Washington Post - U.S. agencies back banning TP-Link home routers on security grounds
Posted by mooocow@reddit | hardware | View on Reddit | 270 comments
Pure-Huckleberry-484@reddit
Step 1: see if a router meets your needs.
Step 2: see if that router can run OpenWRT Step 3: but that router and flash it
Alternative: build your own OpnSense, pfSense, pi or Linux based router.
pornlover6969420@reddit
trying to find any info routers and everyone on reddit just spams openwrt. It's gotta be the same people that say linux is better than windows gtfo
KJSS3@reddit
So what happens to my existing tplink deco wifi 7 from Costco 3 pack? I will have to stop using them?
rajragdev@reddit
Considering this ban for over 2 years?
meshedmyself@reddit
TP-Link already addressed all this, and honestly the agencies don't really have a leg to stand on.
https://www.tp-link.com/hk/press/news/21544/
zupiterss@reddit
there goes my $250 wifi 7 router.
_HOG_@reddit
Suspicious timing. Earlier this year TP Link invested a ton of cash in a new design center in Southern California and have been hiring for marketing, hardware engineering, supply chain, etc.
I’d venture a guess that someone big doesn’t like the incoming competition, so TP-Link now has a large target on their back.
FauxReal@reddit
The TP-Link ban has been in discussion for at least a year now. I was just wondering what was going on with that when shopping for a new router the other day. At my job we got rid of all of our Lenovo laptops last year for security reasons.
_HOG_@reddit
From which their setup in SoCal may have precipitated.
Pray tell - what "secure" non-China made laptop did you switch to??
FauxReal@reddit
It wasn't my decision. I work for a Japan owned Global 100 multinational corporation in IT. But Lenovo had a bunch of UEFI and firmware related security vulnerabilities and that adware scandal. It wasn't because it was from China, it was because they had a history of massive security issues and shady practices.
We switched to HP and are moving away from them to Dell because the HPs are shitty in general.
Kyanche@reddit
I'm surprised they didn't use Hitachi or Fujitsu laptops.
FauxReal@reddit
No idea why decisions are made the way they are. We had Toshiba before, but they were fragile. Also the fans would fail at a too high of a rate. We use Panasonic Toughbooks for specific industrial applications, so bulky though.
Kyanche@reddit
Panasonic laptops are awesome. IDK if I worked for a Japanese company I'd be sad if they didn't use funky Japanese laptops. Like the Fujitsu with the round trackpad! Have some character FFS.
I get that they aren't the worst brand, but something about Dell makes it the saddest brand to me. Their hardware design philosophy has no soul.
When I was a kid my dad bought me an old 486 thinkpad and shortly thereafter was given a 75mhz pentium Toshiba Satellite for work things. My thinkpad had all kinds of problems with plastic fatigue around the hinges, but his toshiba was a tank!
I never got to experience the golden era of Thinkpads, but I have briefly used a couple from that era (like, just before IBM sold out, and a few years after Lenovo bough them?) They are sooo nice.
FauxReal@reddit
The company is a Global 100, at that point, the savings of $100 per computer is going to add up to a lot. And I'm sure the cost savings is more than that per machine.
Kyanche@reddit
Sure, the world has gone to shit and we now use awful laptops. Yes, but for a brief moment we created some value for the shareholders.
FauxReal@reddit
lol yes, good paraphrasing of that comic.
Kyanche@reddit
Well, if they're so concerned about saving $100 every few years on their employees they must be a pretty shitty place to work. Because imagine how much those employees already cost.
It's so fucking asinine the stuff companies will try to skimp out on that makes a huge quality of life difference. Yea, the costs do add up, but they still pale in comparison to salary lol.
My favorite is toilet paper. Some companies can be downright vindictive about it.
FauxReal@reddit
Nah it's the best corporate environment I've ever been in. Which surprised me. And when you have nearly 400,000 employees, it adds up.
But yes, it can be rather asinine. Which what I would describe it as when they told me to ask people to print less stuff to save money a couple pennies at a time.
