During installation, the router sent several data packets to an Amazon server in the US. These packets contained the configured SSID name and password in clear text, as well as some identification tokens for this network within a broader database and an access token for a user session that could potentially enable a MITM attack.

Linksys has refused to acknowledge/respond to the issue.

  • Admiral Patrick
    link
    fedilink
    English
    1745 months ago

    This. This is why I have trust issues and only run devices I can flash OpenWRT (or other appropriate custom firmware) to.

    • Max-P
      link
      fedilink
      English
      795 months ago

      It’s like all the tech companies are actively working together to give us trust issues at this point. Used to flash things for fun because I can, more and more it feels like it’s a necessity just to get basic human rights respected.

      • @ichbinjasokreativ
        link
        English
        325 months ago

        Exacly. You basically need to flash something like grapheneos on your phone, install linux on your computer and run custom firmware on your router to even have any semblance of privacy

      • Admiral Patrick
        link
        fedilink
        English
        65 months ago

        Yep.

        Every piece of networking gear in my house (except my ONT grrrrr) is running OpenWRT. Which also makes it nice since I can script any changes and push them out.

    • @[email protected]
      link
      fedilink
      English
      85 months ago

      I use enterprise hardware that has enterprise router firmware. In my case, I use Microtik with RouterOS. If it’s good enough for big enterprises, it’s probably good enough for me.

      • Admiral Patrick
        link
        fedilink
        English
        4
        edit-2
        5 months ago

        I use enterprise gear, but not the original software for it (and sometimes, not even the original purpose). I get it all second hand, and the subscription / licensing is usually non active. I think the only gear I used with the original OS was my Brocade fibre channel switch.

        My current router is former Barracuda Load Balancer 340 now running OpenWRT. Cost me $45 and handles everything I need to throw at it and more.

    • @Pacmanlives
      link
      English
      65 months ago

      Not a bad way to do it!

      I just went down the ubiquity dream machine and a real switch with APs in mesh mode

      • Admiral Patrick
        link
        fedilink
        English
        65 months ago

        Nice!

        A drunk eBay excursion scored me 20 Aruba AP-105s for $12. Flashing OpenWRT to them was a brute, but they’re still going strong.

        I originally set them up to mesh on the 5 GHz and provide AP coverage on the 2.4, but since they’re PoE and didn’t come with adapters, I got rid of the mesh and just have one in every room.