Slash Boxes

SoylentNews is people

posted by janrinok on Friday March 15, @05:15AM   Printer-friendly
from the is-that-a-banana-in-your-router-or-are-you-just-happy-to-route-packets? dept.

Banana Pi's low-cost router supports 2.5G+5G WiFi with LAN ports:

Banana Pi is now selling a fully built Wi-Fi 6 router with some solid features for just $30 excluding shipping via Ali Express. This router uses OpenWRT firmware and dual-core Arm A9 Processor-based Triductor TR6560 SoC with Triductor's TR5220 WiFi 6 chipset.

The company has been selling this WiFi 6 router board on its own, but now you can buy an out-of-box unit that contains an enclosure for the board with six external antennas, Ethernet cables, and a power adapter with either EU or US plugs. The only difference here is that one of the LAN ports is removed.

[...] The router supports the 802.11ax bandwidth protocol and provides WPA3 password protection. Power over Ethernet is optional and can be added via a module, but it needs to be soldered. Banana Pi's wiki page specifies that its 2.4G signal works up to 40 meters to provide 573.5 Mbps bandwidth and 5G works up to 160 meters up to 2,401.9 Mbps.

Read the specs here.


Original Submission

Related Stories

Reunited with LEDE, OpenWrt Releases Stable 18.06 Version 10 comments

OpenWrt has released stable 18.06 version, its first release since merging with its spin-off, LEDE (Linux Embedded Development Environment).

OpenWrt is a Linux-based operating sytem targeted at replacing the firmware for low-end consumer-grade router hardware. For a while, OpenWRT had started to drift outside the router market and into a more general single-board computer market causing a split in 2016 which resulted in the LEDE project. LEDE focussed more on the routers as well as worked to increase transparency of operations. At the beginning of 2018, LEDE merged back into OpenWRT and the combined project operates under LEDE's guidelines.

The OpenWrt project released a stable version 18.06 of the venerable OpenWrt Linux distribution for networking and low-end hardware. Users of OpenWrt 15.05 or LEDE 17.01 can upgrade without requiring an entirely new install.

This is the first release since OpenWrt 15.05.1 in March 2016 and the first since the LEDE project split off from OpenWrt a few months later in an attempt create an open source community with greater transparency and inclusiveness. The two groups reunited in January of this year under the OpenWrt name. OpenWrt has long been used in Linksys routers such as the circa 2015 WRT1900ACS, among many others.

Original Submission

OpenWRT Package Manager Vulnerability Allows Remote Code Execution 12 comments

Dan Goodin over at Ars Technica is reporting about an OpenWRT vulnerability in its package manager, opkg.

From the article:

For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital signature verifications are easy to bypass, a researcher said.

[...] Security researcher Guido Vranken, however, recently found that updates and installation files were delivered over unencrypted HTTPs[sic] connections, which are open to attacks that allow adversaries to completely replace legitimate updates with malicious ones. The researcher also found that it was trivial for attackers with moderate experience to bypass digital-signature checks that verify a downloaded update as the legitimate one offered by OpenWTR maintainers. The combination of those two lapses makes it possible to send a malicious update that vulnerable devices will automatically install.

[...] These code-execution exploits are limited in their scope because adversaries must either be in a position to conduct a man-in-the-middle attack or tamper with the DNS server that a device uses to find the update on the Internet.

[...] Exploiting these weaknesses, Vranken was able to create a server that impersonated and served a malicious update. As long as the malicious file is the same size at the legitimate file, it will be executed by a vulnerable device.

Vranken backs up his claims in a blog post where he provides a proof-of-concept exploit against OpenWRT devices.

The checksum bypass vulnerability in OpenWRT's opkg has been assigned CVE-2020-7982.

Affected versions:
LEDE 17.01.0-17.01.7.

Original blog post with discussion and exploit code
OpenWRT Advisory for this vulnerability

OpenWRT is a Linux distro focused on embedded devices, supports a a variety of SoCs, and is widely used on home routers.

