Apple’s self-driving cars; Burger King & Google Home; Snapchat stats; Uber’s Hell; Millennial slackers & mixtapes; Mac ransomware; Old Man’s War; Amazon’s parent dashboard; the Last Jedi; YouTube TV; MST3k; that dress; coachella-industrial complex.
This episode is sponsored by Freshbooks! To claim your free month, go to FreshBooks.com/GRUMPY and, this is REALLY IMPORTANT, enter GRUMPY OLD GEEKS in the “How Did You Hear About Us?” section.
The Grumpy Old Geeks prefer Private Internet Access for all your VPN needs!
If you’d like to donate to the show please check out our page on Patreon and get all the behind the scenes goodies!
If you like the show please click here and give us a rating or review in iTunes. It helps us out and lets us know people want more episodes!
IN THE NEWS [05:47]
SECURITY HAH! [22:06]
AT THE LIBRARY [44:22]
APPS & DOODADS [50:55]
MEDIA CANDY [53:31]
FEEDBACK LOOP [01:17:34]
Name: Christian Zangl
Comment: I’ve got a question for Dave Bittner.
I like to run my routers with OpenWrt or Lede – unlike my Linux machines, which constantly update, these are often ‘stable’ for years.
To be fair, updating a router is a lot more complicated than a normal Linux box but I still find it surprising that there are no security updates at all. So how secure are those things?
Unnamed sources at Symantec:
So WRT and LEDE are both pretty good for the opensource community. [name redacted] has used them both and built wireless routers. A quick google search will show you that there are known vulnerabilities in both so patching is critical. The question comes down to whether you think a team of professional software and networking experts will be more responsive than a motley crew of dispersed hackers when a vulnerability is identified.
If I had a budget of course I would buy a secure commercial router. if I was on a budget I might build something with a Raspberry Pi board and some open source software.
But – and here is the promo part – If he is really concerned about security at home he should look into the recently announced Norton Core router, the first high performance router for home use with Deep Packet Inspection. This brings the power of symantec security teams to the home router, meaning that whenever a new vulnerability of exploit is identified, your home router will be immediately aware of it and can block suspicious traffic and isolate any misbehaving devices.
ou could also get a cheapo Intel NUC or similar box and build your own router. Sophos has UTM software that is free for home use as well
Here’s a link with a lot of recommendations and ideas:
From Friend of the show Monkee13:
I can’t really speak to the dd-wrt,tomato, or other alt OS’s because I used Open WRT mostly. They tended to use VERY stable (and yes usually older libraries) but unlike the other “alternative router OS” OpenWRT was truly open and you would compile “roll your own”. The security patches were released at the same time as the linux patches and you would either patch your recompile your instance. Over the several years I ran it I can only remember having to do maybe 2 or 3 security patches (for serious vulns). Other than that I recommend running the “stable” build and not the bleeding edge. I have been running the factory OS on my more recent router “brand redacted” but I worry more about the security of the stock and with this question from you I am going to look into the ability to run Open WRT on my new hardware. I have just been so busy and stressed with work I haven’t had time to “mess with” stuff at home. It has been more important to get it up and running and keeping it stable since we home school the kids now. The Open WRT community is very good too on the forums on IRC channels they are really good and usually fast to cover security issues. It is just really up to the end user to keep their eyes open and have an understanding of what issues may be out there. It is not like a stock OS that will have a blinky icon in your dashboard telling you there is an update available. That is also not many of them and it depends on a person actually going into the GUI on a regular basis and almost never happens unless they are having problems. For a “normal” user/owner I would not recommend running an alt OS because you really do need to be on top of it and understand what is behind the curtain. For a grump old (or young) geek it is not only interesting but a great learning experience.
I hope this made at least a little sense.