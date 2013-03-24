from the is-that-a-banana-in-your-router-or-are-you-just-happy-to-route-packets? dept.
Banana Pi's low-cost router supports 2.5G+5G WiFi with LAN ports:
Banana Pi is now selling a fully built Wi-Fi 6 router with some solid features for just $30 excluding shipping via Ali Express. This router uses OpenWRT firmware and dual-core Arm A9 Processor-based Triductor TR6560 SoC with Triductor's TR5220 WiFi 6 chipset.
The company has been selling this WiFi 6 router board on its own, but now you can buy an out-of-box unit that contains an enclosure for the board with six external antennas, Ethernet cables, and a power adapter with either EU or US plugs. The only difference here is that one of the LAN ports is removed.
[...] The router supports the 802.11ax bandwidth protocol and provides WPA3 password protection. Power over Ethernet is optional and can be added via a module, but it needs to be soldered. Banana Pi's wiki page specifies that its 2.4G signal works up to 40 meters to provide 573.5 Mbps bandwidth and 5G works up to 160 meters up to 2,401.9 Mbps.
Related:
- Celebrating 20 years of OpenWrt with Hardware Design
- OpenWRT Package Manager Vulnerability Allows Remote Code Execution
- Reunited with LEDE, OpenWrt Releases Stable 18.06 Version
Related Stories
OpenWrt has released stable 18.06 version, its first release since merging with its spin-off, LEDE (Linux Embedded Development Environment).
OpenWrt is a Linux-based operating sytem targeted at replacing the firmware for low-end consumer-grade router hardware. For a while, OpenWRT had started to drift outside the router market and into a more general single-board computer market causing a split in 2016 which resulted in the LEDE project. LEDE focussed more on the routers as well as worked to increase transparency of operations. At the beginning of 2018, LEDE merged back into OpenWRT and the combined project operates under LEDE's guidelines.
The OpenWrt project released a stable version 18.06 of the venerable OpenWrt Linux distribution for networking and low-end hardware. Users of OpenWrt 15.05 or LEDE 17.01 can upgrade without requiring an entirely new install.
This is the first release since OpenWrt 15.05.1 in March 2016 and the first since the LEDE project split off from OpenWrt a few months later in an attempt create an open source community with greater transparency and inclusiveness. The two groups reunited in January of this year under the OpenWrt name. OpenWrt has long been used in Linksys routers such as the circa 2015 WRT1900ACS, among many others.
Dan Goodin over at Ars Technica is reporting about an OpenWRT vulnerability in its package manager, opkg.
From the article:
For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital signature verifications are easy to bypass, a researcher said.
[...] Security researcher Guido Vranken, however, recently found that updates and installation files were delivered over unencrypted HTTPs[sic] connections, which are open to attacks that allow adversaries to completely replace legitimate updates with malicious ones. The researcher also found that it was trivial for attackers with moderate experience to bypass digital-signature checks that verify a downloaded update as the legitimate one offered by OpenWTR maintainers. The combination of those two lapses makes it possible to send a malicious update that vulnerable devices will automatically install.
[...] These code-execution exploits are limited in their scope because adversaries must either be in a position to conduct a man-in-the-middle attack or tamper with the DNS server that a device uses to find the update on the Internet.
[...] Exploiting these weaknesses, Vranken was able to create a server that impersonated downloads.openwrt.org and served a malicious update. As long as the malicious file is the same size at the legitimate file, it will be executed by a vulnerable device.
Vranken backs up his claims in a blog post where he provides a proof-of-concept exploit against OpenWRT devices.
The checksum bypass vulnerability in OpenWRT's opkg has been assigned CVE-2020-7982.
Affected versions:
18.06.0-18.06.6
19.07.0
LEDE 17.01.0-17.01.7.
Original blog post with discussion and exploit code
OpenWRT Advisory for this vulnerability
OpenWRT is a Linux distro focused on embedded devices, supports a a variety of SoCs, and is widely used on home routers.
The OpenWRT project is turning 20 years old this year. During that time they have adapted to existing hardware products. Now the team has the idea to produce their own, fully supported hardware to run their software on:
It is not [a] new [idea]. We first spoke about this during the OpenWrt Summits in 2017 and also 2018. It became clear start of December 2023 while tinkering with Banana Pi style devices that they are already pretty close to what we wanted to achieve in '17/'18. Banana PIs have grown in popularity within the community. They boot using a self compiled Trusted Firmware-A (TF-A)and upstream U-Boot (thx MTK/Daniel) and some of the boards are already fully supported by the upstream Linux kernel. The only nonopen sourcecomponents are the 2.5 GbE PHYandWi-Fi firmware blobsrunning on separate cores that areindependent of the main SoC running Linuxand the DRAM calibration routines which are executed early during boot.
I contacted three project members (pepe2k, dangole, nbd) on December 6th to outline the overall idea. We went over several design proposals, At the beginning we focused on the most powerful (and expensive) configurations possible but finally ended up with something rather simple and above all,feasible. We would like to propose the following as our "first" community driven HW platform called "OpenWrt One/AP-24.XY".
Together with pepe2k (thx a lot) I discussed this for many hours and we worked out the following project proposal. Instead of going insane with specifications, we decided to include some nice features we believe all OpenWrt supported platforms should have (e.g. being almost unbrickablewith multiple recovery options, hassle-free system console access, on-board RTC with battery backup etc.).
This is our first design, so let's KiSS!
The preliminary hardware specifications are included in the message and it will contain a pair of flash chips for redundancy with the aim to make the router harder to accidentally brick during an update.
Previously:
(2021) The Accident which Made the WRT54G Legendarily Popular
(2018) Reunited with LEDE, OpenWrt Releases Stable 18.06 Version
(2015) OpenWrt Gets Update in Face of FCC's Anti-Flashing Push