Considering 95% of spam that hits my inbox originates from compromised Gmail accounts, I'd say it's a few.

Because Google is too big to fail, all Gmail traffic is essentially whitelisted and they can't be bothered to do anything about it.

Have they replaced it with grub-rs yet?

On a more serious note, grub is ancient bloatware, it is way overcomplicated for what it does, it's asking to be replaced by systemd-boot distro-wide.

Look at Apple and Microsoft's bootloaders, they are dead simple and have barely changed in 20 years, it makes you wonder how the hell grub was even conceived. It has config files for config files.

grub tries to do the kitchen sink. But we live in a UEFI world now. Boot is simple. None of that is necessary anymore.

Are you asking me if I have the master list of naughty and nice router manufacturers?

No, I don't have it but you may check with Santa Claus.

> Vulnerabilities have nothing to do with country of manufacture. They have always been due to manufacturers' crap security practices.

Sorry but this is merely a convenient excuse. Source: I have hard evidence of a Chinese IoT device where crap security practices were later leveraged by the same company to inject exploit code. It's called plausible deniability and it's foolish to tell me it's a coincidence.

You're not going to convince me that a foreign state actor pressuring a company to include a backdoor wouldn't disguise it as a "whoopsie, our crap code lol" as opposed to adding in the open with a disclaimer on it.

It's all closed source firmware. Even the GPL packages from most consumer router vendors are loaded with binary blobs. Tell me I should trust it.