[OpenWrt-Devel] CCC and OpenWrt: Technical guideline of German BSI for secure routers insufficient

Hauke Mehrtens hauke at hauke-m.de
Mon Nov 19 18:23:48 EST 2018


The recently released technical guideline for secure broadband routers
is simply a disservice to customers. This guideline will not prevent
widespread malfunction of routers and their security problems in the
future. The consumers will not get a useful way to distinguish secure
and long living devices from risky devices or the possibility to take
care of the security by them self.

Vendors are still allowed to block OpenWrt from the devices they sold,
even after security support for the device was already terminated,
making the device useless.

The Chaos Computer Club (CCC) and OpenWrt took part in multiple review
and discussion rounds with the Bundesamt für Sicherheit in der
Informationstechnik (BSI) and representatives of multiple device vendors
and network operators. These are our two main demands:

1. Vendors have to inform customer before buying the product for all
devices being sold in Germany, how long the device will get security
updates in case problems are found.
2. The customer must have the possibility to install custom software on
their devices, to have the possibility to fix security problems even
after the official vendor support ended.

Press release in German
https://www.ccc.de/de/updates/2018/risikorouter

--------

This was published by the CCC and we published this on our website on
Monday morning.
I plan to provide some more technical details about this process which
started in June 2017 in the next few days.

Hauke

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20181120/55064dc5/attachment.sig>
-------------- next part --------------
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list