Category Archives: FlashRouters

A Bug on the Comcast Site: Xfinity Customers Need A VPN

Xfinity Logo

Security Flaws In The Xfinity Router Activation Website

Do you lease an Xfinity router from Comcast? If so, you need to start using a VPN as soon as possible.

Recently, security researchers Karan Sanai and Ryan Stevenson revealed the Xfinity router activation website was leaking sensitive information. Sainai and Stevenson found that the website contained several security holes.

First, the website sends customers’ SSIDs and passwords in plain text over the Internet. This makes it easily accessible to anyone snooping on the network.

Second, accounts that are already activated can be “activated” again. Even more so, users only need an account number and street address to access the service.

Essentially, would-be hackers can obtain customer’s SSIDs and passwords with ease. This enables them to gain unauthorized access to routers, exposing unencrypted traffic on customer’s wireless networks.

How To Protect Yourself From Xfinity’s Security Flaw

The good news is that Comcast, Xfinity’s parent company, took down the service and claims that it will “take all necessary steps to ensure that this doesn’t happen again.” Nevertheless, this should cause customers to think twice about leasing devices from Xfinity.

One way to protect yourself from these types of router insecurities is to use a Virtual Private Network, or VPN, to encrypt your wireless network. Unfortunately, Xfinity routers do not support VPN connection, but a FlashRouter supports it natively.

Using A FlashRouter In A Dual Router Setup

Plug and Play VPN Router Privacy

A Dual Router Setup is a network configuration that uses a FlashRouter alongside your Xfinity router. This configuration allows for the use of your unprotected Xfinity network or your encrypted FlashRouter VPN network.

With the new FlashRouters Privacy App, integrating a FlashRouter into a Dual Router Setup is quick and seamless. This is done as easily as plugging in the FlashRouter to your modem router and accessing flashroutersapp.com via the web browser of your choice.

Using this set up gives you the option of staying with Xfinity as your ISP but also gives you the chance of protecting your home wireless network.

Best DD-WRT Wireless-AD Compatible Netgear Router - R9000 Nighthawk AD7200

Check out some of our best FlashRouters of 2018 to protect your network today!

Any questions or concerns? Reach out to our support team for more information.

 

FlashRouters Privacy News Center: US Senator Endorses VPN Service, Router Vulnerabilities, & More Data Breaches

UPDATED: 7/17/2018

Welcome to the FlashRouters Privacy News Center, your one-stop shop for news on worldwide Internet privacy.

Whether it is a hardware vulnerability potentially exposing the privacy of users, a draconian government snooping in on their citizens, or even big company’s data breach, FlashRouters provides a solution for online safety in a constantly changing world. Now, let’s check in on this latest Internet privacy top stories.

FlashRouters Privacy News Center

Router Firmware Vulnerabilities Continually Neglected By Manufacturers

Insignary, a firm performing binary-code level scanning, recently discovered that most wireless router have yet to patch old firmware vulnerabilities. This leaves users open to a variety of threats.

The firm found that the majority of the top manufacturer’s devices contained “high” and “middle” security vulnerabilities, leaving them open to malware and hacks. Some routers even contained “critical” security vulnerabilities, allowing for even more malignant hacks to be implemented.

US Senator Endorses VPN Provider For Government Use

WireGuard, a VPN service, is now being endorsed by US Senator Ron Wyden of Oregon. Wyden cites WireGuard VPN’s top-tier security features for its usage within the government. Some of these features include auditability, enhanced cryptography, and ease-of-use across a multitude of devices and platforms.

Senator Ron Wyden wrote to the National Institute of Standards and Technology to urge out-of-date VPN solutions to be discontinued. In his letter he stated:

“In light of the serious cybersecurity issues with the two most widely-used VPN technologies, I urge NIST to work with stakeholders to evaluate appropriate replacements, including Wireguard, for government use. I also ask that once NIST finds an appropriate replacement, existing VPN guidelines and support should quickly be discarded in favor of the newer alternative.”

Marketing Firm Leaks Database Of 340 Million Records

Although you may not recognize the marketing and data aggregation firm Exactis, they probably already know all about you, along with anyone else that knows where to look. Just recently, security researcher Vinny Troia discovered that Exactis has exposed a database containing nearly 340 million records on a public server.

This is almost 2 terabytes of data on millions of American adults and businesses, including phone numbers, home and email addresses, and a slew of other personal characteristics. Some of these characteristics include interests and habits to even the age and gender of their children.

Luckily, the data breach has since been remedied and removed from the public eye.

Has Adidas Leaked Your Personal Data?

The answer is yes, yes they have. In the age of Internet, data breaches are happening far too often, and now Adidas has joined the list. The company announced last month that customers who have made purchases from the U.S. website may have had data exposed to an unknown entity. The company alerted customers that

“On June 26, Adidas became aware that an unauthorized party claims to have acquired limited data associated with certain Adidas customers.”

