The Turris Omnia wifi router is a successful crowd sourced venture by CZ.NIC which is a non-profit organization running the .cz top level domain of the Czech Republic. The Turris Omnia Wi-Fi is handled by it’s mini PCIe supporting 3×3 MIMO 802.11ac & 2×2 MIMO 802.11b/g/n. This router surpasses today’s off the shelf router standards by the mere fact that it is focused on security, where as most of the other box store routers today are often left behind in firmware updates and security patches.
The security features of the Turris Omnia starts with its ability to analyze traffic between the Internet and your home network. It identifies suspicious data flows and blocks them through a continuous cycle of traffic analysis and security/signature updates. The company states “In case an attack is detected, corresponding updates are prepared and distributed to the whole Turris network, thus helping to protect all its users.” In essence, your Turris Omnia router can act a sensor which adds to the protection the entire network of users like yourself who deploy this router making this the better option for those who seek the extra protection of their home networks. You would need to explicitly opt-in to the monitoring network by registering on their portal using your email address.
To further compliment proactive monitoring, users have the ability to deploy a sudo SSH Honeypot. CZ.NIC states their main priority is safety, which is why they don’t run the SSH honeypot directly on your router. Otherwise, there would be a small chance of an attacker breaking into your main system from the emulated environment. To avoid this, they redirect SSH communication from your router to their servers. Attackers won’t see any difference, because to them it looks exactly the same, they will use credentials (not yours, but mostly default username and passwords like admin;admin or admin;12345) to log into your router, with the only difference being that they are doing it on their end and your router is only a transparent gateway. Hence, they take all the risk away from you, but you (and others) still get all the rewards by security updates based on the gathered attacks.
In addition to a higher security standard, the Turris Omnia can handle gigabit traffic utilizing a 1.6 ghz processor, supports and still be able to do much more. You can use it as a home server, printserver, NAS and it even has a virtual server built-in thanks to its open source fork of OpenWrt firmware which is available on the CZ-NIC GitHub repository. There is a binary blob needed for the 5GHz wireless card, which looks to be the only proprietary component on the board. The Turris Omnia also has SIM card slot, RTC with battery backup, crypto chip for secure random number generation, dimmable RGB LEDs, pin headers with GPIO, I²C, SPI and more.
The router also features the Majordomo software which allows for the monitoring of all devices on your network and identify potentially dangerous or hostile traffic. This could allow users to monitor their own devices reporting to manufacturers questionable activity leading to patching of those devices or a necessary response from the manufacturers.
In all the Turris Omnia is a major step in the right direction for how home routers should be designed and supported. The IOT mess isn’t getting any better anytime soon and the Turris router can help protect those devices and your network from attack. The router is easy enough for the average individual to setup and offers enough options for advanced users as well and seems to have good longevity of device support well into the future.
Turris Omnia will be available in several versions.
Here is a list of its most important features:
|CPU||1.6 GHz dual-core ARM|
|RAM||1 GB DDR3
(optionally 2 GB)
|Storage||8 GB flash|
|LAN||5× Gbit port|
|WAN||1× Gbit port|
|USB||2× USB 3.0|
|Mini PCI Express||2×|
|mSATA / mini PCI Express||1×|
|3×3 MIMO 802.11ac
2×2 MIMO 802.11b/g/n