The Home Router Security Report is a study of 127 home routers from seven vendors conducted by the Fraunhofer Institute for Communication (FKIE) in Germany. It presents alarming revelations which indicate a systemic failure by the entire industry to provide meaningful and current updates for products as well as illuminating a disturbing lack of concern for end-user security.
This report is nothing short of damning for manufacturers already facing staffing and talent shortages. The list of vendors includes the most popular brands on the planet, such as ASUS, AVM (Germany), D-Link, Linksys, NETGEAR, TP-Link and Zyxel. Scientists found that, even after applying the latest firmware updates, every single router still had flaws!
The findings show a wide spectrum of avoidable security issues, including the use of ancient, unpatched versions of the Linux kernel, private security keys embedded within firmware images and the use of either well-known or hard-coded passwords.
Quite frankly, we are disgusted by this egregious miscarriage of fiduciary duty to consumers all over the world. This certainly helps to explain the prevalence of botnets as well as DDOS-for-Hire services on the Dark Web.
For those unacquainted with statistical analysis, the report includes numerous box plot illustrations depicting interquartile statistics that are much easier to comprehend with a quick study of interquartile range in addition to box plot on Wikipedia.