bootloader during the update, then swapping them back should revert the system in case of an accidental upgrade. The downside would be that any recordings made after this time would be lost, but you can't have everything. It would be interesting to find someone with a T 1000 nearby, preferably with the update, to try it out on. If it will swap, and work on an updated box, then there's the possibility of a way back to normality for those who want it!
At it's lowest level it runs on embedded Linux, which in the Humax boxes is fixed - I'm not sure about other brands. I'm not entirely sure if the bootloader can be updated or not, but I suspect that's fixed as well, otherwise you would have to reboot the box after an update, and it's also the easiest way of entirely bricking a box. The rest of the software apparently sits in a partition on the drive.
As an experiment, I've tried whipping out the hard drive and cloning it to a spare drive I had lying around, so I've got an emergency backup. The cloned drive runs perfectly, and the box even noticed it was bigger and increased my recording capacity by 50%, which I wasn't expecting! I used Acronis True Image, but there are plenty of good freebies out there - just make sure the one you choose can make an exact clone of the entire drive, including weird formats and partitions, most of them will. As long as there are no changes made to the bootloader during the update, then swapping them back should revert the system in case of an accidental upgrade. The downside would be that any recordings made after this time would be lost, but you can't have everything. It would be interesting to find someone with a T 1000 nearby, preferably with the update, to try it out on. If it will swap, and work on an updated box, then there's the possibility of a way back to normality for those who want it!
I'm afraid it doesn't, only the recordings and various metadata are stored on the drive. The system software is flashed onto a NAND flash chip. So swapping the drives can allow you more room (I'd expect it to need to repartition it from scratch though) but doesn't give you an avenue to "back up" any system software.
As an experiment, I've tried whipping out the hard drive and cloning it to a spare drive I had lying around, so I've got an emergency backup. The cloned drive runs perfectly, and the box even noticed it was bigger and increased my recording capacity by 50%, which I wasn't expecting! I used Acronis True Image, but there are plenty of good freebies out there - just make sure the one you choose can make an exact clone of the entire drive, including weird formats and partitions, most of them will. As long as there are no changes made to the bootloader during the update, then swapping them back should revert the system in case of an accidental upgrade. The downside would be that any recordings made after this time would be lost, but you can't have everything. It would be interesting to find someone with a T 1000 nearby, preferably with the update, to try it out on. If it will swap, and work on an updated box, then there's the possibility of a way back to normality for those who want it!
That's a shame. I noticed there was a little locked partition on the drive, so I assumed it was on there. Is it downloaded to there before flashing? (Don't worry, I'm not hacking - just curious :~)
As an experiment, I've tried whipping out the hard drive and cloning it to a spare drive I had lying around, so I've got an emergency backup. The cloned drive runs perfectly, and the box even noticed it was bigger and increased my recording capacity by 50%, which I wasn't expecting! I used Acronis True Image, but there are plenty of good freebies out there - just make sure the one you choose can make an exact clone of the entire drive, including weird formats and partitions, most of them will. As long as there are no changes made to the bootloader during the update, then swapping them back should revert the system in case of an accidental upgrade. The downside would be that any recordings made after this time would be lost, but you can't have everything. It would be interesting to find someone with a T 1000 nearby, preferably with the update, to try it out on. If it will swap, and work on an updated box, then there's the possibility of a way back to normality for those who want it!
I'm not sure, the update process is up to each OEM, but the boot process cryptographically verifies each part before loading it, so meddling with it will get you a brick (well, into maintenance mode) very quickly
As an experiment, I've tried whipping out the hard drive and cloning it to a spare drive I had lying around, so I've got an emergency backup. The cloned drive runs perfectly, and the box even noticed it was bigger and increased my recording capacity by 50%, which I wasn't expecting! I used Acronis True Image, but there are plenty of good freebies out there - just make sure the one you choose can make an exact clone of the entire drive, including weird formats and partitions, most of them will. As long as there are no changes made to the bootloader during the update, then swapping them back should revert the system in case of an accidental upgrade. The downside would be that any recordings made after this time would be lost, but you can't have everything. It would be interesting to find someone with a T 1000 nearby, preferably with the update, to try it out on. If it will swap, and work on an updated box, then there's the possibility of a way back to normality for those who want it!
The reason I'm asking (and will probably be told off for going off-topic!) is that I restore and build copy's of old synthesisers - since 1990's synths started becoming both collectable and dead I seem to spend a lot of time burning eproms! The hardware synth world came to using NAND chips quite late, and I'm getting enquiries about fixing them, so, basically, I've got 2 weeks to find out what I'm doing before the first one comes in, and any mention of NAND chips and I'm all ears :~)
Comments
Sure blocking internet access overnight stops overnight updates but once that block is off the an update check does happen.