FewHorror1019@reddit
I liked my toshiba laptop i used throughout college. Really good bang for the buck.
logosuwu@reddit
Dell makes even shittier business laptops lol
Strazdas1@reddit
Dell makes both shitty and good ones, they just want you to pay through the nose for it.
Select-Expression522@reddit
100% but they do actually have decent stuff too. It's just that nobody's IT group ever gets approved to buy the good models.
logosuwu@reddit
If you go for the high end precision then yeah but the problem is that almost all of Dell's mainstream and portable business laptops are pretty garbage
Creative-Expert8086@reddit
In my opinion, HP Dell Lenovo are the same, depends which company give a btter bidding offer.
_carbonneutral@reddit
Dell and HP are two sides of an infinite-sided corrupt coin. Corpo America just wants Chinese companies to stay good little cheap labor lapdogs.
airmantharp@reddit
Dell is only slightly less shitty, but it is model and year dependent. Lenovo still has that old Thinkpad DNA that neither US PC laptop manufacturer has decided to challenge.
I'd recommend switching to Apple if at all possible, but hey, that's just not always possible!
airmantharp@reddit
Eh, they've been 'looked at' for a decade at least.
Lenovo, TP-Link, DJI, and any other company that is Chinese enough to have a PRC board member is going to be put in the same category as say Kaspersky was.
Even if the company is absolutely on the up-and-up today - and I'm not making any malicious allegations toward TP-Link - they're still just one visit from Ministry of State Security away from being an espionage / sabotage hub. Same as Kaspersky was one FSB visit away, while US Government servers were 'protected' by their products.
And Kaspersky made good products (which is how they were selected in the first place).
More-Ad-4503@reddit
there's zero evidence of China spying while it's well known that the US is spying
FauxReal@reddit
There's definitely Chinese spying that has been caught. Not necessarily through business laptops though.
Just this year there were cases like, Yin Kecheng and Zhou Shuai, Xu Zewei and Zhang Yu, and the Chenguang Gong case.
Here's an entertaining account of an earlier spying case from my favorite IT security podcast. https://darknetdiaries.com/episode/21
More-Ad-4503@reddit
no they don't
Plank_With_A_Nail_In@reddit
Netgear is based in California right?
raven00x@reddit
Isn't Netgear a Cisco brand?
cp5184@reddit
That's linksys I think.
U3011@reddit
Which was a CISCO owned brand up until 12 years ago. I forget who bought them after, but they're owned by Foxconn now with licensed hardware, if I recall correctly.
cp5184@reddit
cisco bought linksys in 2003, then in 2013 sold the home division of linksys to belkin, with the business side of linksys, business switches and so on staying with cisco, then belkin was sold to foxconn in 2018.
So presumably cisco still owns linksys business models, and foxconn owns linksys home models.
U3011@reddit
How very interesting! I always thought Linksys was brand they developed themselves to get into the home router market back when broadband was becoming more common in households. Bought many of their routers in the early 2000s. Went with a Ubiquiti setup when we bought our home in late 2018.
pdp10@reddit
Linksys was present in the North American market in the late 1990s. I remember this in part because a cheap Linksys hub almost convinced me that a new bringup Cisco core router was D.O.A., and I vowed never to use Linksys again. It seemed funny when Cisco bought them, years later.
cp5184@reddit
Cisco hasn't developed any of it's own products... Not even it's routers...
raven00x@reddit
Same. Much learning today. It is a good day.
U3011@reddit
You bought into Ubiquiti, too? At the time, they were the only exemplary brand with the hardware capable of pushing connectivity all over our large home and land. Prices were more affordable then. I do not know what the market landscape is like today but I imagine if we had to do it all over again, Ubiquiti may still be our viable choice. I believe all the other brands including TP-Link have higher end hardware aimed at the prosumer market like Ubiquiti does, such as the Ormada lineup, but I am wholly unaware of how it performs.
certainlystormy@reddit
good lord it could be netgear
FewHorror1019@reddit
I have a tplink. Should i be worried
steve09089@reddit
Or it could be money racketeering.
