Have the router ask the server if there's an update available when turned on. If none, proceed as usual; if there is, force the update, regardless of the time of the day. Problem solved.
Of course, for that you need to acknowledge that you violated the "ask, don't be an assumer" rule, instead of bossing customers around with "golden rules". You won't change their silly and pointless habits anyway.
High energy bills and misinformation about energy saving seems to be causing some odd behaviour here in the UK.
I have relatives who go round turning off every device and appliance at night, despite the negligible power draw they have in standby. Another will only charge their phone at night during cheaper the electricity rate - but runs the tumble dryer during the day.
I also often hear stories about people fearing electronic devices will catch fire if left on standby over night. Which may well be a risk for charging a dodgy Chinese e-bike but probably not for a home router.
When raspis came out like 12 years ago, I was still in my teenage years, and I wanted to keep one on the network. My mother was fucking terrified because it generated heat.
5V 1A means nothing to these people and no amount of facts will shut them up. Some people just inherently fear the unknown. Mixed with willful ignorance, it can be an infuriating combo.
Part of the reason I went to school for computer engineering is just so when people try to argue stupid bullshit like leaving your router plugged in will start a fire, hopefully they'll recognize that im qualified enough to know better and fuck off.
Read the title and went: What? They want you to keep your network hardware ON, when unattended, to increase the undetected malware entry opportunities?
Turns out it as their own devices they wanted to push updates to.
I would really prefer to use my own device though and even better, configure it myself after learning how the ISP's network works. But convenience is what it is.
The malware argument is a bit weak, if your router is vulnerable to something it'll likely be found and pwnd in a matter of minutes, so turning it off a night won't really save you. And once a patch is released, it'll be reverse engineered in a few hours/days, so ideally you want patches as soon as they are released.
Using your own device is usually a good idea anyway, telco stuff is usually pretty mediocre.
And as soon as your device is slightly custom, it becomes a less valuable target.
It's much more than just a bit weak, unless you are somehow continuously monitoring it, so yeah, in most end-user scenarios, it would hardly make a difference to keep it on, even if there were no updates.
you’re not supposed to get this kind of information from your ISP
Wait, do you mean, it's illegal to ask for it?
In my case, it just depends upon the ISP's policy.
In fact, with the current ISP, even though they provide their on modem (copper line), it has a pure bridge mode available, which I can connect to my other router and have fun looking at those packets with full transparency and the tech even went ahead and explained to me what I messed up, before resetting the modem for me, when I did use the bridge mode.
It's only Virgin Media to my knowledge who does this.
Most of the other providers are happy for you to use anything that works properly for VDSL or FTTP.
Most FTTP providers fit an ONT that puts the connection back into an RJ45 ethernet connector.
Then you connect to the provider using PPPOE. Anything past the ONT, you can do whatever you like.
you don't need to know how the ISP network works, you only need some networking concepts. Subnets/addressing and very basic routing (for a basic setup). You won't even need firewall rules if you don't host anything at your place (that needs to be accessed from outside)