[dimkr1]

Raising the security bar of routers is indeed a priority of many ISPs, organizations and consumers. But IMHO, securing the router isn't enough, because once you close the huge security and privacy hole created by vulnerable and outdated home routers, IoT devices like IP cameras will take the router's place as the weakest link in terms of a home network's security, so the problem of malware targeting embedded devices with no security software is still there. (Also, if any guest who connects to a WiFi network can guess admin:admin or admin:12345678 and infect IoT devices, NAT is not enough to provide a reasonable level of security in many home networks. In addition, having open-source firmware or reputable open-source components is not enough to assert that a certain device is secure by design, because most home routers run outdated and vulnerable versions of Linux/uClibc/whatever, often with network stack patches and proprietary drivers from the SoC manufacturer's BSP that make it impossible to upgrade to recent, stable versions of everything; this also applies to the router manufacturers that fork OpenWRT and don't pull changes. Moreover, completely separate from the question of how to develop security updates, the problem of testing and deploying them in time on customer premises, without user intervention, still remains and detracts from the ISP's motivation to provide security: it's very expensive). A copy-paste-based software development lifecycle, unsafe C code, the cost of built-in security and the risks & costs of deploying updates in scale are here to stay for the foreseeable future. A more radical solution is needed to protect today's devices against today's and future threats: that's why in https://www.securingsam.com, we're putting a security-as-a-service umbrella on the existing, consumer-grade router which hardens and protects the router and all devices connected to it using DPI, traffic anomaly detection, auto-updated (independently of the router firmware) vulnerability mitigation patches and much much more.