For the first time, DNS redirection attacks against small office and home office (SOHO) routers are being delivered via exploit kits. French security researcher Kafeine said an offshoot of the Sweet Orange kit has been finding success in driving traffic from compromised routers to the attackers' infrastructure.The risk to users is substantial he said, ranging from financial loss, to click-fraud, man-in-the-middle attacks and phishing.
Perhaps it's time to demand OpenWrt compatibility? It's without backdoors by design, with continuous bug fixes, IPv6 support and unrestrained configuration capability. Embedded boxes seems to have a poor track record on bugs, transparency and robustness.
(Score: 1, Informative) by Anonymous Coward on Wednesday May 27 2015, @01:36PM
OpenWRT is good. But it comes with maintenance. You need to still keep it up to date.
People want appliances that look nice on their desk. That is what the market provides. The appliance makers then differentiate themselves by adding features that get exploited. OpenWRT competes very well with replacing that. But do not mistake it for a fire and forget thing.