Unofficial poll suggested by @irvinewade
Some background (among other older threads):
- I don’t want a Librem router.
- I want a Librem router.
- I’ve read some of the discussion but I’m undecided.
Unofficial poll suggested by @irvinewade
Some background (among other older threads):
Make it so you can use it from your L5 acting as a hotspot or tethered. (Too bad it is only 4G for bandwidth.)
I chose the “undecided”.
Do I want one? Yeah.
Would I buy one? Not likely.
I built a router out of an x86 mini-PC a couple years back and it’s been serving me great. No reason to change it up.
That said, were a Librem router around when I thought to do this project, I might have bought the Librem router instead. What I would have wanted out of it is what I got from my build - a small but powerful-ish x86 device with at least 4 ports, Open-WRT, and the speed to run a few services on top of the OS (VPN, ad-blocking, etc.)
I’m personally more interested in the router this guy is making: https://m.youtube.com/@tomazzaman
I prefer his communication compared to what I’ve seen from Purism.
Same channel proxied through my Poke instance:
I want a Librem router, only if it is mesh though. I am poor, but i would pay more for a Librem router than my Google Nest router.
I would certainly be interested. However it would have to meet my functional and other requirements - and that is one of the challenges since everyone has slightly different requirements and there is a very large set of possible functions for a router. For example
would be a negative for me. I really would want only a router and if WiFi were mandatorily available, I would just turn it off. (If WiFi is an option then that is better because I could order without WiFi.)
Still, that raises a good question about the state of play in the Linux world of WiFi distribution via mesh or similar technologies.
I wonder if Google chose the name with a deliberate nod to cuckoos and brood parasitism in general. No way would I invite Google into my nest. Or maybe a nod to Nest of Spies.
Spoil sport.
Normally I would but I think there are already others doing it:
So wouldn’t it be better for Purism to dedicate efforts elsewhere?
I rather doubt either of those are offering MAC randomization on the router/WAP side. That’s the killer app in my view, but everyone has their own aspirations for a custom router. Anyway it’s still good to know what’s out there so the dev team will know what they’re competing with.
I like all the other debate above but I’ll step aside for the most part and let it roll. Highly enthused!
Router ignoramus here, but isn’t MAC randomization already possible in software and you are looking for hardware switches for convenient and deterministic control?
The Turris MOX is modular (1 to 25 LAN ports, 0 to several WiFi cards, etc). I would think a MOX addon module with physical switches and some glue electronics would be a more feasible project for Purism.
Taking a step back to the bigger picture … the router was to offer WiFi as the WAN side before it is even relevant whether it offers MAC randomization.
I’m reasonably confident that my current COTS router wouldn’t even be capable of making the WiFi the WAN side, rather than part of the LAN side where it normally is.
Can’t you just physically unplug the module? (Does it allow hot plug?) I admit it has been a while since I looked at the modular offering from Turris.
If you look back at the topic from whence this one came, the OP really wanted something portable. I personally think that modularity and flexibility are in conflict with portability but in any case, you would want to look at the size and mass of a suitable set of modules.
I doubt the modules are hot pluggable, but unplug which module and why? And a module with physical switches to set an IP address doesn’t exist.
I’ve never seen one in person, but from their forum I gather a MOX is considered more portable than an Omnia, in part because any antennas are internal.
Unplug the WiFi module as an alternative to having a Hardware Kill Switch for it.
I voted “no”. There are 2 reasons why I prefer Purism’s hardware:
(1) is the “killer feature” for me. Librem laptops give me control over the TPM. I would not consider any other laptop that would downgrade this ability. This is not particularly relevant for my router. I don’t network between different devices on my home, so anything I’m sending to my router is going to the internet anyway. And there’s no real difference between a compromise of my home router and a malicious router 3 hops away. The infrastructure is already untrusted (this is why HTTPS is a thing), so improving the security of the first hop doesn’t really improve my security at all.
Trusting users to know what they’re doing is not the same as being inconvenient: Purism went out of its way to get firmware for the librem key so that the boot-up process was easier. This is a good thing.
It also does not mean avoiding tools and services which makes the products more accessible to users who don’t have the time/energy to manage their security manually. The option to receive a librem key with pre-generated PGP keys and anti-interdiction/separate packaging makes the product more accessible to less technical users and this is a good thing.
(2) would still be there, but I already have options for libre routers. And since I’m treating my router as untrusted and not doing anything complex with it liberating it is a low priority for me. I know other people like to use their router as a file server, to funnel everything into a VPN, etc. If I was doing things like that it would be more important to me.
Going to back to the original post linked above, it’s MAC randomization of all interfaces to the box, i.e. WAN, LAN, and WAP. Ideally it would come with an optional repeater kit which has a MAC that’s also randomizable, or just does so automatically each power cycle. I proposed a solution based on proof-of-work which allows the user to prove that (1) Purism can’t possibly know the new MACs after a randomization cycle but (2) it’s intractable to deliberately copy someone else’s MAC so you can impersonate them. (This isn’t foolproof because anyone can do that with some effort and hardware, but the point is it removes Purism from liability in that regard so they can get on the engineering.)
@skyvine This ^ is the real value add for me personally. Not so much that a Purism router would presumably be harder to compromise than some COTS crap developed by a popular vendor (although that’s a nice bonus). I just don’t want to drag around immutable MACs that leak my locations to the local crime syndicates.