Networking

Loon, the Google(x)-incubated company that sought to provide internet access in developing economies, is shutting down. In the de rigueur Medium swan song, CEO Alastair Westgarth details some of the project’s impressive accomplishments, including keeping Loon’s balloons aloft in the stratosphere for hundreds of days and finding a way to launch objects the size of a tennis court. Westgarth notes that Loon was able to provide mobile internet access to an area over 4,200 square miles, hundreds of times the coverage of a cell tower. Things seemed to be looking up last summer when the Alphabet portfolio company began offering commercial service in Kenya. Ultimately, though, Loon couldn’t be made to work inexpensively enough to provide service for the hardest billion users to reach. 
Loon is far from the first company to try to deliver internet access from above, although balloons were certainly the lightest-weight and option ever tried at scale. In the early days of mass internet adoption in the late ’90s, a few startups tried delivering the airborne internet. Efforts included Angel Technologies’ HALO (High Altitude Long Operation) scheme to provide internet via lightweight planes. There was also Sky Station, a blimp-based effort that had former Secretary of State Al Haig “in control” as well as the support of Sirius Radio finder and digital immortality advocate Martine Rothblatt.
There’s something particularly sad about Loon winding down and not only because of its lofty mission. While it didn’t compete with some of X’s more health-oriented efforts in terms of potential contribution to humanity, it reminded us of a simpler Google, one that had recently done much to make the web useful and thus helped to jump-start so many of its benefits to citizens in wealthier nations. Nowadays, though, Google isn’t the only company launching moonshots. Last year, SpaceX launched StarLink, a satellite constellation for delivering internet access, while Amazon won FCC approval for its competing satellite constellation Kuiper, in which it is investing $10 billion.
Both efforts, though, are focused on internet access in the US, at least to start. As Westgarth writes, “The world needs a layered approach to connectivity — terrestrial, stratospheric, and space-based — because each layer is suited to different parts of the problem.”
Loon’s landfall doesn’t mark the last of X’s efforts to improve internet access. Taara is an offshoot of Loon that was developed to facilitate communication among the balloons. The system uses light for point-to-point Free Space Optical Communications that it describes as being “like fiber, but without the cables.” Its website cites a 7x difference in internet speeds between countries with the slowest and fastest access, and has piloted its backhaul technology in India and Africa to connect cell towers and Wi-Fi hotspots.
But for those who, like Westgarth, were inspired by the graceful journey of Loon’s ethereal balloons as they moved through the stratosphere, Loon leaves behind an industry association aiming to further the transfer of bits using high altitude platform stations. The HAPS Alliance includes carriers such as AT&T, Telefonica, and T-Mobile as well as infrastructure providers such as Nokia and Ericsson. Without Loon, though, the near-term potential looks cloudier than any sky that Loon’s balloons once traversed.
See also: More

We can’t live without e-commerce and our favorite apps, but have you ever considered the work that goes into making them run smoothly and beautifully? Behind every website and mobile app are developers and designers who painstakingly ensure that your experience is as seamless as possible. 

This app-driven economy depends on web developers and digital designers to thrive. In fact, the Bureau of Labor Statistics predicts employment for roles to grow 8 percent between 2019 to 2029, so if you want to find work in this growing industry, this $35 training bundle has 14 courses to put you on the right track. 
The Ultimate 2021 Web Developer and Designer Super Bundle features 39 hours of content on design fundamentals and some of the most popular coding languages used today. These courses are taught by Laurence Svekis and Kalob Taulien, two prof instructors who have decades of experience in web development. They both have a passion for teaching and combined have instructed nearly 1 million students on Udemy alone. 
This bundle includes some of Laurence and Kalob’s most popular courses, but you should decide whether you’re more interested in coding or design first. Kalob’s courses, HTML 101: A Beginner’s Guide to Coding and CSS 101: A Beginner’s Guide to Beautiful Websites, will introduce you to both aspects of web development. They cover the basics such as understanding syntax, HTML base page structure, writing inline and internal CSS, and much more. 
From there, you can pursue HTML and CSS further with Kalob’s intermediate and advanced courses. Alternatively, Laurence offers courses on JavaScript as well as hands-on projects that will teach you how to build games with this versatile language. 
As everything we do becomes app-based, our need for web developers and designers will continue to grow. So if you’re looking for a stable career with plenty of opportunities or a way to make income on the side, The Ultimate 2021 Web Developer and Designer Super Bundle offers all the material you need to get you started. These courses range from $99 to $199, but you can get all 14 courses today for just $35. 

