Uh. Yes. In fact anything else is a deal-breaker to me and I regularly buy $300+ routers.

> Because THAT's how you get hacked.

If the router admin-interface is a POS written by the same rails-developers who leave delete operations on GET links, sure. I don't though, and I think the OpenWRT developers would take offence at such a blanket-statement like that.

But let's take your statement at face value: Web-based interfaces are inherently unsafe. Should we shut down all web-applications then? Should web shut the entire web down? That's the logical end of your extreme line of thought after all.