←back to thread

Wanted to spy on my dog, ended up spying on TP-Link

(kennedn.com)
436 points kennedn | 7 comments | 15 Sep 25 16:28 UTC | HN request time: 0.001s | source | bottom
Show context
selinkocalar ◴[15 Sep 25 22:43 UTC] No.45255874[source]
IoT security is generally terrible, but the fact that consumer routers are essentially unaudited black boxes processing all your network traffic is genuinely concerning. Most people have no idea their router firmware hasn't been updated in years and is probably running known CVEs. The supply chain trust model for networking hardware is broken.
replies(9): >>45255922 #>>45256174 #>>45256498 #>>45256518 #>>45256767 #>>45257622 #>>45258241 #>>45258326 #>>45258348 #
1. teaearlgraycold ◴[15 Sep 25 22:48 UTC] No.45255922[source]
The solution is pfsense
replies(4): >>45255936 #>>45255978 #>>45256113 #>>45256573 #
2. arminiusreturns ◴[15 Sep 25 22:50 UTC] No.45255936[source]
The soulutions is iptables.

The solution is nftables.

The solution is bpf.

The solution is emacs-m-x-butterfly-bpf.

3. baby_souffle ◴[15 Sep 25 22:55 UTC] No.45255978[source]
Or openWRT.

The bsd based distributions sure are powerful, but with the power/heat budget to match.

replies(1): >>45256236 #
4. nuker ◴[15 Sep 25 23:13 UTC] No.45256113[source]
Better go OPNsense
5. bmurphy1976 ◴[15 Sep 25 23:32 UTC] No.45256236[source]
I love me some OpenWRT but updating it has always been a risky chore.
replies(1): >>45256512 #
6. fignews ◴[16 Sep 25 00:11 UTC] No.45256512{3}[source]
Check out attended sysupgrade
7. drnick1 ◴[16 Sep 25 00:20 UTC] No.45256573[source]
Actually, pfsense kind of has a shitty reputation in the FOSS community and opnSense is preferred.

But I don't like the limitations of BSD systems in terms of hardware compatibility and performance, so I build my router using a plain Linux distro (Debian).