The passive power load of having everyone lash up a Linux or PFSense server to their ISP appliance in order to improve security addresses one problem but creates another. I like the idea of using an appliance like an off the shelf router and replacing the firmware, but that’s a long reach for a lot of people.
I’ve flashed DD-WRT a dozen or so times, but that didn’t keep me from bricking a gigabit ethernet TP-Link last year (fortunately, I was able to recover it through an arduous process that involved soldering in a USB port). Still have no idea where that went awry. I’m using OpenWRT now, but it’s not something I would recommend to a nontechnical relative who’s becoming concerned.
I have to hand it to the nation state hackers out there. They’ve managed to become a global threat with no effective solution.
