Don't buy hardware you can't run your own software on. Even embedded software.<p>There are tons of great routers, both consumer and business class that have Atheros CPU and WiFi chipsets that lack binary blob firmware, and support both Linux and BSD:<p><a href="http://wiki.openwrt.org/toh/start" rel="nofollow">http://wiki.openwrt.org/toh/start</a>
<a href="https://wiki.freebsd.org/FreeBSD/mips" rel="nofollow">https://wiki.freebsd.org/FreeBSD/mips</a><p>Pick software first, then hardware that supports it. It's how we do everything else, and routers are no different.
I suspect this is going to cause a significant problem in the future with regaurds to all these embedded home routers that stopped receiving updates 6 months after release. Its essentially an unmonitored backdoor to 95% of networks on earth.<p><a href="http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/" rel="nofollow">http://www.devttys0.com/2013/10/reverse-engineering-a-d-link...</a><p><a href="http://arstechnica.com/security/2014/02/bizarre-attack-infects-linksys-routers-with-self-replicating-malware/" rel="nofollow">http://arstechnica.com/security/2014/02/bizarre-attack-infec...</a><p>Not to mention the similar situation with android phones.<p>What a spectacular mess.
But like, wouldn't disabling internet access altogether also count as a reasonable measure towards security?<p>What if you just didn't connect the device to any network at all?<p>What about that?<p>Are we trying to say that such a thing is unpossible?