I didn’t make a claim that there are hardware vulnerabilities in WRT devices (open- or DD-); what I was saying is that these custom firmwares seem to be larger than the default and that the use of Linux kernels (AFAIK) can make them more susceptible. As usual, I must stress my lack of technical knowledge, as well as the fact that I was explicitly speculating.
On top of that, another ‘attack surface’ is the maintainer. For example, DD-WRT was maintained by Kong for a long time–every router had a Kong build. Now it’s some other maintainer (it’s a mess). DD-WRT firmware is updated frequently, to the tune of multiple betas per month. One just can’t help but wonder who, if anyone, keeps an eye on all of these builds for all of these routers, and what sustains such a massive operation. But then I haven’t really looked into the issue much further.
To be clear: this isn’t an attack on the WRT community writ large. It’s the ones packaging them for mass deployment that leaves me wondering. AFAIK Open-WRT is far smaller than DD-WRT in that regard.
As a non-technical person, I can’t take most of the measures you described, so trust is also a big factor. This is why I’m beginning to lean towards security-focused commercial brands instead of SOHOs with DD-WRT. I’m even exploring RPi routers, which is a nice segue for my questions:
Since you seem like a router buff, what are your thoughts on taking a tiny distro like Alpine Linux and making an RPi router, maybe with VPN? How would that compare to a DD-WRT SOHO or a more professional router?
What about hardware firewalls? Are they overkill for individuals?
Sorry for bombarding you with all these questions–it’s just that router security has always been a main concern and I’ve never gotten a hold of someone with the relevant expertise. My main source of info has been Michael Horowitz’s site.