In January 2016, the Wall Street Journal did a big expose on this Rarely Patched Softwareīugs in Home Routers Cripple Security.Even the latest firmware often contains disgracefully old versions of software. Old software, with know flaws, is the rule rather than the exception with consumer routers.You have to ask the company that made the router. Adding insult to injury, there is no defense against the flaw and no way for you tell if your router is That were still using buggy RomPager software. Yet, NINE YEARS LATER, Check Point Software found 12 million routers The flaw was introduced to the RomPager server from AllegroSoft in 2002. The Misfortune Cookie flaw from December 2014 offers a very important lesson.It is very likely other Asus routers share the same password flaws. Most importantly, Asus never said anything about their other routers (of which there are many). For one thing, Asus never issued a Security Advisory even though one of the flaws was clearly a back door. Asus fixed the flaws, as if that was the end of the story. In May 2021, Chris Bellows of Atredis Partners found three bugs in the Asus GT-AC2900 router that allow someone access to the router without knowing the password.In some cases vendors never fix the reported vulnerabilities at all. Vendors often fix vulnerabilities only in the models for which those flaws were reported by researchers and fail to test if their other products are also vulnerable. This type of patching inconsistency happens frequently in the router world. The other ones had been discovered and patched in the past in other router models from the same manufacturers, but the vendors did not fix them in the routers selected for this competition. Reporting on the results for PC World, Lucian Constantin wrote: "One interesting aspect is that only four of the reported vulnerabilities were completely new. Contestants found 15 flaws in popular routers. In August 2014, at the DefCon conference, there was a contest to find bugs in routers.Consumer router vendors do as little firmware maintenance as possible.When you buy a business class router you are buying the software. The software is provided as cheaply as possible. When you buy a consumer router you are buying the hardware.If a router is sold at Best Buy, you don't want it (no offense to Best Buy). Evidence of the plethora of bugs is on the bugs in routers page. The types of bugs that happen when developers don't care. Not only are there lots of bugs/flaws, but many are big glaring bugs. The people who create router firmware are not very good at their job. I have followed router software/firmware for a while now and the number of mistakes/bugs is stunning.First a note on terminology: the software that is the operating system for a router is referred to as firmware. ![]() Some business class vendors are listed on the Resources page. ![]() ![]() As for routers given to you by an ISP, they are even worse. Here, in detail, are my reasons for not using a consumer router. To me, the most important decision when buying a router is to get one with professionally written software. Multipoint routers, Device roaming, Tri-band extenders, 8 stream 11ac and 802.11ax. The article, How To Buy A Wireless Router - 2018 Edition (by Tim Higgins Jan. The Small Net Builder website offers a recent example. Security never factors into the equation. Consumer routers are marketed, and reviewed in the tech press, based on speed, features, speed, price, speed, appearance and speed. I say this fully aware that my opinion runs counter to every article you will ever read about buying a router. The big reason is that their security is not acceptable. I think it is a mistake to use a consumer router.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |