TPLink Archer C7 - Worth it ?

[poster100]

Hi,


I have a very old Asus N300 router, and have just bought a TPLink Archer C7 v2. My requirements are simple; a semi-decent budget router which is stable and hopefully better range, this is my first AC router.

I haven't opend the box yet, but I have read a couple of horror stories online.

From TPLink routers which have unpatched (still?) securirty holes which users wouldnt touch with a barge pole

http://www.snbforums.com/threads/router-advice.30053/#post-236283

And on DDWRT firmware, where AC range is still relatively poor compared to the stock firmware. A lose-lose situation. Is the router really that bad ?

 

[L&LD]

Hi,


I have a very old Asus N300 router, and have just bought a TPLink Archer C7 v2. My requirements are simple; a semi-decent budget router which is stable and hopefully better range, this is my first AC router.

I haven't opend the box yet, but I have read a couple of horror stories online.

From TPLink routers which have unpatched (still?) securirty holes which users wouldnt touch with a barge pole

http://www.snbforums.com/threads/router-advice.30053/#post-236283

And on DDWRT firmware, where AC range is still relatively poor compared to the stock firmware. A lose-lose situation. Is the router really that bad ?

With the third party drivers that DD-WRT firmware relies on to offer more features, the 'con' is that the performance gets a big hit.

With the security holes that TP-Link allows (by not updating components within it's firmware), to me, yes, it really is that bad.

http://www.snbforums.com/threads/ra...e-routers-cripple-security.29893/#post-232348

Consider yourself lucky that you haven't opened it and worst, install it to protect your digital life.

Some say that the TP-Link products are the best bang for the buck. I say, you get what you pay for.

 

[poster100]

With the third party drivers that DD-WRT firmware relies on to offer more features, the 'con' is that the performance gets a big hit.

With the security holes that TP-Link allows (by not updating components within it's firmware), to me, yes, it really is that bad.

http://www.snbforums.com/threads/ra...e-routers-cripple-security.29893/#post-232348

Consider yourself lucky that you haven't opened it and worst, install it to protect your digital life.

Some say that the TP-Link products are the best bang for the buck. I say, you get what you pay for.

Thanks for the info. Is there a way I could easily check the software components of the firmware for my model (TPLink Archer C7 v2), - by extracting the firmware and analysing the components above ?

And If not, then how would anyone ever know if the router model they are buying has outdated software components ?

 

[CiscoX]

Thanks for the info. Is there a way I could easily check the software components of the firmware for my model (TPLink Archer C7 v2), - by extracting the firmware and analysing the components above ?

And If not, then how would anyone ever know if the router model they are buying has outdated software components ?

Hi,

Maybe this is what your are looking for?
http://www.tp-link.com/resources/simulator/Archer C7_2.0/Index.htm

 

[L&LD]

Thanks for the info. Is there a way I could easily check the software components of the firmware for my model (TPLink Archer C7 v2), - by extracting the firmware and analysing the components above ?

And If not, then how would anyone ever know if the router model they are buying has outdated software components ?

Sure, you can download the source GPL code for your model and analyze away (almost half a GB download).

http://www.tp-link.com/en/download/Archer-C7_V2.html#GPL-Code

Or, if your skill set is more limited (like mine is) read and follow all posts on a forum such as this (and especially certain posters like RMerlin) and get the executive overview of that analysis by the experts.

The link @CiscoX provided, while helpful in itself, is just a simulator. Won't work well to dig into the underlying strengths and/or weaknesses of the firmware we rely on to guard our digital front doors.

 

[htismaqe]

With the third party drivers that DD-WRT firmware relies on to offer more features, the 'con' is that the performance gets a big hit.

CAN get a big hit. I use DD-WRT on my Linksys and it outperforms stock in many ways.

 

[poster100]

Sure, you can download the source GPL code for your model and analyze away (almost half a GB download).

http://www.tp-link.com/en/download/Archer-C7_V2.html#GPL-Code

Or, if your skill set is more limited (like mine is) read and follow all posts on a forum such as this (and especially certain posters like RMerlin) and get the executive overview of that analysis by the experts.

The link @CiscoX provided, while helpful in itself, is just a simulator. Won't work well to dig into the underlying strengths and/or weaknesses of the firmware we rely on to guard our digital front doors.

Thanks for the Info. Selecting a router is minefield, I wouldn't have a clue on how to analyse the source code to see which components are used (openssl, busybox etc).

I get it but I dont get it. I understand that there are inherent vulnerabilities in the firmware, due to the way it developed/libraries etc. But there is no central database/website which list the firmware components used in, for example, the top 200 routers available today.

How is anyone to know ? And if there is no easy/real way of knowing you may as well pick any !?. You can assume that TPLink will be poor across all their routers models, but can't be sure. Conversely is Asus usually very secure?

 

[htismaqe]

It really comes down to post-release activity. It's not that Asus is more secure out of the box, it's that Asus is much more active in patching security holes once they are found. Add in the robust 3rd party support and you have a much greater chance of being secure. That being said, nobody is perfect.

 

[poster100]

It really comes down to post-release activity. It's not that Asus is more secure out of the box, it's that Asus is much more active in patching security holes once they are found. Add in the robust 3rd party support and you have a much greater chance of being secure. That being said, nobody is perfect.

Based upon the (sometimes) limited info you have, and the reputation of certain manufacturers you can choose/stack the odds in your favour. It seems like its quite difficult to know for certain without a degree of technical knowhow.

Looking the the Google doc spreadsheet, even the Netgear come off pretty bad.

I'm still aching to open the box in front of me, instead of doing hours of research looking for other models which may or may not be more secure.

 

[L&LD]

CAN get a big hit. I use DD-WRT on my Linksys and it outperforms stock in many ways.

I think that with Asus models though, a third party driver is a requirement and this is what determines the performance the device will be capable of?

 

[L&LD]

Thanks for the Info. Selecting a router is minefield, I wouldn't have a clue on how to analyse the source code to see which components are used (openssl, busybox etc).

I get it but I dont get it. I understand that there are inherent vulnerabilities in the firmware, due to the way it developed/libraries etc. But there is no central database/website which list the firmware components used in, for example, the top 200 routers available today.

How is anyone to know ? And if there is no easy/real way of knowing you may as well pick any !?. You can assume that TPLink will be poor across all their routers models, but can't be sure. Conversely is Asus usually very secure?

You're welcome.

But just picking any is not an option either.

As htismaqe said, Asus is preferred because it is active on issuing firmware updates even for it's much older models. I do not know of any other manufacturer that does this.

That is why Asus is the best choice for me.

 

[htismaqe]

Based upon the (sometimes) limited info you have, and the reputation of certain manufacturers you can choose/stack the odds in your favour. It seems like its quite difficult to know for certain without a degree of technical knowhow.

Looking the the Google doc spreadsheet, even the Netgear come off pretty bad.

I'm still aching to open the box in front of me, instead of doing hours of research looking for other models which may or may not be more secure.

Your other choice is to try DD-WRT or other open-source firmware. It's community-driven so it's community-secured.

 

[htismaqe]

I think that with Asus models though, a third party driver is a requirement and this is what determines the performance the device will be capable of?

That's the case with all of them, to my knowledge. While that means it's entirely possible for there to be issues, it's not a guarantee. For example, the 3rd-party driver for Marvell/Linksys still has a few wrinkles and issues (bridging doesn't work at all) but for me, DD-WRT is just far more stable. I took a bit of a hit on 2.4Ghz throughput (range is similar to stock) but 5Ghz range and throughput are both improved over stock. I've also been up for 74 days and counting, which never happened with stock firmware.