This data breach includes encrypted passwords, usernames, as well as contact information could be in the hands of a hacker. Adidas claims that financial and fitness data was not exposed in this breach.

More Steps To Secure Your Home Network

A FlashRouter provides open-source firmware such as DD-WRT, OpenWRT and TomatoUSB to secure and protect your home network from exploits, whether they come from hackers or snooping governments.

Choose from our most popular VPN & Security Enhanced FlashRouters or creach out to our Team of Open Source Experts for more information!

Best Asus Routers for DD-WRT and Tomato Open Source Firmware

Asus RT-AC56U

Here at FlashRouters, we only stock the best of the best wireless router brands available. This includes, but is not limited to Linksys, Netgear, and Asus. Today, we will be highlighting some of our best Asus routers and showcasing how open-source firmware makes them even better.

Open-Source Firmware On Asus Routers

Our Asus routers come pre-flashed with your choice of two different open-source firmware. These firmwares are DD-WRT and Tomato.

Both of these firmwares fully upgrade your router’s capabilities, whether it be stability, performance, or even the ability to use a VPN. Some upgrades include:

Whether your preferred firmware is DD-WRT or Tomato, you will not be disappointed. At this point, there are no major functional differences between DD-WRT and Tomato firmware. The difference between DD-WRT and Tomato firmware shows itself in the design of the graphic user interface (GUI) of each router.

To see the differences between the two firmware, compare and contrast this DD-WRT emulator with this Tomato emulator.

Best ASUS Router For Installing DD-WRT Alternative FirmwareAsus AC5300 - 8 External Antennas

ASUS RT-AC5300 AC5300 DD-WRT FlashRouter – The ASUS RT-5300 comes packed with a powerful Broadcom 1.4 GHz dual-core processor. It boasts 8 powerful external antennas for maximum WiFi coverage for larger homes and offices.

ASUS RT-AC87U AC2400 DD-WRT – The ASUS RT-AC87U sports a Broadcom 1 GHz dual-core processor. It includes 4 powerful external antennas that will be more than enough for a typical home WiFI set up. This router comes with a QSR1000 wireless chip, the only Wireless-AC chip that includes 4×4 MIMO.

Best ASUS Router – Tomato

ASUS RT-AC3200 AC3200 Tomato FlashRouter – With a dual-core Broadcom processor clocking in at 1 GHz, the ASUS RT-AC3200 is nothing to scoff at. It includes six high-powered external antennas for easy coverage of larger homes.

ASUS RT-N66U N900 Tomato FlashRouter – The ASUS RT-N66U, deemed The Dark Knight, includes a modest 600 Mhz processor. Although it may look like a small device, after flashing with Tomato firmware, its internal antenna can reach Wireless-N ranges of up to 450 feet!

The FlashRouters Solution

With a FlashRouter, the problems that come with stock firmware are a thing of the past. Stability issues, security issues, and performance issues are no more.

Benefits of FlashRouters

So what are you waiting for? Upgrade your wireless network with a FlashRouter today!

Does The NSA Sabotage And Backdoor Your Internet Of Things Devices?

The International Standards Organization and the NSA are back at it again. This time, they’re fighting over which cryptographic algorithms to use in our “Internet of Things” devices.

This leads us to pose the question: does the NSA sabotage and backdoor our gadgets?

A History Of NSA Sabotage

The ISO believes the NSA does, in fact, sabotage devices. Furthermore, cryptographic standards are already at risk of NSA sabotage. This has been made evident by the research of whistleblower Edward Snowden.

Snowden’s documents prove the NSA has sabotaged the National Institution for Standards and Technology’s cryptographic standards. These documents effectively nullified and discredited the institution.

Even more so, numerous networking experts claim that the NSA meddled with the now-defunct WEP protocol, furthering these convictions.

A Win For The ISO

For the past three years, the ISO has rejected the NSA’s request that their cryptographic algorithms “Simon” and “Speck” should be the standard in all IoT devices.

These proposed cryptographic cyphers have been effectively shot down by the committee members of the ISO, citing:

Two delegates told WikiTribune that the opposition to adding these algorithms was led by Dr. Tomer Ashur from KU Leuven University, representing the Belgian delegation and it was supported by a large group of countries.

Israeli delegate Orr Dunkelman told Reuters he did not trust the U.S. designers following the September meetings.

“There are quite a lot of people in NSA who think their job is to subvert standards,” said Dunkelman. “My job is to secure standards.”

The NSA said Simon and Speck were developed to protect U.S. government equipment without requiring a lot of processing power, and firmly believes they are secure.

Securing Your Network from the NSA

While the ISO has won this battle, this does not mean that our struggle against the NSA is finished. It is important to take every step you can in order to secure your home network, not only from the NSA, but from all snooping and nefarious traffic.

