In this case they would already have PCBs ready to go - feature-set is set in stone by PCB layout. Also USB chips that they can utilize were set in stone as PCB layout only designed for particular size and pinout of the chip. If that particular type of chip is nowhere to be found, you ether scrap production or produce without USB.
And then: What do you do with the thousands of mainboards already produced, do you throw them away???..
Maybe … or maybe not. Audience has 128MB of storage, with intalled ROS 7.8 and wifiwave2 it has 79.7MB free … upgrade needs to download around 27MB worth of packages. Which means 64MB partition is too small (I tried it somewhere around 7.3, it ran fine but couldn’t upgrade). With “RAM disk available evrywhere” the problem might be solvable, but IIRC default download location is still on “storage root” which on these devices is flash/nand storage.
Well, I think it be good to know if/where the generated password is persisted e.g. if provided to distributors/resellers and/or Mikrotik stores a copy etc… – if there in some database, even a strong algo wouldn’t matter.
But in terms of workflow, if an end-user opens webfig/winbox, the default/generated password is still flagged as expired, so a password change is STILL suggested like before. While someone could click cancel, the same is true for no password. In other words, the “change password dialog” remains on first login.
Waiting for audience refresh please! Hope there is one in works.
Isn’t the upgrade downloaded to memory? Of course, You can manually download it and write on the flash. But when the user clicks the “upgrade” button it’s downloaded to RAM, isn’t it?
So, it’s the best of both worlds: the device isn’t shipped blank, ready to be taken, AND it asks the user to use a new password. Looks quite good to me.
Only on 16 MB FLASH devices with more than 32 MB RAM (i.e. hEX Lite and iirc hEX as well, but not hAP Lite which has 32 MB RAM). All NAND devices download upgrades to root storage which is NAND.
You will notice which ones do when you have it, those devices have a flash/ directory which is permanent storage, whereas the root is a ramdisk that gets erased on reboots (updates are downloaded onto the ramdisk but somehow RouterOS knows how to perform upgrades from there.
Dunno about most recent versions, but back when I tried, Audience didn’t have RAM disk, so upgrade files were downloaded to flash storage. Which is roughly the same as manually storing them there. If running ROS consumes something like 48MB and upgrade npks are 27MB, this totals at 75MB which is (much) more than 64MB (partition size if 128MB flash is divided to two partitions).
When upgrade starts, those npks are unpacked to flash disk (part not accessible by users) replacing previously installed files so total flash consumption doesn’t change much. And location of npks (flash versus RAM) doesn’t matter.
As I wrote, I don’t know if it’s possible to place upgrade files anywhere else than in root of user-accessible file space. It doesn’t seem like that, I couldn’t figure out how to set location of upgrade files under /system/package/update.
RAM disk helps on devices with tiny flash and decent RAM (e.g. hAP ac2) where RAM disk is actually root of user-accessible file space and flash is mounted under /flash …
BTW, I thing that unpacking of upgrade files is done before rebooting, reboot is simply an act to load newly installed ROS. Most probably shutdown/reboot procedure checks for npk files and if any are found, it tries to install them. But I don’t know how exactly is the log about successfull or failed upgrade preserved over boot. I suspect it’s written to flash storage and read back into logs after ROS boots.
Will the USB port still function if we solder one to the board ourselves?
This new password system is a major problem for us (in the US) and may drive us from using MikroTik products for our end-user home users as now we can no longer quickly provision them out of the box. This needs to be corrected/fixed ASAP. This is not a feature, this is a disaster. If this continues we will move elsewhere for end-users products.
Complain to the California goverment: https://specopssoft.com/blog/california-default-password-law/. You can expect this type of change from all vendors.
Oh come on, the worldwide “USB port-shortage” hits us 
Mikrotik, oh Mikrotik,
Your CCR2004-16G-2S+ now ships without the USB port trick.
USB ports are scarce as they can be,
But that doesn’t stop you, still a king in the industry.
The world may be without enough USB ports,
But your router is still top-notch of sorts.
Without the port, it does even more,
And its performance is smoother than before.
So let’s celebrate, no USB port is just fine,
Mikrotik has shown us there’s another way to shine.
For router enthusiasts, it’s not a bad thing,
For the CCR2004-16G-2S+ remains the king of the networking ring!Poem by ChatGPT
Well California isn’t exact the poster child for how to do things any more than the EU.
I have some RB1100AHx2, but they are on 6.x series. They are partitioned, but there is nothing there but the OS. Upgrade was never a problem.
I always though that it was downloaded to RAM. Not much sense in using flash, since it works with the ones with 16MB storage. Well, this is easy for Mikrotik to change: just do it this way on everything with 64 (128??) MB of RAM or more.
The whole upgrade is done before rebooting. The reboot is just to load the new system. This is why I thought it would be stored on RAM. Why write to flash, if it will be read and open, just to write over?
The devices (device?) with 32MB of RAM couldn’t do it - but even the ones with 64MB of RAM and 16MB of flash did it.
I don’t think they have problems sourcing the small metal USB cage. It probably is the USB controller chip that can´t be found.
I guess print journalism is dead. But Jānis’s MTU YouTube video explains the situation with AX2 and USB…
https://youtu.be/vAF7NII9Qcg?t=4878
TL;DW[atch]: AX chips are hot, USB adds 5W making it too hot
Also someone tried unsuccessfully to use the pads in AX2 to get USB from it: http://forum.mikrotik.com/t/mikrotik-hap-ax2-onboard-usb-3-0-pads/165169/1
Woah…let’s not blame California here – we’re flexible:
The device contains a security feature that requires a user to generate a new means of authentication before access is granted to the device for the first time. -Cal.Civ.C §1798.91.04(b)
which has been law for a while and covered by prompt to change at first login. So I’m blaming Europeans 
Also UK has something similar, and basically everywhere the governments are working on ways to improve security:
https://techcrunch.com/2018/10/05/california-passes-law-that-bans-default-passwords-in-connected-devices/?guccounter=1
https://www.bbc.com/news/technology-59400762
https://www.lexology.com/library/detail.aspx?g=87b061bb-d01e-4a49-8554-5809983ab184
You all may be smart and responsible professionals, but A LOT of home wireless AP never get configured and remain without passwords, leaving them open to malware from LAN side.