More than 260 cybersecurity experts, who are members of an outfit called Bufferbloat, have asked the Federal Communications Commission (FCC) to push for router makers to make their source code available "in a buildable, change-controlled source code repository" online as a conditioned for being licensed for use in the US.
The logic is that closed-source router firmware exposes users across the internet to security vulnerabilities. If these routers' firmware were availab
le for scrutiny online experts and developers could work together to battle vulnerabilities without having to wait for router makers to release a patch.
Dave Taht, co-founder of Bufferbloat, an initiative to improve router performance said that manufacturers often ship routers that are vulnerable to known exploits, putting consumers and the wider internet at risk as soon as the routers are turned on.
Making the matter worse is how few consumers bother to upgrade their firmware if patches are released.