skilledtothegillsJul 9, 2024

Linksys Velop routers send Wi-Fi passwords in plaintext to US servers

https://lemmy.world/post/17387425

Linksys Velop routers send Wi-Fi passwords in plaintext to US servers - Lemmy.World

During installation, the router sent several data packets to an Amazon server in the US. These packets contained the configured SSID name and password in clear text, as well as some identification tokens for this network within a broader database and an access token for a user session that could potentially enable a MITM attack. Linksys has refused to acknowledge/respond to the issue.

Show threadAdmiral PatrickJul 9, 2024
This. This is why I have trust issues and only run devices I can flash OpenWRT (or other appropriate custom firmware) to.
Show threadsugar_in_your_tea
I use enterprise hardware that has enterprise router firmware. In my case, I use Microtik with RouterOS. If it’s good enough for big enterprises, it’s probably good enough for me.
Jul 9, 2024 at 8:06pmWeb
Show threadAdmiral PatrickJul 9, 2024

I use enterprise gear, but not the original software for it (and sometimes, not even the original purpose). I get it all second hand, and the subscription / licensing is usually non active. I think the only gear I used with the original OS was my Brocade fibre channel switch.

My current router is former Barracuda Load Balancer 340 now running OpenWRT. Cost me $45 and handles everything I need to throw at it and more.