Hacker News new | past | comments | ask | show | jobs | submit login

One problem is the software on the router is likely to be outdated and vulnerable, and upgrades are not under your control.



Isn't that equally as true of a VPN service as of a web service?


I would (and do) place more trust in a battle-hardened VPN than a router web interface that's designed for local access.

Additionally, Wireguard (to pick a favourite) listens for connections on a specific port, and only opens a tunnel if it's presented with the correct string, otherwise it's completely silent, an attacker wouldn't even know it was there. These routers are presenting a full web server and the web UI to an attacker.


The issue at hand is which hardware device is exposed to the external network, not which software.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: