[Cryptography] "Home router warning: They're riddled with known flaws and run ancient, unpatched Linux"
Tom Mitchell
mitch at niftyegg.com
Fri Jul 10 17:15:10 EDT 2020
On Thu, Jul 9, 2020 at 3:17 PM Henry Baker <hbaker1 at pipeline.com> wrote:
>
> At 11:30 AM 7/9/2020, Dan McDonald wrote:
> >On Thu, Jul 09, 2020 at 08:57:36AM -0400, Jerry Leichter wrote:
> >> https://www.zdnet.com/article/home-router-warning-theyre-riddled-with-known-flaws-and-run-ancient-unpatched-linux/
> >>
> >> Shocking. And there's gambling going on, too.
> ><SNIP!>
> >
> >It's one of the strongest arguments for:
> >
> >1.) Decoupling the WiFi access point from the NAT/Router.
> >
> >2.) FURTHER distrusting wifi/NAT/Router combos provided to you by your
> > helpful ISP. (I've a VZ one that's sat unplugged since 2009, e.g.)
>
> Re: "Decoupling the WiFi access point from the NAT/Router"
.......
> So here's my suggestion:
>
> * cable modem with 10-12 year-old never-updated Linux connected via Ethernet;
> disable wifi HW on this device (or better: buy a cable modem w/o wifi at all)
> * Raspberry Pi 4 acting as NAT/router/DoH DNS/... connected via Ethernet
I like the Pi-4 a lot.
For about the same money look at the
Ubiquiti Advanced Gigabit Ethernet Router -- MIPS based with some
hardware help for packet moving. Yes linux. Yes bug history.
Wifi transmitter and receivers can be sourced and upgraded on their
own time scale.
Those that can should have wired links in their home or office.
No solution is perfect. All require too much work to configure,
backup, audit and maintain.
--
T o m M i t c h e l l ( o n N i f t y E g g )
More information about the cryptography
mailing list