The Electronic Frontier Foundation concerns itself with online rights… and, apparently, router firmware. That’s not quite as weird as it sounds.
The EFF has released an alpha version of an Open Wireless Router Firmware, which seems like a slightly unusual thing for an advocacy group to do.
It makes sense within the context that the Open Wireless Router firmware is designed to enable secure and shareable open networks. Specifically, the firmware is intended, according to an EFF posting, to
• Allow small business and home users to easily enable an open network, so guests and passersby can get an Internet connection if they need one, while keeping a password-locked WPA2 network for themselves and their friends or coworkers.
• Let you share a bounded portion of your bandwidth on the open network, so guest users cannot slow down your Internet connection or use a large portion of your monthly quota.2
• Provide state-of-the-art network queuing, so most users can expect an improved Internet experience—especially with latency-sensitive applications—compared to what commonly available consumer grade routers are delivering today.
• Offer a minimalist, secure, and elegant Web user interface to set up and configure the router. Advanced, non-minimalist administrative options are accessible by SSH.
• Advance the state of the art in consumer Wi-Fi router security and begin turning back the growing tide of attacks against them. Most or all existing router software is full of XSS and CSRF vulnerabilities, and we want to change that.
• Include a secure software auto-update mechanism. In addition to using HTTPS, firmware signatures and metadata are fetched via Tor to make targeted update attacks very difficult.
It’s still an early alpha release, and right now only works on a single router model — the Netgear WNDR3800 — so it’s essentially out there for hackers to work on and improve. I’m not sure that many end consumers actively upgrade the firmware on their routers all that much in any case. Do you?
Source: EFF via Hack A Day