The onus shouldn't be on end users to validate the security of a product which is authorised to be sold in the UK, least of all one that is provided by a major ISP.People on this forum will buy hideous routers with antennas the size of a donkeys **** over looking into the security history of a vendor.