“See all those nice investments you made? Would be a shame if they were for nought”
zeronic@reddit
Basically the MO of this administration. Gotta appease mango Mussolini or else you get hosed.
_HOG_@reddit
Yep, great opportunity for a shake down.
Coffee_Ops@reddit
Good thing we believe in capitalism in this country, rather than a state-directed economy!
Now if you excuse me, I have some more foreign vendors who are out-competing domestic that I need to ban...
Strazdas1@reddit
Capitalism only works when everyone is playing by same rules. In an open market, this means every country has to be capitalistic or capitalism wont work.
Coffee_Ops@reddit
In point of capitalism is that it's more efficient than the alternatives. It will always out compete non-capitalist systems.
A non-capitalist government may be able to subsidize its industries for a short while, but they will start to stagnate and they will eventually fall behind.
I don't know why people have forgotten that, as if there was something inherently virtuous about capitalism.
Strazdas1@reddit
Yes but only if its on level playing field. If you already start at a disadvantage, then even more efficient system can loose.
leafdude-55@reddit
Networking equipment is so obviously a national security issue. Your argument doesn't make sense because they aren't banning foreign vendors, just Chinese ones. You can still by ones from Taiwan
0xe1e10d68@reddit
It’s also a national security issue if the NSA is intercepting Cisco equipment and doing god knows with it, potentially installing a backdoor. But hey, only China is the bad guy around here!
The nation running the largest state surveillance programmes, including on its own citizens, certainly would never do wrong!
Morningst4r@reddit
It’s a real shame only one thing can be bad at once
Exist50@reddit
This is a contradiction. Also, China is far and away the biggest source for these kind of things.
TheCh0rt@reddit
That’s right, I’m only going to buy American made routers from now on! Only routers from… um… ACME Routing Corporation USA Inc.
IglooDweller@reddit
The one with the pre-loaded NSA spyware?
welfedad@reddit
Don't worry it's okay If your own government spies on you .. for your safety ..yes safety
IglooDweller@reddit
You have the choice between which government has access to your data. Pick one.
As a Canadian, it’s the choice between two foreign governments, but one is less hostile than the other.
solarsystemoccupant@reddit
Yes. China is less hostile.
IglooDweller@reddit
Yup. No regular threat of invasion nor annexions.
Strazdas1@reddit
Considering Chinese ambassador attempted to incide a riot to topple over parliament in my country (and embassy was closed as a result of this) id say they are pretty hostile.
IglooDweller@reddit
I never said that China is friendly. I merely said that, as a Canadian, they are less hostile than the USA in the present. Obviously, situation may vary by country.
Also, as a Canadian, I cannot forget the backstab from the south. We used to be friend and now we instead have a neighbor that openly brags about his plan to bankrupt my country to force economic annexation through ruins. We used to be best buddies. Not anymore.
welfedad@reddit
Yeah I get it . I'm sorry brother/sister from the north ..
WealthyMarmot@reddit
Ubiquiti is American, and many of their offerings are NDAA-compliant
GoldShine4013@reddit
Actually TP-Link is NDAA compliant as well! its been it since about 2018
Low_Evidence2879@reddit
Ur garbage food is also FDA compliant. - regards, Alzheimer’s
welfedad@reddit
Hey just don't take Tylenol
FauxReal@reddit
I believe Mikrotik and Cisco are NDAA compliant too. Of course at the enterprise level, the NSA was caught interdicting their hardware and installing back doors.
https://www.techdirt.com/2014/05/19/cisco-goes-straight-to-president-to-complain-about-nsa-intercepting-its-hardware
0xe1e10d68@reddit
It’s a wonder anybody in the world still places their trust in American brands after the NSA is caught doing that
FauxReal@reddit
Remember Room 641A? The purpose built NSA spying room AT&T built for the NSA to illegally spy on Americans? Yeah, you know there are more of them. Probably a lot more high tech now. I'm sure AI is being leveraged to parse all that data these days.
https://en.wikipedia.org/wiki/Room_641A
anival024@reddit
And they have massive data centers in the midwest to store everything.
Every single IP packet and analog phone call in the US is recorded and analyzed. It's all illegal. It was ruled to be illegal. They said it wasn't happening. Obama went on TV and lied about it. He said no one is listening. They said it was "just metadata". It's all lies. It's still happening. No one cares.
Encryption with pre-shared keys (shared in meat space) is your only hope for online privacy. The certificate system is rigged by design. Any CA can be taken over by the government at the drop of a hat. And all the crypto algorithms were developed by spooks and are likely flawed anyway, let alone the protocols that bootstrap encrypted communication or the applications used to send and read messages.
And of course, every CPU from almost the last 2 decades has hardware back doors, including their own built-in radios.
welfedad@reddit
Still that's just meta data and for x amount of time but still can be leveraged .. but yeah not like we are some saint when it comes to spying on our own citizens but safety .yeah safety
Helpful-Painter-959@reddit
Can you elaborate on "any ca can be taken over", I don't think my internal AD CS can be taken over by the government haha.
Exist50@reddit
Nonsense.
Also nonsense.
anival024@reddit
I'll stick with my US Robotics modem.
monty08@reddit
56K FTW baby
welfedad@reddit
Yeah pretty much
Low_Evidence2879@reddit
American cars, workers, routers.. all are substandard. Gov is scared that’s why the banned huwawei . It is still the leader in telecom infra even after ban. Ban will just make your companies compete internally.. but lose outside. TP link destroys any American wireless brand for the price they offer.
leafdude-55@reddit
American made routers are very expensive and out of budget for most households. That doesn't mean you need to buy Chinese routers. There's plenty of routers from non-chinese companies, many of which are not made in China. Unifi, Netgear, Asus, etc.
JelloSquirrel@reddit
What American made routers?
84theone@reddit
Fortigate does some of their manufacturing in the U.S. (among other places like China and Taiwan), but I would have several questions for anyone who was using that shit for personal use.
leafdude-55@reddit
As far as I know only Cisco manufacturers routers in the US and they cost thousands of dollars. I hope that changes but I'm not holding my breath
Berzerker7@reddit
Cisco makes exactly zero products in the US. Mexico and Brazil are their main operation areas.
RBeck@reddit
Technically Mexico and Brazil are American.
deadheadkid92@reddit
Man there really needs to be a copypasta to explain this.
In Spanish, the word 'America' is used to refer to both the continents of North and South America combined.
In English, the word is almost never used that way, and is usually in reference to the USA when used by itself.
Berzerker7@reddit
The person I replied to specifically said "in the US" regardless of what weird splitting of hairs you want to be using here.
Plank_With_A_Nail_In@reddit
First day on the internet?
Cute-Pomegranate-966@reddit
Lol this search shows me the sopranos. Followed by an article (actually this article) and then wood routers.
You tried good sir.
pmjm@reddit
Yes all your routers must now be from Fusion Broadband Industries.
imaginary_num6er@reddit
Hopefully people can buy ASUS routers
Puzzleheaded-Bar9577@reddit
I hate asus.
imaginary_num6er@reddit
They're the Republic of Gamers so they can't be sanctioned by the US
advester@reddit
I was told not to ever support war with a country unless you can find it on a map. I've never found the RoG.
airinato@reddit
Its called Taiwan lol
Strazdas1@reddit
No wonder he cant find it, on his map its just part of china.
