this post was submitted on 14 Sep 2024
19 points (100.0% liked)

OpenWRT Firmware

171 readers
1 users here now

WIP

Community for OpenWRT & generally related networking.

Feel free to post questions or offer support.

Website: https://openwrt.org/

founded 1 year ago
MODERATORS
JTheDoc
19
Is there such a thing as an unsafe router which is still unsafe after installing OpenWRT? (self.openwrt)
submitted 4 days ago* (last edited 4 days ago) by finitebanjo to c/openwrt
8 comments fedilink hide all child comments
 

For example, privacy violating linksys or netgear, or devices with components running improper firmware with a 14 year old vulnerability?

The reason that I ask, although I don't want this to impact the quality of answers, is that I'm shopping for a new router that is secure and private but rather than paying commercial and industrial prices I would rather get a consumer router and overwrite it's software.

you are viewing a single comment's thread
view the rest of the comments
[–] owenfromcanada 8 points 4 days ago

I'm no expert, but I would think overwriting the firmware would generally make the router "safe".

For it to not be safe, there would need to be some aspect of the firmware that is not overwritten, but still executed somehow. Something like a co-processor, or some convoluted flash arrangement.

But I don't think that would be the case, because that would almost definitely drive up the price. I can't say for sure, but that's my best guess.

The other potential vulnerability is that some devices have two flash regions, to be able to roll back in case a firmware update is bad (I had a linksys device with this configuration). So you might flash OpenWRT, but if the router gets reset a couple times (like with a power outage, for example), it could load the previous (commercial) firmware. There are ways to deal with it, but if you're looking to buy a new device, it'll be easy enough to avoid those cases.

For what it's worth, I've had great luck with OpenWRT on a number of TP-Link devices.