Using a Virtual Private Network will allow you to tunnel your Internet traffic through a remote server, changing your geo-location and encrypting all of your traffic. However, most VPN providers offer subscriptions with device limitations. Furthermore, not all devices have native VPN support. Devices like gaming consoles and smart TVs require a VPN router for encryption.

With a FlashRouter, like the above-pictured Netgear R7800, you can take advantage of a wireless VPN network, wherein all connected devices will be encrypted by the VPN. This is the case whether or not a device has native VPN support.

Privacy News Round-Up: The CIA, Worldwide VPN Bans, Router Vulnerabilities, & More Data-harvesting

Comcast, AT&T, And Verizon Are Spying On You

After Facebook’s Cambridge Analytica fiasco, people are scrambling to see what other companies are hoarding their private data.

As of last year, Congress allowed companies like Comcast, AT&T, and Verizon to use the same data-harvesting practices like Google and Facebook. Because these companies are Internet Service Providers rather than simply Internet Services, they can amass far more information about users while also leaving them with little choice about what gets collected.

Last March’s ruling allowed ISPs like Comcast and Verizon to monitor their customers’ online behavior. This data is taken and sold to make targeted Internet advertisements, all without the user’s permission.

Some states, like Massachusetts, are introducing legislation to protect users’ rights. Privacy protections like Massachusetts’ Senate Bill 2062 are far more likely to withstand federal challenges, unlike state efforts to restore Net Neutrality.

Is The CIA Trying To Compromise Your Router?

Back in 2017, WikiLeaks published documents alleging numerous hacking tools used by the CIA. This 175-page manual details how to hack home wireless routers not only physically, but also via remote firmware upgrades.

The CIA’s tools, code-named “Project CherryBlossom“, are used to monitor, intercept, and control a user’s Internet activity. Many of these tools work by injecting malware into the router’s firmware. This is commonly referred to as a man-in-the-middle attack and is virtually undetectable by anti-virus software.

Routers infected with the Cherry Blossom exploit are able to:

  • Monitor traffic to obtain email addresses, chat user names, MAC addresses, and VoIP phone numbers.
  • Redirect users to websites with malicious software.
  • Hijack the data streams between connected devices to spread malware across the network.
  • Create VPN tunnels to access clients connected to the compromised network.
  • Copy and store the entire traffic on a network served by a compromised device.

Some allege that infected devices can also spread the exploit to other devices that connect to the Internet via the infected router.

What Happened To The Russian VPN Ban?

Russia VPN Ban

According to the Roskomnadzor, Russia’s Federal Service for Supervision of Communications, Information Technology and Mass Media, Russia still hasn’t requested VPN services to cease and desist yet.

This is because Russia lacks the technical capability and resources to pull off such a feat. To successfully ban VPNs would require extensive funding and technical skill from the government.

Additionally, a large problem is distinguishing between the two different VPN users. These two users consist of those who use it to access illegal content and those who use it for corporate purposes.

Although very unlikely, a blanket ban would solve this problem. Many organizations, specifically the Association of European Businesses, have brought up concerns about the ban impacting the economy.

President Erdoğan To Introduce Turkey VPN Ban

While Russia has been slacking on the ban on VPNs, Turkey is stepping it up. Under the regime of President Recep Tayyip Erdoğan, there have been reports of the introduction of a Turkey VPN ban.

Currently, it is not clear on whether the Turkey VPN ban is already in place or still in testing. According to the Diken news portal, the VPN block is already in place.

Diken News’ report seems to be premature, but it is obvious that President Erdoğan’s regime is planning on going through with the ban. One expert from the Turkish Telecommunications Authority, or BTK, confirms these speculations.

It is advised to research different VPN providers and double check their efficacy in this region.

Over Half Of UK Internet Users Don’t Know About Router Vulnerabilities

Broadband Genie recently discovered that 82% of Internet users have never changed the admin password for their router. They have also uncovered that a whopping 86% of users also have never updated their router firmware.

All in all, a shocking 51% of respondents in their survey stated that they never took any precautionary action in protecting their wireless router.

Now has never been a better time to start protecting your wireless network, especially with the growing popularity of smart home devices. Gagan Singh of SVP & GM Mobile at Avast Software stated that,

“The reality is that many smart devices can be compromised, including thermostats, streaming boxes, webcams and digital personal assistants all through the router – and consumers and small businesses are among the most vulnerable users. The first step is to ensure the gateway into the home, the router, is secure. Otherwise, it can offer cybercriminals an easy way to get into our homes and access our personal information.”

When asked about why users never took steps to protect their network, 48% stated they did not know why they would need to, and another 34% stated they did not know how.

Check out FlashRouter’s guide to securing your home network to protect yourself today!

More Steps To Secure Your Home Network

What Makes a FlashRouter Different?

Take the steps to secure your home network from the CIA and vulnerabilities with a FlashRouter.

A FlashRouter provides open-source firmware such as DD-WRT and Tomato to secure and protect your home network from exploits and hackers.

Choose from some of our most popular FlashRouters or contact our support team for more information!