EasyRhino75@reddit
Diplomatic Immunity!
leafdude-55@reddit
They're PC hardware has gone to ship but their network stuff is great. My favorite part is that flashing a third party firmware doesn't void the warranty
Puzzleheaded-Bar9577@reddit
Their network stuff is second rate. The only reason you need to flash firmware is because they prioritize stupid gaming and marketing features over shit people actually want.
tapper82@reddit
Every ASUS router I've ever owned has bin flashed with OpenWrt tuf 6000ax
vandreulv@reddit
Every ASUS router I've ever owned bricked itself. They're built like shit.
mooocow@reddit (OP)
All three Asus routers I've used have started out great and slowly die after a couple years. Random wifi drops and router freezes coupled with terrible firmware updates soured me greatly.
vandreulv@reddit
Same exact issue. I paid over $600 for one just to find out, after the warranty period ended of course, that there was a design flaw in the router that caused the 2.4Ghz radio to eventually burn out over time. That was also around when I noticed my printer wouldn't connect to wifi anymore.
leafdude-55@reddit
Every Asus router I've owned still works and I replaced them due to new wireless standards coming out or upgrading to unifi. Granted my sample size is only two
Ohlav@reddit
And where would the security breach be? U-Boot? The fact you may flash OpenWRT, ddWRT on TPLink devices make you able to configure kernel level parameters.
With a JTAG, you can unbrick it, mess with u-boot, so on. Maybe, MAYBE, they don't like that, but the alternative is to trust closed source firmware.
scubascratch@reddit
I think the idea is that the vast majority of casual owners are not going to be flashing some alternative open source firmware, and there may be existing exploits in the stock firmware.
Hopefully you won’t say that’s the owners problem.
Ohlav@reddit
No, I won't. But if it's firmware is open, it's easy to audit. But nowadays is easier to "ban" something than trying to understand and investigate.
Thing is, this argument could be used to talk about any closed source firmware. Asus, D-Link, Huawei, etc. The only thing keeping it all together is trust.
Strazdas1@reddit
Its not easy to audit at all. Huawei had open firmware and a largest communivation service provider here attempted to audit it. Took them a month, at which point they realized they will need 6 more months and it would be cheaper to just buy from a company without a scandal.
Despeao@reddit
Because this isn't about security, it's about undermining Chinese equipment. They did the same thing to other competitors.
scubascratch@reddit
Easy to audit? I am not sure about that; unless you mean confirm a hash before flashing, and that would still only be ”easy” to a small number of sophisticated people. “Possible to audit” is more true, and if by audit you imply “prove there are no exploits” then that’s either very difficult or even almost impossible.
I agree with this 100%
billythygoat@reddit
Are there any tp link mesh that can use openwrt? I want to get mesh and connect them to Ethernet. I know I can use ap but I’ve had good success with Kasa mesh. Also I want owenwrt so I can add Adblock
tapper82@reddit
Any wifi router AP can do 802.11s with openwrt as long as the FW blob for the WIFI radio will allow it.
Creative_Wolf9828@reddit
I love my TP-link router!
jumpingyeah@reddit
The true concern isn't a dragnet that captures everything, but a surgical, deniable, and persistent access point from TP-Link hardware that a hostile nation-state can leverage for targeted attacks against specific individuals, organizations, or critical infrastructure when needed. The debate and government actions center on the fear of this potential, even if a deliberate backdoor has not been publicly identified.
soggybiscuit93@reddit
The "risk" isn't the individual consumer, but rather the perceived risk of firmware / software updates coming from China to a large % of the US populations' networking appliances.
In the event that hostilities break out between the nations, this arrangement provides an attack vector where compromising firmware can be mass pushed out to potentially millions of households in the initial stages of the conflict (which would be cyber attacks).
It's not that there is a risk today, but a larger overall attack vector that could be exploited in a cyberwar.
C_Ironfoundersson@reddit
Great, but Chinese made EVs are presumably still available for sale in the United States.
soggybiscuit93@reddit
Which ones?
Low-Temperature-6962@reddit
Sounds "proactive". But whether other equipment is really any safer, I have doubts. I can't say I'm unhappy that the alarm allowed me to buy a cheap tp er605 on which I which I will install safer software. However, overall, funding CISA and work on detecting threats and developing fixes over all systems is going to be more effective than banning tp link and pretending problem solved.
soggybiscuit93@reddit
Well, this TPL ban is just one tiny part of a larger trend of the US and China both taking proactive steps to avoid disruption in the event of a conflict.