ZDNet Recommends More

For many of us, the bog-standard, default router supplied by our Internet Service Provider (ISP) at the time we signed up for broadband was once enough. 
However, in the past decade, the widespread adoption of mobile technology including smartphones and tablets, Internet of Things (IoT) devices such as smart lighting and security cameras, and the popularity of streaming services — Netflix, Amazon Prime, and Spotify, to name a few — are now causing our old routers to creak under the strain. 
Each device we connect to our router demands bandwidth. The COVID-19 pandemic has contributed to the need for speed, capacity, and reliability in the home router space now we are faced with the added burdens of working from home and teaching our kids remotely — not to mention using the Internet for entertainment rather than venturing out of doors. 
To keep our homes and remote work setups running smoothly now is the time to consider what type of router you need, for now, and in the future. 
When you search for different options online, a plethora of features are available: Wi-Fi 5 / 6, mesh, voice-assistant supported, Ethernet and wired, mobile and LTE support, and more. While many features could be superfluous to your purposes, there are two main types of product to consider: a traditional router, or mesh network. 
Also: Best mesh Wi-Fi system for the office or home in 2021 | Netgear Orbi 4G LTE (LBR20), hands-on: A versatile router with mesh Wi-Fi, mobile broadband and wired connectivity | Hands on with the Rock Space home mesh system: for anyone with poor Wi-Fi coverage indoors | TP-Link Deco M4 review: A reliable mesh Wi-Fi system on a budget
What’s the difference?
Traditional Wi-Fi routers:
Mesh networking is a relatively new entry into the consumer market, so you would be forgiven to think it would automatically be ‘better’ than a standard router. However, a mesh network is an overkill for some. 

A standard router acts as a central hub for Internet connectivity. Traffic and requests from devices granted permission to connect to the router — usually through a password — are funneled through one access point. 

The benefits:
Price: Standard routers are generally more affordable than mesh network products. While you still may expect to pay hundreds of dollars for a premium router, there are many options out there that are budget-friendly and both quick and stable enough to keep your home office running effectively without further input. 
Plug and play: In my experience, setting up a standard router is less of a hassle than a mesh network. For something that ‘just works,’ a typical router might be the best option. Set it up, make sure updates are automatically applied, and forget about it. 
Speed and wires: Many routers today, such as the Netgear Nighthawk and Asus ROG, are designed with heavy bandwidth and streaming requirements in mind — and have the technology inbuilt to facilitate it. Gamers and live streamers, for example, should generally stick with wired Ethernet connections that may perform better with traditional routers, instead of wireless-first products.
Separating devices: You can set up guest networks on most modern routers, but if you also want to keep all of your IoT devices on a separate network in the interests of security, most routers will allow you to do this without much hassle. 
The disadvantages:
Coverage issues: As Internet access is distributed through a single point, this can mean that areas far away from your router will have slow or spotty connections that drop. However, range extenders can help remove this barrier and can still end up being cheaper than investing in a mesh network. 
Overload: Unless extenders or channel separation features are used, too many connections may result in overloading, bottlenecks, lag, and drops.
Tweaking: If you want to tweak the more advanced settings on a router, this can often require annoying visits to a platform via desktop, rather than seamless mobile app connectivity we have learned to enjoy for many of our modern services. 
Also: Working from home has revealed tech’s biggest failures. Here’s what needs to change | Working from home: The future of business is remote | Remote work: 10 ways to upgrade your working from home setup 
What about Wi-Fi 6?
It is worth mentioning Wi-Fi 6, also known as 802.11ax. This is the next standard in wireless technologies and is designed to increase wireless device performance in comparison to 802.11ac. Some modern routers support this standard, and so could be considered when future-proofing your home office. 
MU-MIMO (Multi-user, multiple-input, multiple-output), too, should be kept in mind. Some routers use this technology to improve the speed of data transfer when multiple devices are connected simultaneously — but not all. 
Mesh networking:
While traditional routers are singular, centralized access points, mesh networking devices are decentralized. Instead of a device connecting to a single gateway to the Internet, mesh networks are created from multiple nodes that all provide web connectivity. For example, you could have a central ‘hub’ in the kitchen and then have satellite nodes in the home office, kitchen, or bedroom. 
When you are trying to access the web while in the kitchen, you would automatically connect to the hub, whereas you would jump on the node while you’re in your home office, and so on.

