D-Link router patch creates NEW SOHOpeless vuln Hacker Craig Heffner says D-Link has not only failed in its bid to patch its DIR-890L router but has managed to introduce a new vulnerability instead. The Tactical Network Solutions router wrecker says D-Link's quadcopter-esque AC3200, reviewed elsewhere as " the most insane router in the history of mankind", is open to …
"Experts agree that small home and office routers are almost universally terrible, often as a result of the focus on cost competition between feature and function-obsessed vendors."
...And often as a result of outsourcing the development to the cheapest coding shop they can find I expect. I've seen code that comes out of these places and it's not pretty.
The whole printf() family should always be regarded as suspect because (1) a lot of compilers can type-check the format string against the variable argument list, and (2) you don't always know if the destination string(s) are long enough to hold the result(s).
These days gcc can format-check, and most decent static analysis tools also do this, but I have seen too many projects with shed-loads of compilation warnings that were obviously ignored. And most modern libraries have 'nprintf' variants where the target buffer can have its size passed in to stop buffer overruns.
As with a lot of these problems, the solutions are already out there if only they would use them :(
The more I see, the more I am convinced that Free Software is the only long-term reasonable software. And not the fake Open Source with Closed Extensions, like DD-WRT does with its pervasive use of proprietary kernel modules.
I would not buy the D-Link DIR-890L because I would look it up and see that it’s based on the Broadcom BCM4700-series SoC. Those things don’t have usable open-source drivers for either wired or wireless network adapters. Plenty of people compromise and use only the kernel that ships with the device, so that the drivers work, but I prefer to buy devices where I can actually patch any vulnerabilities and recompile the firmware.
99.999999986%
Because of course a fully open-source Linux distribution for routers doesn’t exist, so only the most dedicated of nerds is able to install and use it.
The thing is, I hate shopping for networking equipment, so I don’t do it that many times more than I have to. The OpenWRT Wiki is one place to start, but I think doing shopping there is a waste of time.
My current hunch is that Qualcomm Atheros is the best combination of open source friendliness and speed. I don’t care about top speed anymore, as long as it works well enough, because no matter what you get, it’s obsolete in a few months. My router is a Buffalo WZR-600DHP flashed with OpenWRT, and I think the most promising of the AC1750 routers is the TP-Link Archer C7.
I don’t know any good AC3200 routers. I would look for both radios being Atheros, because it looks like a bunch of companies now pair an Atheros WiFi SoC with an open-source-hostile 802.11ac radio. WikiDevi looks like a fun web site for tracking this sort of information.
The thing is, I hate shopping for networking equipment, so I don’t do it that many times more than I have to.
I don't either. Getting an ADSL router that's OpenWrt-capable seems even harder. I'm guessing it's to do with modem drivers being hard to get. I look every day on EBay for one with OpenWrt installed (I don't want to tinker and possibly brick) with USB so i can use it as a netbooter too.
At work I've been dealing with "business IAD" which are supposed to convert SIP into ISDN. I have to tell you that market is full of companies who have no idea of what they are doing. Our current strategy is to just install ACLs to make them not talk to the rest of the Internet. At least one IAD we've tried actually tends to crash when you leave it to the open Internet. The other one is managed via a proprietary software... which is probably open to replay attacks. I've compared the TCP-dumps of 2 authentication sequences... and they were identical.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