If conflict breaks out between the US and China, then large TPLink Market Share is an undeniable attack vector. It 100% becomes just one of many risks to manage.
There have been other steps - the US believing that the AI race is the next big weapons race, thus trying to put China on the backfoot with export controls.
China looking at US based chip companies as a risk, and looking to have all gov and military computers use domestic chips.
$Billions spent in the Infr. Bill to specifically upgrade grid security.
NIST requirements for government contractors are constantly being updated with fairly strict requirements, etc.
I feel like any time this topic comes up on this sub, you'll find a lot of people come out of the wood work and just not directly address the fact that this is an attack vector in a conflict. Either what-aboutism to other issues, like US Domestic spying (as if that's relevant at all to the topic)
Low-Temperature-6962@reddit
Cisco, net gear, etc., are only US in the sense that hq is in the US. The hardware and software are designed and built, or bought, internationally, including in China, wherever is cheapest, with little regard to security. Without designing and building in the US, this ban is just a surcharge buy the same insecure equipment.
soggybiscuit93@reddit
No, because the CCP could discretely tell TPLink to add malicious code to the next round of software updates to their US routers in the lead up to any potential conflict, and they would comply.
The CCP isn't realistically getting Asus, or Cisco, or Netgear to do that.
Low-Temperature-6962@reddit
Sorry, but because US businesses care only about profit and not about where they source, that is simply not true. For example: https://nypost.com/2025/09/03/opinion/big-techs-big-greed-gave-china-keys-to-us-defense-systems/
US companies regularly hire North Korean spies because it is cheaper - there have been multiple breaches because of that, even though the software is officially US.
Currently massive numbers of engineering layoffs are still occurring. Companies don't want to make secure products at the expense of payola.
Your goal would be better served by requiring all networking products to be designed, built, and tested in the US by US citizens. If you want to save costs, manufacture electronics in Mexico or Japan, both of which are infinitely more secure than China.
kuddlesworth9419@reddit
I use their powerline adapters because they just kind of work. They where also really cheap.
C_Ironfoundersson@reddit
Hello good citizen! Are you in a five-eyes country? Great, that means that your government has signed an intelligence sharing agreement with four other countries, all of whom are allowed to conduct signals intercepts on your home internet and then just, give it back to your government :)
C_Ironfoundersson@reddit
"ECHELON and PRISM are only cool when we do it".
meshedmyself@reddit
Imagine if companies (like Cisco, Netgear, etc.) put the money they use for lobbying and kissassery into building up their engineering teams, innovating, and making better, more consumer friendly products.
_carbonneutral@reddit
Yeah, this whole thing reeks of U.S. fear mongering. All these chuds who cry and complain about wanting a free market only want it when it benefits them, and as soon as pressure is applies, they resort to targeting companies who are more successful. Fuck Corporate America and all its spindly fingers in our government agencies. I also think it's fucking hilarious that WaPo posts this when they're owned by Jeff Bezos... lmao Jeff Bezos, the American citizen who continues to build wealth off the backs of underpaid and under appreciated workers.
airinato@reddit
Now provide evidence. Any evidence whatsoever. I'll take pretty much anything, should be easy right?
WealthyMarmot@reddit
Not sure what evidentiary standard you’re looking for, but there’s way more than enough smoke to warrant banning TP-Link products from in government and critical infrastructure.
https://dongknows.com/why-the-us-mulls-banning-tp-link-routers/
And it’s not even a secret that the CCP has the absolute power to compel Chinese firms to serve state interests upon request.
More-Ad-4503@reddit
What do you think Cisco, Microsoft, Google, Facebook, Oracle, Boeing, Apple, etc are doing?!
airinato@reddit
I'd suggest re-reading whatever you post because that article gives nothing but conspiracies with a, they could do this but I've found no evidence whatsoever statements.
dafdiego777@reddit
Isn't the idea that the CCP has the potential to have significant influence over personal US networking equipment rather than an active threat?