The benefits:
Improved coverage: The main benefit of a mesh network is extended coverage. In larger properties with a lot of square feet, investing in a mesh setup will remove annoyances such as coverage blackspots. 
A boost in reliability: As your device will connect to the nearest satellite node rather than a central point of access, this helps ensure that no matter where you are on a property, you are less likely to experience drops in connectivity.
Additional controls: Once a mesh network is active, many vendors will allow users to control their router through a mobile app. This could include keeping an eye on network traffic, rebooting, or even turning off the Internet entirely — perhaps an appealing prospect for those with children.
The disadvantages:
Initial expense: In general, mesh devices require a more expensive outlay to setup. While a device’s hub and one satellite might not be too costly, if you want to take full advantage of what a mesh network can provide, you may need to buy more — and the cash required to do so can add up.
More than one: Setting up a mesh network means you will need more than one power outlet. For each satellite you add, you will need to ensure there is a power supply and that you’re happy to have them dotted around your property, as attractively designed as they can be.
Speed: Mesh means coverage over speed. In some cases, mesh networks — especially at entry levels — will not provide the same speeds you can expect from typical routers.

ZDNet Home Office Tours

What is best for my home office?
You need to decide whether or not the outlay for a full mesh network is worth it. In larger homes with dead spots, mesh networking can provide a way to immediately improve signal strength and coverage. 
However, it can be expensive to overhaul your existing router setup, and going for a full mesh may simply be described as overkill unless you consistently have multiple users and devices competing for bandwidth.
There are some mesh network systems out there, such as Google WiFi, Nest WiFi, and eero which are relatively cheap to set up — as long as you don’t need too many satellites. 
Also: Best Wi-Fi router in 2021 | Working from home 101: Every remote worker’s guide to the essential tools for telecommuting
Before changing your setup, you should also consider your ISP package. If you’re subscribed to a low-speed offering, new equipment is not going to necessarily help. Instead, package upgrades could be a better option.  
If you are a sole user and need a stable, powerful connection — such as for resource-hungry work applications or gaming — a traditional router may be all you need. Wired should be quicker than wireless, and so investment in a simple Ethernet cable, easily picked up for $10 to $15, could be enough. 
Wi-Fi range extenders, too, could be considered as an alternative to mesh if you just need to boost coverage in some areas, and will likely be less expensive than purchasing individual mesh nodes. Some vendors also offer mesh ‘bolt-ons’ such as Asus’ AiMesh, which can connect up existing routers to create a mesh-like coverage network without ripping everything out and starting again.
However, mesh networking is here to stay and at a time when many of us are now in the home rather than traditional home offices, a mesh setup could be a future-proof investment. It’s not suitable for you if you rely on wired connectivity and speed, but if you need to make sure dead zones and drops do not impact your working day — and you don’t mind the potential expense — mesh systems are a worthwhile upgrade to your home equipment. 
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

ZDNet Recommends More

When former Federal Communications Commission (FCC) Chairman Ajit Pai left office on Jan. 20, 2021, his departure was greeted with hoots of derision. His crime? Destroying net neutrality. Now, President Joe Biden has named FCC member and net neutrality champion Jessica Rosenworcel to chair the Commission. This is a big step forward for net neutrality’s return. 

While President Donald Trump and Pai helped destroy net neutrality to the advantage of major ISPs and telecoms, Rosenworcel fought against their efforts and for net neutrality. 
Net neutrality is at its heart a very simple idea: Internet service providers (ISPs) should treat all data that travels over their networks fairly, without discriminating for or against any particular apps, sites, or services. Today’s commercial internet began with what we now call net neutrality via the Commercial Internet Exchange (CIX). Without it, instead of the internet we know and use every day, we would have been stuck with isolated islands of connectivity like the online services of the 80s and 90s such as AOL, CompuServe, and Prodigy. 
Without network neutrality, we’d have no Amazon, Netflix, Facebook, or Google. We might not even have the Web we’re no more aware of today than a fish is of the water in which it swims.
Millions of Americans, in part because of net neutrality’s teardown, don’t have access to broadband internet. According to the FCC’s 2020 Broadband Deployment Report, 21.3 million rural Americans don’t have access to internet download speeds of at least 25 Mbps, which is the recommended speed for working from home and online schooling. The real numbers are much worse. BroadbandNow Research using the FCC’s own data found almost twice that number, 42 million, don’t have broadband access.  
In October 2020, when Pai faced a Federal Court order to reconsider net neutrality’s impact on public safety and providing subsidies for broadband service, Pai refused to act.  
Rosenworcel snapped back, “This is crazy. The internet should be open and available for all. That’s what net neutrality is about. It’s why people from across this country rose up to voice their frustration and anger with the Federal Communications Commission when it decided to ignore their wishes and roll back net neutrality.” 

She continued, “The FCC is going to make it easier for broadband companies to block websites, slow speeds, and dictate what we can do and where we can go online.  It’s insane that this is happening now, during a pandemic when we rely on internet access for so much of day-to-day life.”
Rosenworcel’s right. With the coronavirus raging on, Americans whether they’re working from home or going to school need broadband more than ever. The newly minted FCC chair has been especially harsh about the damage the lack of affordable broadband has done to school kids, which she calls the “homework gap.” 
Rosenworcel said, “When I was growing up, homework required nothing more than your siblings leaving you alone, a clear workspace, and a Number 2 pencil. Those days are gone. Not just because the school year is winding down. They are gone because today as many as seven in ten teachers assign homework that requires access to broadband. But data from this Commission suggests one in three households do not subscribe to broadband service.” This is not right.
“If you want evidence this is not right, it’s all around us, Rosenworcel said in a later statement, “There are people sitting in parking lots using free Wi-Fi signals because they have no other way to get online. There are students who fall in the homework gap because they lack the high-speed service they need to participate in remote learning.”
In the short term, Rosenworcel will get a new broadband $7-billion pandemic stimulus program underway. These “E-Rate” funds are to help students get Wi-Fi access. Pai had ruled that these funds could only be used for classrooms. With millions of students stuck at home, Rosenworcel believes some of this money should be used to provide home connectivity for students to close the homework gap.
In the long run, if Rosenworcel becomes the permanent head of the FCC, there’s no question she will fight to return net neutrality. When Pai ended net neutrality, Rosenworcel said the FCC had “failed the American public.” Given a chance, Rosenworcel will bring back to the American public the net neutrality they need for their jobs, lives, and education. 
Related Stories: More

This bad boy loves data, but not voice. Thanks Labor.
Image: NBN
The Australian government has announced the first trio of companies to pick up grants from its AU$2 million Alternative Voice Services Trials kitty.
NBN will test 260 voice services across its fixed wireless and satellite footprints, with the tests to include using low-band fixed wireless for voice.
Covering the Cocos Islands and Norfolk Island, Concerotel will trial up to 200 VOIP services on satellite-backhauled mobile phones.
Meanwhile, Zetifi will trial 50 voice services using Wi-Fi calling on farms in New South Wales and northern Victoria.
The government said some of the trials will use antennas and battery backup in residences to improve call quality.
“These trials are about identifying new options to deliver voice calls in remote areas, so it’s important that the new technology is tested across a range of localities,” Minister for Regional Health, Regional Communications and Local Government Mark Coulton said.
“Ensuring that rural Australians have access to robust and resilient phone services is a priority for the federal government, which is why we are funding these trials to test what will and won’t work for remote communities.”

Finding people to participate in the trials will occur over “coming months”, the government added, with additional grants to be announced “shortly”.
While it might be tempting to think that NBN’s Sky Muster satellite could provide voice services, the satellites cannot do it without a high level of latency, and it prevents the full removal of the voice-centric Universal Service Obligation on Telstra.
Related Coverage More

Over 2020, many of us shifted from the traditional company office to working from home. 
As we step into 2021, remote work and home offices will likely become a common fixture in our careers, with either permanent work-from-home options available or hybrid, flexitime models. What was once a rapid response to a global pandemic may lead to permanent, long-term changes in how we work and what we will expect our employers to offer in the future. 
According to a Salesforce survey on the future of work, 64% of employees still want to spend some time in a traditional workplace environment, and 74% of Generation Z — soon to become the majority of the labor pool — are interested in hybrid work practices, splitting their days between home and the office. However, such a change in the foundation of our workday will create a tradeoff: Some of the resource requirements will move from employer to employee. 
If you want to take advantage of any potential future hybrid work models, companies may require you to show you have the equipment at home to work. While a comfortable desk, chair, a camera and microphone for remote meetings, and simply the space to concentrate and knuckle down are necessary, hybrid and fully remote roles demand one critical component: Connectivity. 
While you might already have internet connectivity and a router good enough to support mobile devices, smart home products, and content streaming services, you may need to add work-related systems and software to the mix. 
The more connections there are the greater the risk of bottlenecks and connectivity drops. Basic routers supplied by your ISP and older models may not be enough now we spend more time at home and connect even more devices or services to our Internet services, and so without a quality Wi-Fi router, work productivity and performance can be affected.
Some of you at home may only need a Wi-Fi router able to generate a strong signal in one or two areas of your home, or you may want additional ports, security controls, and child locks. Others may opt for mesh Wi-Fi, which while often a more expensive option, can improve coverage over larger areas and extend connectivity to home offices located away from your main house. 

ZDNet has listed of our top picks for Wi-Fi routers suitable for different budgets and needs. 

Upgrade option: Nest Wifi

Best for: A budget-friendly Wi-Fi mesh ecosystem
Coverage: Up to 1,500 sq ft (AC1200 2×2 Wave 2)
Features: Bluetooth-compatible, simultaneous dual-band Wi-Fi (2.4GHz/5GHz), supports IEEE 802.11a/b/g/n/ac, two Gigabit Ethernet, quad-core ARM CPU, and 512MB RAM
One of the most suitable devices on the market for Google ecosystem users is simply named Google Wifi. This budget-friendly router option aims to keep things easy to set up with “Network Assist,” a system that works in the background to automatically select the best channels for your connected devices. 
The Wi-Fi router offers coverage of up to 1,500 sq ft. However, as a mesh Wi-Fi device, the more access points you add to the router system, the better the blanket coverage at home. You can select a single pack that comes with one router and one additional Wi-Fi access point, or Google also offers a three-pack option, with an estimated coverage area of up to 4,500 sq ft.  Google Wifi is Bluetooth-compatible and features AC1200 2×2 Wave 2 coverage. It’s capable of simultaneous dual-band Wi-Fi (2.4GHz/5GHz) coverage supporting IEEE 802.11a/b/g/n/ac, and has two Gigabit Ethernet ports. It’s best suited to those with internet speeds slower than 250Mbps.
WPA2 security is in place. The router is powered by a quad-core ARM CPU and has 512MB RAM. You will need a Google account and must download the accompanying mobile application. 
Google says its Wi-Fi router is the “best-selling” mesh system in the US. 
See the review: Google Wifi review CNET
The tech giant has also upgraded its mesh Wi-Fi offering with Nest Wifi, a router offering improved speeds and support for WPA3 standards. However, the initial cost is higher ($169+) and so we can still recommend Google Wi-Fi when you have a limited budget to upgrade your home office. 
$185 at Amazon (3-pack) Amazon (Nest Wifi, 2-pack)

Tri-band router designed for gamers and heavy use

Best for: The power-hungry worker
Coverage: Up to 3,500 sq ft
Features: 10-gigabit, Wi-Fi 6 router, 1.8Ghz quad-core processor, 2.5G gaming port, port forwarding, 256MB NAND flash, 1GB RAM, and dynamic frequency selection (DFS)
If Google’s mesh WiFi router does not provide enough streaming power for you — whether for gaming or online work systems that require quick and stable connectivity — the Asus ROG Rapture AX11000 is a tri-band router for heavy use and gamers who require high levels of bandwidth. 
 The Asus ROG Rapture AX11000 is a 10-gigabit, Wi-Fi 6 router. It comes with a 1.8Ghz quad-core processor, 2.5G gaming port, port forwarding, 256MB NAND flash, and 1GB RAM. It is possible to select an option to prioritize gaming traffic, which may be a useful feature for those employed in the gaming or review sector. 
Also: Best mesh Wi-Fi system for the office or home in 2021
Asus has also implemented dynamic frequency selection (DFS) to automatically select the least-congested 5GHz bands for streaming. A VPN and support for ASUS AiMesh are included for expanded home coverage. 
$449 at Best Buy

VPN option — VPN Plus — acts as a VPN server or client

Best for: Those who need a VPN connection
Coverage: Up to 3,000 sq ft
Features: Dual-band, MU-MIMO router, VPN Plus, Synology SSL VPN, PPTP, OpenVPN, and L2TP/IPSec support, 1.7Ghz dual-core processor, 4×4 802.11ac wave 2, and 2.53Gbps speeds
If your employer requires a Virtual Private Network (VPN) while you work remotely, the Synology RT2600 Wi-Fi router may be a suitable option. A VPN makes internet connections more secure by employing encryption between your browser and a server — and can also be used to mask your original IP address — and so if workers are asked to connect to corporate resources, a VPN can keep access secure while staff are out of the office. 
To take the guesswork out, the Synology RT2600 is a dual-band, MU-MIMO router already equipped with a VPN option, VPN Plus, to act as a VPN server or client, and support is also available for Synology SSL VPN, PPTP, OpenVPN, and L2TP/IPSec. To facilitate the use of VPN servers and clients, the router is powered by a 1.7Ghz dual-core processor, 4×4 802.11ac wave 2 radios, and has coverage of up to 3,000 sq ft. 
See the review: Synology RT2600ac review CNET
The router is capable of speeds of up to 2.53Gbps. In addition, this product has a useful feature for streaming: The option to connect SD cards or USB attached storage to stream content to TVs and other devices.
$199 at Amazon

