There have been a number of articles recently "discussing" the ability of "some people" to use common devices for surveillance. Among the devices mentioned is the "humble home router". How secure are routers running LEDE and how can they be made secure?
LEDE is far more secure that normal routers because the software is more up to
date and so has far fewer known holes in it. The default configs are pretty
decent (there's always a tension between 'easy to use defaults' and 'secure
defaults')
The biggest threat to LEDE devices is the lack of updates over time. This is not
a matter of LEDE not being able to update, but rather the fact that people don't
like to go to the effort of updating anything. Due to the small amount of
storage on the devices, many devices do not have the ability to update in place,
they need to be flashed from scratch each time.
On factory firmware, not only are there lots of known vulnerabilities, but in
many cases there are default passwords in place. These require something
connecting from the inside, but if you are targeted, that's not hard to do.
David Lang
To be honest and mostly a general answer, I don't even think the router has to do anything in regards to surveillance. The main issue arises from people with the lack of knowledge in the internet world that exposes themselves to these dangers. In addition, this type of surveillance is not just targeting PC's but also your phones via apps simply because users have the "need" for using a specific type of apps w/o looking into it deeper security wise.
So to sum it up: I don't think most people should worry about their routers since its always possible to hack them when targeted but most of the surveillance techniques are use by other means to target a mass amount of people.
On the contrary, I believe that the router is absolutely the most crucial piece to safeguarding your privacy. If the third parties own (as in hacked) your router, they own your home network and any devices connected to it.
You absolutely should worry about securing your router as it's a first and last line of defence between your devices and all the internet hackers.
There was a long debate on the "Why use LEDE" article which is a great read and it touches on security aspects as well as other LEDE features, but LEDE is infinitely more secure than stock firmware on the most home-use routers because:
- It's based on the popular open-source components used in other Linux distributions.
- It allows you to install updates while most vendor firmware is rarely updated, even for critical issues.
- It's open source with lots of eyes/hands on the code and thus it lacks backdoors and known security issues some vendor firmware has.
While I agree with stagri and dlang that the OpenWrt\LEDE routers are more secure when compared to vendor firmware, I am inclinded to also agree with komawoyo in that (what I think he is saying) these IoT devices (Echo, Alexa, Cameras - Drop Cam, Door Locks - August, Light bulbs - GE, Thermostats - Nest, hubs - Zigbee, Zwave, Smart TVs?, etc) are, I believe, creating DDNS servers with out clear disclosure to the users and little if any option to be run locally. This potentialy leaves users with multiple security holes that, to the best of my knowledge, have been (un)conciously allowed through what ever router one has. Multiple big name vendors now have avenues in to our homes, and as we have seen, these bigger targets are not imune to hacking.
While I think Home Assistant can be run localy, it is not clear from the reading if one still needs to create a vendor account for my IoT device, which defeats the purpose.
Have I missed something?
The fact that you have (easy-to-break-thru) windows is not the reason to leave the front door open, is it? 
Fully agree, just wish that the windows had a bullet proof option.
1 Like
While I agree with stagri and dlang that the OpenWrt\LEDE routers are more secure when compared to vendor firmware, I am inclinded to also agree with komawoyo in that (what I think he is saying) these IoT devices (Echo, Alexa, Cameras - Drop Cam, Door Locks - August, Light bulbs - GE, Thermostats - Nest, hubs - Zigbee, Zwave, Smart TVs?, etc) are, I believe, creating DDNS servers with out clear disclosure to the users and little if any option to be run locally. This potentialy leaves users with multiple security holes that, to the best of my knowledge, have been (un)conciously allowed through what ever router one has. Multiple big name vendors now have avenues in to our homes, and as we have seen, these bigger targets are not imune to hacking.
While I think Home Assistant can be run localy, it is not clear from the reading if one still needs to create a vendor account for my IoT device, which defeats the purpose.
That depends on the device. Home Assistant does not require that your devices
have a vendor account, but the individual devices may.
This is why I only use devices that I can control completely, like the ESP-8266
based sonoff devices (using the firmware from
https://github.com/arendst/Sonoff-Tasmota )
far too many IoT devices are horribly insecure, and leak info out to the
Internet in the clear (and allow control commands from the Internet in the
clear)
David Lang
I could not find this documented, but pretty much what I expected.
I also know that the older Lutron Radio Ra2 products can be run locally, but understand that there is now a hub option. It's been about 5 years since I installed this stuff, so not clear on the latest tech.
http://www.lutron.com/en-US/Products/Pages/WholeHomeSystems/RadioRA2/Overview.aspx