You plug them in once, they work and then you forget about them until the Internet stops working.
But routers, the gateway to the outside world and those things helping us stay sane during the lockdown, are riddled with flaws due to manufacturers neglecting the security of the devices, sometimes to an alarming degree, according to a new study.
“Our results are alarming,” the researchers at Germany’s Fraunhofer Institute write in a damning 20-page report pointing to gaping holes in common Internet routers for private users.
“There is no router without flaws.”
The gaps ranged from missing security updates and easy-to-decrypt passwords to long-known vulnerabilities that should have been fixed long ago.
The study tested popular models from household manufacturers like Asus, Netgear, Linksys, AVM, D-Link and TP-Link. The researchers noted that router manufacturer AVM performed better than others in most areas, while Asus and Netgear did well in some areas.
Not a single router among the 127 devices examined was without faults, according to the study from the Fraunhofer Institute for Communication, Information Processing and Ergonomics (FKIE).
Some routers are even riddled with hundreds of long-known vulnerabilities. According to the study, 46 routers have not received a single security update in the last twelve months, and one had not even received one for 2,000 days.
By far the majority (90%) of the routers use the free operating system Linux, but often in very old versions.
Linux is known for its ability to quickly close security flaws, the researchers say, however even this quick software update is being neglected by many manufacturers. – dpa