Upgrade to ‘Ultra Performance’ range to extend coverage

Best for: A home mesh Wi-Fi network
Coverage: Up to 5,000 sq ft, with support for up to 25 devices.
Features: Tri-band, MU-MIMO router, 2.4GHz (400Mbps) and 5GHz (866Mbps) bands, quad-core ARM processor, 512MB RAM, parental controls, Ethernet port with 1GB connectivity
Mesh home Wi-Fi networks are increasing in popularity as we adopt smart, connected devices and streaming services in our homes. Mesh topologies can increase the stability and interconnections between IoT devices by working with ‘nodes’ placed around the home, reducing blind spots and buffering issues. 
While mesh Wi-Fi devices do not always offer the same advanced settings or features as some traditional routers, mesh devices can suit those who have a home office in an area with a weak Wi-Fi signal, for example, or who are competing for streaming capacity.  The Orbi’s strength is its coverage — up to 5,000 sq ft, with support for up to 25 devices. The tri-band, MU-MIMO router offers decent Wi-Fi speeds on the 2.4GHz (400Mbps) + 5GHz (866Mbps) bands — and is powered by a quad-core ARM processor and comes with 512MB RAM. The included Ethernet port provides 1GB connectivity. The Netgear Orbi can be picked up with standard specifications or you can upgrade to the premium “Ultra Performance” range, which extends coverage and the number of devices connected via satellite bolt-ons; each of which expands coverage by up to 2,500 sq ft. 
See the review: Netgear Orbi Wi-Fi 6 AX4200 hands-on
Netgear Orbi should be considered when more than one person is fighting for broadband resources, such as when multiple occupants are all working from home and children need stable connections for learning. Parental controls and the option to adopt Netgear Armor are included. 
$261 at Amazon

A worthwhile option

Best for: Those working from home and seeking a Wi-Fi 6 model
Coverage: Strong performance recorded even at distances of up to 75ft
Features: Wi-Fi 6 dual-band device, supports 2.4GHz/5.0GHz frequency, 128MB flash memory, 1GB RAM, an average wireless download speed of 1,523 Mbps at 5ft, and parental controls
The TP-Link Archer AX6000 is a router that shines as a Wi-Fi 6 model. Picking up a Wi-Fi 6 device now is an investment for future-proofing your home connectivity, as this standard provides the capacity for devices to send more data during transmissions, increasing speed.
For those working from home for the foreseeable future, the TP-Link Archer AX6000 is a worthwhile option. The dual-band device supports 2.4GHz/5.0GHz frequency and is equipped with 128MB flash memory and 1GB RAM. In speed tests conducted by CNET, it was top of the class, coming in at an average wireless download speed of 1,523 Mbps at 5ft, with a strong performance recorded even at distances of up to 75ft.
Also: Meet the Wi-Fi 6 routers that support 802.11ax CNET
WPA2 encryption, Ethernet connectivity, and parental controls are also included. 
$299 at Best Buy

ZDNet Recommends More

Image: JSOF
Security experts have disclosed today details about seven vulnerabilities impacting a popular DNS software package that is commonly deployed in networking equipment, such as routers and access points.

The vulnerabilities tracked as DNSpooq, impact Dnsmasq, a DNS forwarding client for *NIX-based operating systems.
Dnsmasq is usually included inside the firmware of various networking devices to provide DNS forwarding capabilities by taking DNS requests made by local users, forwarding the request to an upstream DNS server, and then caching the results once they arrive, making the same results readily available for other clients without needing to make a new DNS query upstream.
While their role seems banal and insignificant, they play a crucial role in accelerating internet speeds by avoiding recursive traffic.
Today, the DNSpooq software has made its way in millions of devices sold worldwide, such as Cisco devices, Android smartphones, and all sorts of networking gear like routers, access points, firewalls, and VPNs from companies like ZTE, Aruba, Redhat, Belden, Ubiquiti, D-Link, Huawei, Linksys, Zyxel, Juniper, Netgear, HPE, IBM, Siemens, Xiaomi, and others.
How DNSpooq works
The DNSpooq vulnerabilities, disclosed today by security experts from JSOF, are dangerous because they can be combined to poison DNS cache entries recorded by Dnsmasq servers.
Poisoning DNS cache records is a big problem for network administrators because it allows attackers to redirect users to clones of legitimate websites.

