| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by patrakov 493 days ago
	> OpenWRT is pretty great at offering features and security for consumer devices That's a misconception. Nobody actually cares about security for packages that are not in the default install. For example, the initscript for sstp-client disables certificate validation unconditionally, see https://github.com/openwrt/packages/issues/25212

2 comments

TheDong 493 days ago

It at least offers more security than the usual alternative on a consumer router of the manufacturer's OS (i.e. something updated once a decade running linux 2.6 with GPL-violating unreleased patches so you can't update it yourself, all written in C by the contractor that bid the lowest).

link

FeistySkink 493 days ago

If others think this is in jest, there are recent TP-Link routers with 2.6 kernel and Broadcom.

link

choobacker 493 days ago

Good job on raising that issue. TIL SSTP.

> Nobody actually cares about security for packages that are not in the default install.

Probably an exaggeration, but it's clear there are some packages that are insecure out-the-box.

link