Blocking individual source ports doesn't looking viable as they seem random - obviously not but allocated on the fly. And destination ports cannot be blocked as only 3 seem to be used 80,443 & 5222. Everything on the box uses 80 & 443. Port 5222 is used for checking for recording requests sent from a mobile app.
Blocking individual destination IP addresses , again, doesn't look viable as I blocked all those used by an update check but next time different addresses where used. Blocking IP ranges might work but my Asus router can't do that.
Maybe a managed switch or firewall that can block IP ranges might work but that could be expensive & might not work anyway.
"I've been very impressed by all the IT based suggestions."
Which 99% of YouView users wouldn't know how to do. Like me.
There are two simple hardware solutions see above.
(I'm opting for a timer switch on one of my powerline adaptors.)
I suggest you read his earlier comments again.
That gives me a bit more confidence that I can prevent an update until I'm happy to do it.
That's a good thought. Unfortunately I don't have any easy way of doing a speed measurement (no laptop).
The box at the far end of the PLAs is our secondary one, so it has no IP channels that I can watch to see if there's been any adverse effect.
However iPlayer looks absolutely fine.
All the lights on the PLAs are green - which is encouraging.
Having said all that I wouldn't expect there to be a problem. It's a purely mechanical switch and all the contacts (including its three pin plug and socket) should be shiny and new.
I'm hoping that by the time any corrosion has set in Next-Gen will have had the missing features restored and the MyTV problems resolved ;-)
I shall then happily allow the update to take place.
I look forward to the plentiful updates now achievable.
This kind of confirms that the hardware approach is probably the most reliable - a mains timer controlling a powerline adaptor or controlling a network switch (see below).
I have assigned a fixed IP to the box via my router.
I have blocked the STB from accessing the internet from 00:00-06:00 via the parental controls.
I have blocked http://www.humaxtvportal.com (this is the address that the box contacts to check for updates)
I have blocked http://www.humaxtvweb.cloudapp.net
I have blocked updates-live.youview.tv
I have no idea if this will definitely work as I'm on a Plusnet DTR-T2120 and as far as I can tell the 'upgrade' hasn't rolled out yet.
All the addresses that the box contacts when a manual update is performed:
humaxtvweb.cloudapp.net
updates-live.youview.tv.edgesuite.net
config-live.youview.tv.edgesuite.net
ids-live.youview.tv.edgesuite.net
ispdiscovery-gss.vision.bt.com
reporting-live.youview.tv.edgesuite.net
redirects:
www.humaxtvportal.com
updates-live.youview.tv
config-live.youview.tv
ids-live.youview.tv
ispdiscovery.vision.bt.com
reporting-live.youview.tv
I don't know which of these addresses are needed for the day to day running of the box, blocking them may result in the box not performing correctly.
I remain convinced that the best chance of success is to choose one of the hardware methods.
:-)
Just curious - if the parental controls work OK, why are you blocking the other stuff?
Also what router are you using?
I will continue blocking the hosts that I identified to hopefully prevent any accidental updates during the day or on start up.
I'm using an ASUS AC68U with Merlin's firmware. I think most routers nowadays have similar parental control functionality.
I've had a quick look at my TalkTalk router and couldn't find any parental controls. It would be interesting to know if the current BT router has them.
From a quick search it looks like TalkTalk routers have hidden pages that can only be accessed by URL. This will all depend on which model you have.
Accesed via
http://192.168.1.1/html/advance.html#parent_control
The posts were:
https://community.talktalk.co.uk/t5/TV-tech-equipment/Talktalk-Huawei-HG633-router-Parental-Control/...
and
http://www.306oc.co.uk/forum/printthread.php?tid=32449
Edit: Ceg types faster! But I'l leave my post in thread.
A simple way to achieve the desired effect!
I used Acronis True Image, but there are plenty of good freebies out there - just make sure the one you choose can make an exact clone of the entire drive, including weird formats and partitions, most of them will.
As long as there are no changes made to the bootloader during the update, then swapping them back should revert the system in case of an accidental upgrade. The downside would be that any recordings made after this time would be lost, but you can't have everything. It would be interesting to find someone with a T 1000 nearby, preferably with the update, to try it out on. If it will swap, and work on an updated box, then there's the possibility of a way back to normality for those who want it!