> they can push a new firmware package to your router and reboot it easily, without you ever knowing. And they log in every day and confirm the hash of the firmware you're running - if it's not on the approved list (which is generally just the current one they have you set for) it automatically re flashes.
This is pretty standard practice for cable providers. The cable company I work for does this to cable modems.
Oh yeah, its not an issue when you're talking about the typical WAN side CPE that only sees outbound traffic and isn't loaded with radios. After all, they can see or do whatever they want to your traffic anywhere in the path. It's a slightly different story when it also has the potential to see all your land side traffic and anything in the 2.4ghz band it can hear.
The cable modems my company provides has built in 2.4ghz, and the company has full admin rights to the modems local admin interface (the customer does not)...
yeah, so that's another good example of the future of administrative subpoena surveillance. I knew that the converged ap and modem was pretty common with dsl providers, but at least the ones i had seen allowed the customer to control what firmware was running.
This is pretty standard practice for cable providers. The cable company I work for does this to cable modems.