[riskable]

I have a PC hooked up to my TV in my living room that has been running the latest version of Kubuntu for over 18 years now. It has had many upgrades in that time but it's still the same basic hardware: A CPU, some memory, USB ports, a video card, and an ethernet port on the back.

That "genericness" is what's missing in the router space. Literally every consumer router that comes out has some super proprietary design that's meant to be replaced in its entirety in 3-4 years. Many can run Linux, sure, but how many have a replaceable/upgradable board? How many are like a PC where you can install whatever OS you want?

Sure, you can forcibly flash a new OS (e.g. OpenWRT) but that is a hack. The company lets you do that because they figure they'll get a bit more market share out of their products if they don't lock the firmware so much. They key point remains, however: They're not just hardware—even though they should be!

The world of consumer routers needs a PC-like architecture change. You can buy routers from companies like Banana Pi and Microtik like this but they're not marketed towards every-day consumers. Mostly because they're considered "too premium" and require too much expertise to setup.

I think there's a huge hole in the market for consumer-minded routers that run hardware like the Banana Pi R4 (which I have). When you buy it, you get the board and nothing else. It's up to you to get a case and install an OS on it (with OpenWRT, Debian, and Ubuntu being the normal options).

We need something like the Framework laptop for routers. Not from a, "it has interchangeable parts" perspective but from a marketing perspective. Normal people are buying Framework laptops because geeky friends and colleagues recommend them and they're not that much more expensive/troublesome than say, a cheap Acer/Asus laptop.

[alsetmusic]

> They key point remains, however: They're not just hardware—even though they should be!

This is the most thoughtful comment I've seen on this topic. I hadn't even considered this approach, but you're right. The hardware needs to be commoditized in a way that makes the software a layer that can be replaced. Someone else said this but in a way that described flashing a third-party package as HN nerds would. That's too much effort and it won't work.

It should be as generic as PC hardware. Every router manufacturer should build devices that can run the OSes of all their competitors' devices and vice versa. Maybe some features won't work with the other company's OS cause it isn't designed for that, but overall it ought to be replaceable. "Normal people" still wouldn't flash a new OS, but making it an option is a step towards making devices more secure.

If every router could get a new OS as easily as your techy friend could install Firefox or an ad-blocker or whatever else, we'd start the long march to a real longterm solution.

[thayne]

> Every router manufacturer should build devices that can run the OSes of all their competitors' devices and vice versa.

Or they could just run an existing open source OS, like openwrt.

[alsetmusic]

You completely missed the point of what I said. I have a Linksys as a cheap backup in case my real router (Netgate / pfsense) dies. The Linksys is running OpenWRT and hopefully I'll never need to plug it in ever again.

I had to verify that OpenWRT was compatible when I bought it _to be a backup_. Re-read what I said about everything being commodity hardware that can run any other device firmware / OS.

[glitchc]

It's not so simple. Routers, like most tech emitting and modulating an RF signal by design, are certified products. The radio frequency bands, output power, allowed channels are all tightly controlled. Allowing end-users control without restrictions over such equipment would be unsafe.

[em-bee]

how is that different from any computer with a network card and wifi support? routers really are not special here.

[glitchc]

It's quite different. The transceiver in your device is mainly a low-power receiver, transmit power is limited to ~100mW at best. Meanwhile a typical AP can go up to 1W per antenna for transmit. Also, the firmware that operates the wifi stack on your network card is not open source or user-modifiable beyond firmware updates issued by the manufacturer. I suggest reading up on wifi and RF before going further.

[rstuart4133]

> I suggest reading up on wifi and RF before going further.

I'd suggest neither matter in the face of how the problem is solved in the consumer cards the OP was talking about. They solve it by locking down the firmware that controls the radios.

The reality is most routers do that too. You can replace the firmware in most of them with OpenWRT or something similar. You still can't exceed regulatory limits because of the signed blobs of firmware in the radios.

Nonetheless, here we are getting comments like yours, which imply all firmware in the device must be behind a proprietary wall because a relatively small blob of firmware in them must be protected. It has its own protections. It doesn't need to be protected by the OS or the application that runs on top of it.

Yet it's in those applications where most of the vulnerabilities show up. Making them consumer replaceable would help in solving the problem. Protecting the firmware is not a good reason to not do it.

[glitchc]

I was responding to the original post about open standards. My point is that anything with an RF transceiver will never be as open as a standard PC with replaceable components. The radio portion will always be blocked off. That relatively small blob will always limit how much control you can exert over the device.

We don't have to look far. The embedded space with Arduinos, ESP32s and even RPis is a hacker's paradise. Yet the radio stack is restricted in all of them. For instance, it's not possible to take an ESP32 board and turn it's single antenna into a MIMO configuration, even if you make a custom PCB with trace antennas.

[em-bee]

My point is that anything with an RF transceiver will never be as open as a standard PC with replaceable components. The radio portion will always be blocked off.

sure, but again, why would the RF transceiver on my desktop PC or in my laptop be any different than the one in my router?