Absolute Tomato vs. Fresh Tomato

Discussion in 'Tomato Firmware' started by Brad44, Mar 28, 2019.

  1. Brad44

    Brad44 New Member Member

    I am enjoying Absolute Tomato on my Netgear R8000 but the fact that it hasn't been updated in quite some time is sitting in the back of my mind. Fresh Tomato is clearly the most active version in constant development and I am considering migrating over. Am I missing out on anything by sticking with Absolute Tomato? The threads I've been going through seem to indicate it is quite stable and most of things that people gripe about are bells and whistles they'd like to have added on. Thanks.
  2. jorkki

    jorkki New Member Member

    I think the most important feature for most is that it has to work reliably and have the features that you need.
    So if you have this and don't want to use your time tinkering with the device and risking getting in occasional trouble in the process, I would let it run :).

    Of course security is very important as well but with the Broadcom chips the situation for hobbyists is not the easiest possible. Almost all information is behind non disclosure agreements so not much information about bugs and fixes is available.

    Your device is using the BCM43602 radio processors which (or very similar) are used in many mobile devices as well, so white hat hackers have done some pretty impressive research to find vulnerabilities. I don't know at what rate the fixes find their way to the custom firmwares though as many of the vendors are kind of slow to upgrade the official versions first.

    For sure there are security fixes for other (open source) parts of the system as well, so it's good to keep an eye on the forums etc. in case something critical comes up and is fixed in later releases.

    Regarding the Broadcom chips, if you enjoy technical reads, take a look at https://github.com/seemoo-lab/nexmon
    Also the Google team has done quite an effort in this regarding Android and Apple devices: https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html
  3. eibgrad

    eibgrad Network Guru Member

    I was in the same boat until recently. Been using Shibby for many years, then he stopped development. Recently I became concerned since vulnerabilities are always being discovered. And it's not just the core Linux/tomato features itself you need to be concerned about. Other integrated features like OpenVPN, Transmission, etc., need to be kept current too. So if something like HeartBleed ( http://heartbleed.com/ ) comes along, and your firmware hasn't been updated in the past 2-3 years, you're taking a risk in not switching to some other variant. So back in December 2018 I jumped over to FreshTomato.

    So yeah, I agree, sticking w/ what works is, in general, a wise approach. But there's a limit. Esp. if the router is exposed directly to the internet. If it's just be using internally for say, a client bridge or repeater, it's usually much less of a concern (not unless some wireless vulnerability is found).
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice