nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpq05gxtz00vfxzdela6xrhyvtqxmaxqz65d9hws3d56e72trqgcmvsxk52hs openWRT is being flashed onto it. No other built in software. I don't see any real re...
@nprofile1q... There is a BIOS and other small bits of code here and there at a lower level. From hard disk controllers, to wifi/nic firmwares, to micro code supporting the BIOS. Likely graphics too.
Most of the OpenWRT routers are non-x86, though I believe yours is x86, and have something called a bootloader. Often this component is locked down or violating licenses and the code is not released. Even when you install OpenWRT your not actually in full control. This is also the case with things like wifi firmwares and drivers in many cases.
There is always "another level" one can be thinking about even if ones primary concerns are higher up the stack at an application level.
The reason to be concerned about the lower level components is that it's often where backdoors have been found. Nearly all Android phones were backedoored for the longest time and I wouldn't be surprised if this was still the case at an application level. Some component was being shipped by ISPs I think. The only exception was Replicant which removes as many of these blobs as humanly possible.
In other cases with routers similar situations have existed where multiple backdoors in fact were found in some instances.
There was also a backdoor found in the ME and it was more of a backdoor in plain sight. The remove management component of the ME permits users of an Intel application to send a password and the ME would say "if password = right" let the user in. If wrong don't. But there was one more component. If no password was sent it would also let the user in. On the application side you couldn't sen an empty password- unless of course you modified the application. Well, the exploit was demonstrated and of course Intel just patched the "bug". This is not just a bug though.
Most of the OpenWRT routers are non-x86, though I believe yours is x86, and have something called a bootloader. Often this component is locked down or violating licenses and the code is not released. Even when you install OpenWRT your not actually in full control. This is also the case with things like wifi firmwares and drivers in many cases.
There is always "another level" one can be thinking about even if ones primary concerns are higher up the stack at an application level.
The reason to be concerned about the lower level components is that it's often where backdoors have been found. Nearly all Android phones were backedoored for the longest time and I wouldn't be surprised if this was still the case at an application level. Some component was being shipped by ISPs I think. The only exception was Replicant which removes as many of these blobs as humanly possible.
In other cases with routers similar situations have existed where multiple backdoors in fact were found in some instances.
There was also a backdoor found in the ME and it was more of a backdoor in plain sight. The remove management component of the ME permits users of an Intel application to send a password and the ME would say "if password = right" let the user in. If wrong don't. But there was one more component. If no password was sent it would also let the user in. On the application side you couldn't sen an empty password- unless of course you modified the application. Well, the exploit was demonstrated and of course Intel just patched the "bug". This is not just a bug though.
1