Agree on lack of support. I have an account that is blocked. I forgot the password since it was always logged in. When I try to recover the password, it asks me a bunch of questions that I am pretty sure I am answering correctly. At the end it just tells me that the account cannot be recovered... even if I had the second factor authenticator still working and I punched in the right code. I searched high and low online but since they do not have any kind of support I have no way out. It is depressing.

To be honest, if someone doesn’t know my password, doesn’t have my 2-factor code, and can’t answer the security questions, I don’t want them to be able to call up customer service and social engineer an account takeover. I don’t think there’s any amount of proof that I could provide but an adversary targeting me couldnt’t fake to convince a call center employee.

What I’m more worried about is their “You violated the TOS. We can’t tell you how you violated the TOS. We can’t unban your account.” If you don’t know someone at Google, you’re out of luck.

Why did not they add the features to OpenWrt trying to make it better? Almost all the forks of OpenWrt die in months. Some lasted only few years. I am afraid that it is a wasted effort.

I think mainline openwrt runs on turris hardware now. From what I remember, the main feature of their fork is/was snapshot management through btrfs. Updates are quite lacking in general on openwrt, so I think it's good that they are doing something about it. Ideally, I would like to run a full distro on routers, and manage it through standard distro tools, now that we have reasonably powerful hardware (like the Turris).

OpenWRT development was stale when Turris started. Don't forget the LEDE fork was born out of problems with OpenWRT development.

I installed Google WiFi for a friend.

I found aggravating that:

- I need a smart phone and install an app to set up and configure the router.

- I also like the effort of simplifying the router configuration but I found it is lacking an "advanced mode"

- why if the Internet is down, the internal network does not work at all?

Wow, really? Am i reading that right, that without an active WAN connection, the internal LAN connections don't work on Google WiFi hardware? That sounds more like an "Internet appliance" than it does a router.

Do you realize that OpenWrt is not very secure and DD-Wrt is even worse?

With a current kernel and updated userland? the no-password root ssh after flashing is vulnerable to others in your local network yes, keep it offline until pubkey-only auth is configured. To save against dropbear exploits, bind ssh to the internal-ethernet interface and if installed, access uhttpd/LuCI only via this tunnel. Other than that it seems equal to other default distribution installs. Apparmor/selinux steps up ubuntus/fedoras game yes, I don't know how much of this has been a concern yet in OpenWrt, a recent talk touches shortly on it. It seems to be a clean, easy-to-configure distribution that is alive and well after the remerge that just got a recent stable-release. Secondary vectors like package-system are a factor. But despite being reliant on the vendor, it buildable by the end-user. I applaud their efforts.

Have you got links or keywords I can search for details about that? (I'm in the middle of a decision about moving to an OpenWRT or Mikrotik router...)

Yup, I do. Have used it on and off since my Wrt54gs.

My point was about availability of updates. Third partu firmwares seem to have a lot more updates than factory ones.

LEDE also merged back with OpenWRT so I hope that improves things.

Rather than poke holes, do you have any suggestions?

Why do you say openwrt is not secure? Just curious to learn.

One thing I hated about ddwrt was how hard it was to get a TLS download and/or hash. Like seriously, if I'm putting this on my router I don't want it coming down by http!

So we should just stick with the inscrutable pre-installed proprietary firmware?