For example, if a threat actor can abuse a DNSpooq attack to poison DNS cache entries for gmail.com on a company’s Cisco router, they can redirect all that company’s employees to a Gmail phishing page while the browser shows the legitimate gmail.com address in their browsers.
In total, seven DNSpooq vulnerabilities have been disclosed today. Four are buffer overflows in the Dnsmasq code that can lead to remote code execution scenarios, while the other three bugs allow DNS cache poisoning.

DNSpooq are easy to pull off, but noisy attacks
On their own, the danger from each is limited, but researchers argue they can be combined to attack any device with older versions of the Dnsmasq software.
Attacks can be carried out quite easily against Dnsmasq installations directly exposed on the internet, but the JSOF team warns that devices on internal networks are also at risk if attackers relay the attack code via browsers or other (compromised) devices on the same network.

The attacks might sound hard to execute, but in an interview with ZDNet on Monday, Shlomi Oberman, chief executive officer at JSOF, said it was the contrary.
“DNSspooq cache poisoning vulnerabilities are not hard to pull off and are the type of vulnerabilities that, in our opinion, could be easily automated and used by botnets, malvertisers, phisers, and that merry bunch,” Oberman said.
“The main challenge for someone exploiting these vulnerabilities on a large scale is that they are quite noisy so they will probably be noticed by ISPs and other companies with wide visibility to internet traffic,” the JSOF CEO told ZDNet.
Oberman added that the attacks also require sending many DNS packets to a targeted device, which also takes a lot of time, and, in addition, also requires that attackers have access to adequate attack infrastructure.
Nonetheless, these are not prohibitive requirements, and the JSOF exec believes the DNSpooq attack is well in the reach of both cybercrime gangs and nation-state (APT) groups alike.
Patches rolling out everywhere
The easiest way to prevent any of these attacks would be to apply the security updates that will be released later today by the Dnsmasq project.
However, many of these Dnsmasq DNS forwarding clients are included inside the firmware of other products, where end consumers can’t reach in and update just one single library.
Oberman, whose company previously also discovered, disclosed, and helped patch the wide-reaching Ripple20 vulnerabilities, has taken a similar approach this time as well.
The JSOF exec told ZDNet that his company has worked with both the Dnsmasq project author and multiple industry partners to make sure patches were made available to device vendors by today’s public disclosure.
“The disclosure process included forming a task group composed of security and engineering representatives from Cisco, Google, Red-Hat, Pi Hole, CERT/CC, Simon Kelley (Dnsmasq maintainer), and JSOF,” Oberman told us.
“The task force engaged on how to record the vulnerabilities, how to communicate them, and also suggested several different patches. There are now patches available under embargo, both as a new version and as backported patches,” he added.
CERT/CC and ICS-CERT also helped coordinate disclosing the DNSpooq attacks to other vendors not included in the original task force. While some vendors might be late with integrating the patches, most vendors have been notified by now about the seven vulnerabilities and their need to eventually deploy patches to all affected products. A list of affected vendors, products, and patches (if available), are listed on the official DNSpooq website.
End-users have their own countermeasures
But for end consumers, determining which vendor deployed DNSpooq patches will most likely be an impossible feat, even for those with advanced technical skills.
Chasing down CVE identifiers for the seven DNSpooq vulnerabilities in device firmware changelogs is a complex feat even for security professionals and software engineers, let alone the average Joe.
Oberman says that these users can protect themselves against DNSpooq-vulnerable devices on their network through two methods.
“A good workaround would be to use DNS-over-HTTPS (DoH) or DNS-over-TLS (DoT),” Oberman said.
“Another option would be to statically configure a trusted DNS server, like Cloudflare or Google DNS servers, so that DNS requests are not handled by the home router and go directly to the [remote] DNS server.
“Both these options require some technical understanding, but are simple enough for many users to carry out,” Oberman told us. More