Original Submission

Celebrating 20 years of OpenWrt with Hardware Design 15 comments

The OpenWRT project is turning 20 years old this year. During that time they have adapted to existing hardware products. Now the team has the idea to produce their own, fully supported hardware to run their software on:

It is not [a] new [idea]. We first spoke about this during the OpenWrt Summits in 2017 and also 2018. It became clear start of December 2023 while tinkering with Banana Pi style devices that they are already pretty close to what we wanted to achieve in '17/'18. Banana PIs have grown in popularity within the community. They boot using a self compiled Trusted Firmware-A (TF-A)and upstream U-Boot (thx MTK/Daniel) and some of the boards are already fully supported by the upstream Linux kernel. The only nonopen sourcecomponents are the 2.5 GbE PHYandWi-Fi firmware blobsrunning on separate cores that areindependent of the main SoC running Linuxand the DRAM calibration routines which are executed early during boot.

I contacted three project members (pepe2k, dangole, nbd) on December 6th to outline the overall idea. We went over several design proposals, At the beginning we focused on the most powerful (and expensive) configurations possible but finally ended up with something rather simple and above all,feasible. We would like to propose the following as our "first" community driven HW platform called "OpenWrt One/AP-24.XY".

Together with pepe2k (thx a lot) I discussed this for many hours and we worked out the following project proposal. Instead of going insane with specifications, we decided to include some nice features we believe all OpenWrt supported platforms should have (e.g. being almost unbrickablewith multiple recovery options, hassle-free system console access, on-board RTC with battery backup etc.).

This is our first design, so let's KiSS!

The preliminary hardware specifications are included in the message and it will contain a pair of flash chips for redundancy with the aim to make the router harder to accidentally brick during an update.

(2021) The Accident which Made the WRT54G Legendarily Popular
(2018) Reunited with LEDE, OpenWrt Releases Stable 18.06 Version
(2015) OpenWrt Gets Update in Face of FCC's Anti-Flashing Push

Original Submission

This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Interesting) by Rich on Friday March 15, @10:41AM (1 child)

    by Rich (945) on Friday March 15, @10:41AM (#1348876) Journal

    I was torn whether I should complain about some arbitrary product press release made it through the submissions, or be happy because I was looking more or less exactly like that for a task that may yield some interesting business.

    I looked over their (linked) wiki page, and it indeed looks like something that would be perfectly suitable for my idea. However, as usual with the Chinese, the organizational backing is catastrophic. One of the links in the "Easy to buy sample" section on the wiki page leads to a Chinese-only (Taobao) site, the other two lead to AliExpress shops, which are sold out after a total of 69 units.

    I would've absolutely liked one or two, if not for immediate project development then just to store one or two away at 35€ each, for their out-of-the-box routing capabilities with GbE and ax-WiFi and no bullshit Netgear-like cloud crap.

    • (Score: 0) by Anonymous Coward on Friday March 15, @10:50AM

      by Anonymous Coward on Friday March 15, @10:50AM (#1348877)


      Well, let's agree on soilvertisement.

  • (Score: 0, Troll) by Anonymous Coward on Friday March 15, @11:46AM (10 children)

    by Anonymous Coward on Friday March 15, @11:46AM (#1348879)

    OK, it’s cheap, but…
    - only Wifi 6? Not 6E, not 7?
    - only 3 Gbps? When Wifi 6 should be able to support 4.8 Gbps if not more just in the 5 GHz band, without considering the 2.4 GHz?
    - only 3 Ethernet ports, when everyone else has been putting 4 for ages?
    - only 128 MB Flash and no USB ports to connect some fun peripherals? I currently have a USB stick with encrypted storage which I unlock manually from SSH when my NAS needs its decryption keys at boot-up.

    Seems a bit late to the game, not very future-proof. If my priority were to get a cheap backup router right now, then I’d consider this.
    But I already have a now-mostly-stable active one + an older one in storage in case the first one fails, both on OpenWrt

    • (Score: 5, Informative) by takyon on Friday March 15, @12:48PM (3 children)

      I don't think Wi-Fi 7 is very common, considering the standard isn't even finalized yet []. I can excuse that one.

      Wi-Fi supports a wide range of speeds based on a number of factors I don't understand: [] []

      But you can see that Wikipedia lists 574–9608 Mbps for Wi-Fi 6/E.

