[Discuss] Dan Geer's Blackhat talk, iGuardian "enterprise-grade" home router

[Richard Pieri]

There are some points made that I don't agree with.

Comparing his $150 box to a Juniper IPS that costs ten times as much (or
more) is disingenuous. At the very least, his iGuardian isn't an HA
solution like the SRX series. His box doesn't include a role-based
firewall or central management. I could go on but I'd be wholesale
quoting Juniper's sales literature. "Business grade"? Add a check mark
next to the "buzzword compliant" line item.

He lists frequent, easy updates as a feature yet it's an /embedded/
system, an OpenWRT fork which, as we've recently discussed, isn't easily
updated. I'd forgive a lot if his iGuardian were running a live OS the
way that pfSense does but going embedded? That's a big strike against it.

"Cybercriminals want your data". No, they don't. They want your money.
The rise of ransomware has demonstrated that it's easy to extort money
from stupid people who click on every link they see. Ransomware is a
PEBCAK situation. Good luck doing anything about it at the packet level.

Overall: not impressed.

-- 
Rich P.