OpenWrt, which is short for Open Wireless Router, is an open-source project based on Linux mainly used on embedded devices for network traffic routing. It started in January 2004 after LInksys obtained a GNU General Public License for its WRT54G series router firmware, which required the company to make its source code open to other users under GPL terms.
Now, OpenWrt is already used as a base for up to 30 percent of home routers and CPE devices worldwide. Most Wi-Fi AP chipset manufacturers have SDKs based on OpenWrt. Also, OpenWrt and its derivatives have a bigger combined market share compared to Google Wi-Fi and RDK-B (from Comcast).
OpenWrt’s success, however, was not an easy ride. One significant bump in its development was the disagreement among developers because of an alleged lack of communication, transparency, and coordination. This resulted in the forking of the code into LEDE in 2016, with the development team behind it also saying that they were compelled to do it partly because of technical shortcomings, inadequate testing, poor stability and documentation, and the lack of regular builds under the original development team.
LEDE eventually merged back into OpenWrt at the start of 2018. Most of LEDE’s features and functions were integrated into the updated OpenWrt. The project has since become stronger, with its ecosystem now broader and evolving with changing user needs.
OpenWrt Security in the age of IoT
With the issues among OpenWrt’s developers largely addressed after the LEDE “remerging,” it is safe to say that the project has been adequately and regularly updated for security and other concerns on the developer side. OpenWrt security, though, is far from ideal. It only relies on updates or security patches like the update released for version 18.06.9 to address the SAD DNS risk or the patches for versions 18.06.7 and 19.07.1 to resolve the CVE-2020-7982 code execution bug.
Unlike full-fledged desktop operating systems that come with pre-installed or built-in cybersecurity defenses, it has no means of stopping aggressive attacks or the self-awareness to detect vulnerabilities. It is designed for low-resource devices, after all.
Still, OpenWrt security is one of the notable examples of the project’s evolving ecosystem. Developers cannot be expected to integrate advanced security features and functions into it, so third-party security providers have decided to step in.
For example, Sternum just announced a free OpenWrt security license, showing just how relevant the project has become. Natali Tshuva, CEO and Co-founder of Sternum, says that their “game-changing” decision to offer the first ever free security solution for OpenWrt users addresses the issue of trust in IoT device security. As Tshuva explains, trust is one of the crucial reasons why organizations do not include IoT security in their priorities.
OpenWrt is one of the top IoT operating systems and Sternum’s announcements of a free license for its security product makes OpenWrt a testing ground for security and observability solutions aimed at IoT. The growing use of IoT devices has significantly increased cyberattack surfaces, and OpenWrt plays an important role in exploring the most effective ways to keep up with the changing threat landscape.
From routers to a host of other devices
As mentioned, the origin of OpenWrt starts with a famous LinkSys router. It was designed for routers and later adopted for other networking devices such as switches and residential gateways. Now, it is being used by a multitude of other devices, even smartphones, and personal computers.
OpenWrt’s use in the Internet of Things is particularly remarkable. Before, for companies to “bring devices to life,” they had to go through kernel compilation and gradually get the library and many other components working. It took around a month to get things done. Now, devices may already come with a working OpenWrt cross-compilation toolkit out of the box. All that needs to be done is to identify the makefile for a specific platform to make the device operational. The company only has to go through five or more choices, like the setting of the target processor and everything is set.
With OpenWrt, a highly customizable freeware, it is possible to create any custom hardware with which Linux works. Also, companies can install third-party open source packages and be expected to work on the custom device. OpenWrt has made life considerably easier for developers and companies selling smart or web-enabled hardware, particularly IoT devices.
With all the ease and other advantages, it should not come as a surprise that OpenWrt is used across a vast range of devices including single-board computers, range extenders, emulators, NAS, WiFi APs, modems, cameras, and of course routers. Numerous manufacturers or brands also use it including Asus, ALFA Network, ALLNET, D-Link, COMFAST, Compex, EnGenius, GL.iNet, Huawei, Marvell, Mikrotik, PC Engines, Linksys, Open-Mesh, TP-Link, Ubiquiti, ZyXEL, ZBT, WeVo, Youku, and Xiaomi.
Projects that adopted the OpenWrt Buildroot system
Beyond devices, OpenWrt has also expanded and evolved further, as its Buildroot system. was adopted as the structure for other projects. The Cloudtrax replacement AltiWi, for one, runs OpenWrt 19.07 RC2. The IETF IPv6 integration projects HIPnet and HomeNet are based on OpenWrt. Similarly, prplOS, a framework designed to run Prpl Foundation routers and gateways, uses OpenWrt.
Several OpenWrt derivative projects also exist. The Gluon framework for developing OpenWrt-based firmware for mesh network deployment is derived from OpenWrt. Qualcomm’s QCA Software Development Kit is also an OpenWrt derivative. The firmware used by The Amateur Radio Emergency Data Network is based on OpenWrt. Other notable derivative examples are the Gargoyle web interface, Fon wireless routers, the Midge and FreeWRT Linux distros, the PacketProtector security distribution, and a few grassroots wireless community network projects such as Libre-Mesh and Freifunk.
Growing and improving
OpenWrt is one of the leading choices for those seeking to improve their firmware (versus their stock) because it delivers stability, high performance, extensibility, and Linux-based configuration. Even better, it comes with wide community support and has the reputation of being the go-to research platform for teams that are undertaking cutting-edge research into networking projects. Moreover, it surely does not hurt that it is available at zero cost.
With the project’s committed developers, open source nature, and steadily growing user base, the OpenWrt ecosystem has expanded and evolved to be more than just routers and networking. It is even contributing to IoT security development and security solution adoption.