      It might also be a situation where there was not enough I/O supported by the chip to get all of the ports and speed you'd want. Kind of like how the Raspberry Pi 4B only supports up to 4 Gbps USB3 total because all USB ports were sharing a single PCIe lane.

      Remember that Banana Pi is another cheap Chinese RPi knockoff. You get what you pay for.

      [SIG] 10/28/2017: Soylent Upgrade v14 []
      • (Score: 4, Interesting) by Rich on Friday March 15, @01:21PM (1 child)

        by Rich (945) on Friday March 15, @01:21PM (#1348888) Journal

        Remember that Banana Pi is another cheap Chinese RPi knockoff.

        That's the main point: CHEAP! The AliExpress offerings look like they ship a full router, with case and antennae, in box, for 35€. That's the number to beat, not the exact throughput on wireless. Will take OpenWRT by design from the vendor, not via some may-work-or-maybe-not hack. Where's the competition when you have to do a bridging task at hand, with at least two GbE ports? So far, I've been looking at the "Rock Pi E" (2 ports), which packs more power, but is also more expensive.

        Availability is a gamble with all that stuff, and there is not one Banana Pi but a whole zoo on their page, and all bets are off which of them you can buy now or in the future. The Chinese have to learn that they have to do one product, and do it well, if they want to compete with the Raspberries. Throwing the fads of the day against the wall and looking what sticks isn't going to help where potential large customers want "10 year guaranteed supply". I think the Radxa people (who make the "Rock" series), have somewhat understood that.

        • (Score: 1, Informative) by Anonymous Coward on Friday March 15, @04:14PM

          by Anonymous Coward on Friday March 15, @04:14PM (#1348913)

          Cheap? I went through the links and it was ~37€ + ~18€ for shipping to me, so it's not a 35€ router.

      • (Score: 3, Funny) by driverless on Saturday March 16, @04:29AM

        by driverless (4770) on Saturday March 16, @04:29AM (#1349034)

        Wi-Fi supports a wide range of speeds based on a number of factors I don't understand:

        Oh, it's pretty easy to understand, it works the same way PMPO worked: You take the largest number you can find in the chipset vendor's data sheet, multiply by the speed of light in a glass of milk, divide by the last three digits of the phone number of a pizza shop in Grand Forks, North Dakota, and that's your speed.

        Problem is that the results from this calculation invariably exceeds the speed of light, so you grab a beer and sit down with one of the other marketing guys and say "well, what do you think a good number would be?". After a few more beers you've got the figure you put in the marketing literature.

    • (Score: 0) by Anonymous Coward on Friday March 15, @01:40PM (4 children)

      by Anonymous Coward on Friday March 15, @01:40PM (#1348891)

      3 Ethernet ports

      WTF are you smoking? It has *five* ethernet ports.

      • (Score: 2) by Freeman on Friday March 15, @02:19PM (3 children)

        by Freeman (732) on Friday March 15, @02:19PM (#1348898) Journal

        I dunno, but yours seems to be stronger as the linked router in the article has 3 LAN ethernet ports and 1 WAN ethernet port.

        Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
        • (Score: 0) by Anonymous Coward on Friday March 15, @08:11PM (2 children)

          by Anonymous Coward on Friday March 15, @08:11PM (#1348967)


          Check it out and count - that's 4 LAN, 1 WAN - total of 5.

          • (Score: 0) by Anonymous Coward on Saturday March 16, @11:16AM

            by Anonymous Coward on Saturday March 16, @11:16AM (#1349070)

            But here
            it's 3 lan + 1 wan. But who cares.

          • (Score: 2) by Freeman on Monday March 18, @05:08PM

            by Freeman (732) on Monday March 18, @05:08PM (#1349361) Journal

            That board design is 4 LAN + 1 WAN. The board linked to in the article is a 3 LAN + 1 WAN design. When looking for a Banana Pi router on Amazon, I only find the 3LAN + 1 Wan option. Seems like the 4 LAN + 1 WAN option hasn't been picked up by anyone. Also, the Amazon option is $20 more expensive than the Aliexpress option.

            Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
    • (Score: 1, Touché) by Anonymous Coward on Friday March 15, @03:28PM

      by Anonymous Coward on Friday March 15, @03:28PM (#1348908)

      That fact that you keep encryption keys safe on a flash drive is all we need to know.