On thing that has been bothering me are the reports of numerous embedded system routers with backdoors in them. I'm mostly concerned about home routers, not so much those used for servers.

I mean you can search for "router backdoor" and find many many reports. The even bigger issue is that it takes router manufacturers a long time to deploy a patch. Even when they do, you wonder if there isn't some other hidden vulnerability within the firmware, since it's usually not open-source.

The main question: I'm thinking I can do one of two things,
1) Buy an embedded router with support for openwrt, dd-wrt, tomato, etc.
2) Use an older computer or buy a new lightweight computer maybe Atom-based as a router.

My issues with the options:
1) Buy an embedded router
Cons:
a) Open-source firmware projects, especially dd-wrt develop and update very slowly for various reasons. Updates, but maybe not necessarily security fixes are few and far between. Openwrt is a bit different because you can update packages without flashing the firmware.
b) Flashing the firmware risks bricking the system.
c) Routers that support open-source firmware are not too common from what I've seen, I mean I've tried to buy one, but they are hard to find.
d) My experience with one dd-wrt system was very negative, and there have been negative reviews of the router in question because it kept dropping wifi connections, possibly due to bad wifi drivers and there is no way to change the wifi device on an embedded system.
Pros:
a) relatively cheap
b) very low power, so can be kept on all the time

2) Use an older computer/lightweight computer
Cons:
a) use more power
b) are more expensive
Pros:
a) You can keep them fully up-to-date with any and all fixes, because they're gonna be running FLOSS and I'll manage them.
b) Easy to maintain, if something doesn't work, replace it, no so with embedded systems. Maybe the costs aren't so much after all when considering this.

Right now #2 seems to be a better option in terms of security, I can keep the system more up-to-date. Am I missing something ? Is it a good idea ? Anyone have more experience with these ? Any recommendations for optimal systems that can be used as routers, I prefer not embedded but low power so I can leave them on if needed. I suppose fan-less systems are preferred because I'm not sure what room they will be in.

I've configured my computer as a router before when I was using a CDMA modem and it worked fine, so I know how to do it.

First of all, keep in mind that unless you intend to audit the code yourself, then even with open source firmware you are placing trust in someone else for your security. Take that for whatever it's worth.

I would go for a computer that I could turn into a router, basically just for the learning opportunity, plus, as you point out, it's a little easier to maintain (or at least we are more used to maintaining a computer with updates, rather than re-flashing an embedded device with dd-wrt or whatever).

So I vote the second option, personally.