There was a project back in 2013 called PORTAL. "Personal Onion Router to Assure Liberty". It used a GL.iNet travel router. At that time, there were no model numbers. I bought one ($18 on the 'Zon), and upgraded the flash to 64GB.
The company noticed that 1) folks were upgrading storage, and 2) hackers were adding pins so they could connect to the serial port. They then modified their production to include both of those hacks. They called it the "6416".
I've gone on to buy many of the GL.iNet devices. I take a Brume with me on travel. Their built-in software (OpenWRT with a custom WebGUI) is so handy that, despite knowing they have anti-features built in, I just use it as-is. I normally use it's 802.11ac radio to connect to the hotel, and copper Ethernet to my machine. But with dual antennas, you can also connect wirelessly without going half-duplex.
That DIY 6416? I use it as my home WAP, configured as a bridge to my central switch. It's been running 24/7 since 2015 or so.
GL.iNet also make an open-source hardware design. So if you're uber-paranoid, you can build your own.
At one time when the router was powered up, it would attempt to send your IP address and router serial number back to GL.iNet. Theoretically, that was to enable a Dynamic DNS service that they ran. It could be turned off, but if you had it connected to the Internet at the time, your info leaked. So I would ensure the first power-on had no WAN, so I could go in and turn off all that stuff. I consider that a dark pattern, and it makes me generally suspicious of the vendor.
Not that I'm not a big fan. These things are exactly what I need for travel. And my company sends me places with iffy Internet connectivity, so I have found it incredibly useful to have a tiny device which can set WAN to be wireless, wired, or cell-modem. I used to wipe it and reload with OpenWRT.
When you find a company who sees what users are doing (like populating the serial port), and that company changes their device to do that by default, you've got someone who actually cares about customers.
The problem, really, is China. Just like Russia, China has laws requiring full cooperation with the MSS by all electronics manufacturers. So I just assume breach, meaning my devices are either back-doored at the factory, or are sigint-ready just by pushing out a new system image. If they have your device ID and external IP address, they can probably target specific people who are high-value.
Just to be fair, the NSA has been caught fiddling with crypto to make it "sigint ready". Snowden showed photos of NSA re-boxing Cisco gear (where do you suppose they got that Cisco-branded anti-tamper tape?) Everyone spies; it's just a fact of life.
The company noticed that 1) folks were upgrading storage, and 2) hackers were adding pins so they could connect to the serial port. They then modified their production to include both of those hacks. They called it the "6416".
I've gone on to buy many of the GL.iNet devices. I take a Brume with me on travel. Their built-in software (OpenWRT with a custom WebGUI) is so handy that, despite knowing they have anti-features built in, I just use it as-is. I normally use it's 802.11ac radio to connect to the hotel, and copper Ethernet to my machine. But with dual antennas, you can also connect wirelessly without going half-duplex.
That DIY 6416? I use it as my home WAP, configured as a bridge to my central switch. It's been running 24/7 since 2015 or so.
GL.iNet also make an open-source hardware design. So if you're uber-paranoid, you can build your own.