NordVPN Promotion

Home / Blogs

More on Broadband Router Insecurity and Being Proactive

Protect your privacy:  Get NordVPN  [ Deal: 73% off 2-year plans + 3 extra months ]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.

Fergie replied on NANOG to my recent post on the subject of broadband routers insecurity:

“I’ll even go a step further, and say that if ISPs keep punting on the whole botnet issue, and continue to think of themselves as ‘common carriers’ in some sense—and continue to disengage on the issue—then you may eventually forced to address those issues at some point in the not-so-distant future.

I understand the financial disincentives, etc., but if the problem continues to grow and fester, and consumer (and financial institutions) losses grow larger, things may take a really ugly turn.”

He is right, but I have a comment I felt it was important—to me—to make. Not just on this particular vulnerability, but on the “war”.

I must admit, vulnerabilities are endless and new exploitation vectors will never end, even if it was possible and we were all 100% secure, someone (an attacker rather than a vulnerability) will find a way to make it 99% again for the right investment or with the right moment of brilliance.

Enough with cheap philosophy though… as tired (even exhausted) as I am of the endless repeating circle which security is, on all levels (from the people involved through the interests involved all the way to the same-old-FUD) I still haven’t burned out, and I am still here.

The world isn’t going to end tomorrow, and even if the Internet was to die (which I doubt it will), we will survive. However, in the recent couple of years a new community has been forming which we started referring to as “Internet security operations”. These folks, for various motives, work to make the Internet stay up and become safer (actually being safe is a long lost battle we should have never fought the way things were built).

With such a community being around, treating issues beyond our little corner of the ‘net is possible to a level, and at least some progress is made. Some anti-virus engineers no longer care only about samples, some network engineers no longer care only about their networks, etc.

Is any of this a solution? No. The problems themselves will not go away, they aren’t in any significant fashion currently being dealt with beyond the tactical level of a fire brigade.

Is it the end than? Of course not. But operations vs. research are determined by intelligence. As we have some intelligence, I can point to yet another annoying vulnerability in the endless circle which those of us who will want to, can study, and if they feel it is justified, defend against. That is the broadband routers issue, which personally I’d really rather avoid.

Unfortunately, this limited defense is what most of us can do at our own homes, or tops as a volunteer fire brigade or neighborhood watch.

The Internet is the most disconnected global village I can imagine, but we all have the funny uncle on another network and a weird one on yet another. I sometimes feel that the old analogy of the Internet to the Wild West is not quite it. Perhaps we are living in the Wild West, only if instead of wastelands and small towns, we have New York city and the laws of a feudal dark ages Kingdom.

Things will eventually change, and some of us will stick around to help that change (or try to). For now though, it is about one vulnerability ignored at a time, and working on our communities.

By Gadi Evron, Security Strategist

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

Cybersecurity

Sponsored byVerisign

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

NordVPN Promotion