This literally equally applies to google wifi. Just because a router may "appear secure" how can you really be sure Having google authentication doesn't magically eliminate every possible attack vector. You find it hard to believe a software engineer that wants to control a core component in his home network has security experience? My concern is because I know just how many flaws there are in every system. Even if they are able to steal the cached WiFi password off your infected device, they can't do anything to the router settings itself that affected all the other devices on the network, unless you use the same password for everything, at which point you have far bigger things to worry about. Your WiFi password and Google account credentials are completely separate things. If a machine in my household is compromised, then changing my wifi password is the least of my worries. Exactly, and with the vast majority of today's malware designed to be stealthy and not give off any signs it's infected, someone from Russia or China could be spreading in your network, changing router settings like opening up ports, DNS redirects, disabling firewalls etc for years and go completely unnoticed, especially for a non-techie person who does the setup wizard once after they back from best buy and never bother to update firmware or check settings ever again. no one in Russia or China can administer it without compromising a machine in my network.Īs does pretty much every consumer router made, the WAN admin page access are normally disabled by default. My previous old linksys had an admin console only available from local network. It takes an IT guy having to actively read security advisories day in and day out, and even then, they have to schedule a network wide down time to apply the patch which could be weeks or months away that hackers can easily take advantage of in the meantime. Good luck accomplishing that with a more typical home users and router, or even enterprises. Then there is also the fact Google can close a security hole if ever discovered on every WiFi/Onhub in the world in less than 24 hours if need be if an infection is spreading rapidly. Cisco IOS, Ubiquiti Unifi, and so on have major flaws discovered all the time that allow root access using things like CRSF attacks, or even visiting an infected webpage or ad that executes javascript code in your browser and now has full LAN access to do whatever it wants to your router admin interface, without ever having to actually infect a PC/Phone/Tablet. The vast majority of networking equipment, including enterprise, don't have verified boots, TPM modules, cryptographiclly signed updates, etc. Just because a router may "appear secure" how can you really be sure. both of these are actually a security risk. There are millions of secure wifi routers that don't have to authenticate through an app and google. Suit yourself, I find it hard to believe you really have software security experience if your unable to comprehend how Google's architecture is incredibly secure, if not almost over engineered. Would be a nice touch to have so I don't have to pick-up my phone if I'm already signed into my Google account but that's getting into 1st world problem territory.Īs a software engineer with specific expertise in security. I think the only way they could really add a "desktop" page would be through an internet page that you sign into, or integrate it with Google account page where you access all your other Google services. If any device on your network is infected, there is nothing to stop it from accessing the admin page, trying out default passwords, scanning for vulnerabilities, etc. Having Google WiFi natively run a webserver also opens it up to a whole host of potential security problems. If hacker was able to infect a device on your LAN and knows the login info (say keylogger), nothing would stand in their way. If someone got a hold of your Google account credentials from say Russia or China and tried to log into Google WiFi app, Google would have blocked the login attempt and alerted you. Any setting change has to be done through the app which is authenticated against Google, which then talks to a server, which then talks to the WiFi over an HTTPS connection. This done by design for security purposes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |