Microsoft names Chinese group as source of new attack on SolarWinds Microsoft has attributed a new attack on SolarWinds to a group operating in China. The software giant on Tuesday posted details of the attack, which SolarWinds on Monday patched and revealed as a Return Oriented Programming attack that targets its Serv-U managed file transfer product and allows an attacker to run arbitrary …
Is there such a thing as a secure consumer router? .... vtcodger
No, vtcodger, there is not, nor even whenever routing and/or routeing information servering and servicing intelligence.
'Tis an escapable fact of/for universal life.
Many routers are just less secure than others by simple virtue of who and/or what would be using them ..... and for what and/or for whom. To consider any of them failsafe secure is an arrogance displaying an ignorance born of hubris and a fundamental misunderstanding of the nature of the wild beast so obviously confronting one. And such is an exploitable vulnerability which some would tell you has no peer.
"Not out of the box. Potentially, if flashed with DD-WRT"
A few years ago Buffalo sold routers with DD-WRT pre-installed. Perhaps others as well?
DD-WRT lacks any sort of autoupdate mechanism and the all guidance instructs resetting the device to factory defaults when updating and reseting all the options. Which is a major pain. Most commercials home routers usually retain their settings even after major version updates.
There is no such thing as a secure router, consumer or otherwise. There are only routers that don't have discovered vulnerabilities.
I'd go further and say that there's no such thing as a secure device that's connected to the internet. Trusting your devices without additional security is foolish and, for consumers, is basically trusting that out of the hundreds of millions of consumers, you won't be a target. Security by obscurity.
Keep in mind that SolarWinds was secure, until it wasn't.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
