[problems]

What makes you think they're unsigned? Surely there's at least some basic checksumming if not cryptographic signatures inside of that blob? There's no reason to even bother with delivering it over https if you put a good signature on the blob itself.

[DSMan195276]

I would assume it does not do those things, or else creating/flashing custom firmware like DD-WRT would presumably be impossible. They could be doing some verification in the firmware itself, but obviously that only saves you from bad downloads - anybody serving you up a malicious firmware can easily just serve one up without the verification checks inside.

[problems]

This is not the case anymore.

https://github.com/xdarklight/mktplinkfw3/blob/master/README...

Their firmwares for newer devices do indeed include signature support. A malicious firmware on their server will fail the signature check and not be flashed. Signature checks occur only in the flasher, not in the bootloader, but that would require physical access to the device, at which point all bets are off anyways.