Cisco IOS, Ubiquiti Unifi, and so on have major flaws discovered all the time that allow root access using things like CRSF attacks, or even visiting an infected webpage or ad that executes javascript code in your browser and now has full LAN access to do whatever it wants to your router admin interface, without ever having to actually infect a PC/Phone/Tablet. The vast majority of networking equipment, including enterprise, don't have verified boots, TPM modules, cryptographiclly signed updates, etc. Just because a router may "appear secure" how can you really be sure. both of these are actually a security risk. There are millions of secure wifi routers that don't have to authenticate through an app and google. Suit yourself, I find it hard to believe you really have software security experience if your unable to comprehend how Google's architecture is incredibly secure, if not almost over engineered. Would be a nice touch to have so I don't have to pick-up my phone if I'm already signed into my Google account but that's getting into 1st world problem territory.Īs a software engineer with specific expertise in security. I think the only way they could really add a "desktop" page would be through an internet page that you sign into, or integrate it with Google account page where you access all your other Google services. If any device on your network is infected, there is nothing to stop it from accessing the admin page, trying out default passwords, scanning for vulnerabilities, etc. Having Google WiFi natively run a webserver also opens it up to a whole host of potential security problems. If hacker was able to infect a device on your LAN and knows the login info (say keylogger), nothing would stand in their way. If someone got a hold of your Google account credentials from say Russia or China and tried to log into Google WiFi app, Google would have blocked the login attempt and alerted you. Any setting change has to be done through the app which is authenticated against Google, which then talks to a server, which then talks to the WiFi over an HTTPS connection. This done by design for security purposes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |