NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Anyone else think that Netgear should up the encryption and authentication protocols on the OpenVPN utility. I mean come on SHA1 is getting a bit old now right? Also some of the paranoid among us (me) would like to be able to have at least AES-256-CBC.
4 Comments
- Netgear started rolling this out months ago.Here's just one:
R7000 Firmware Version 1.0.9.32 | Answer | NETGEAR Support
New Features and Enhancements:
OpenVPN cert update (from MD5 to SHA256)There have been several firmware updates for the R7000 since then.If it isn't available on your device, maybe it is seriously old. Or you may mean something else. Possibly, I have an R8000. Don't think they are that old are they? michaelkenward
EDIT:
When you actually use the VPN it outputs:
cipher AES-128-CBC,auth SHA1
However you are correct, it does have an SHA256 certificate?
That was updated around six months ago.
R8000 Firmware Version 1.0.4.18 | Answer | NETGEAR Support
New Features and Enhancements
- Supports collection of router analytics data.
- Added support for SHA256 certificates in lieu of MD5 for OpenVPN.
- Supports the Auto firmware update feature.
Be careful about implementing the last of those.
There has been at least one further update since then.
That's definitely a good idea. And it's awesome that they've been already going in this direction. Now I have to use the best vpn for torrenting free in order to get more security and anonymity. Hope we'll see updates soon.