SecreteMoistMucus@reddit
Yes that is the idea they're using to justify the protectionism. Usually policies should be based on more than an idea, but here we are.
banananon@reddit
This. The issue is at any moment, CCP could order any of their domestic companies to issue a malicious firmware update.
Coffee_Ops@reddit
The same argument could be made of a ton of US-based stuff.
Why, as consumers, are we comfortable with this level of anti-consumerist protectionism which actually makes the problem worse by removing market competitors who might offer a privacy-centric option?
TP-Link is huge in part because companies like Linksys (now Cisco) squeezed the market with expensive garbage that was increasingly anti-consumer, and TP-Link (along with other asian competitors) stepped up with garbage-free alternatives.
Everyone should see this for the ridiculous cover story that it is.
varateshh@reddit
So? If you are a U.S consumer and/or close to the U.S politically and militarily then it less of an issue. It's a massive security risk to allow a nation you will likely be in conflict with to have that leverage. If the U.S is considered a geopolitical security risk you will see the same thing happen against U.S companies (already happening in Russia/China/Iran etc). Even amongst nominal U.S allies de-risking is happening in the form of more domestic production of arms and space assets like Starlink.
Coffee_Ops@reddit
Treating one's own government as if they couldn't possibly be a risk can only be done by covering one's eyes to history.
And of course by ignoring everything that the Constitution was designed against.
Are we just totally cool with fisa courts, prism, and AT&t surveillance closets now?
airmantharp@reddit
One's a risk to an individual, the other's a risk to a nation. You're not making an invalid point, but it misses the larger issue.
airinato@reddit
We're literally sending troops into cities. The U.S. government is currently the largest threat to U.S. citizens.
Other countries are de-risking from us.
Raikaru@reddit
This quite literally has nothing to do with what is being talked about. The topic is not US Citizens it’s the US Government.
airinato@reddit
Sure if you ignore the world around you. I don't really want my government having the ability to spy on me more, but you do you.
Raikaru@reddit
The topic is not the world around you...
airinato@reddit
Oh Christ like you even know what any of those words mean, just look at what I replied too for more understanding. We started talking about US consumers before I brought this up, conversations move past the main topic in threads you know.
Raikaru@reddit
No you moved to that topic because you realized you had nothing to actually say about the main topic after someone told you the reasoning.
dparks1234@reddit
If the US and China ever go to war there is going to be a shit ton of hybrid warfare. TikTok will be filled with anti war stuff, AI misinfo videos will be everywhere, and compromised US infrastructure will be bugging out left and right. If I was American I wouldn’t take any chances with China when it comes to tech.
Ok_Pineapple_5700@reddit
This is sarcasm right?
dparks1234@reddit
You DON’T think China would leverage these things in a conflict?
Ok_Pineapple_5700@reddit
You don't think the US will levarage the tech it has in hands?
dparks1234@reddit
I hope it does. I support the western world order over the alternative
Ok_Pineapple_5700@reddit
Ah so the US is allowed to leverage the tech their have and China isn't. Got it
leafdude-55@reddit
I'm not sure what point you're trying to make. Both countries will use the tools at it's disposal to spy on the other. TP-Link is one of the tools that the CCP has so by your own logic it will use it.
China understands this and bans American tech companies from operating in it. Why should we allow their spyware in while they block ours
Ok_Pineapple_5700@reddit
I was responding to a guy saying China would use TikTok to target the world with disinformation. Nice of you to jump in without knowing the context
84theone@reddit
Man American social media companies did that shit to their own countrymen, do you think a country that hasn’t always the best relations with the U.S wouldn’t also do it if it benefited them enough?
dparks1234@reddit
They 100% would use TikTok. I mean why wouldn’t they? Especially with it being the #1 social media platform for American youth. There’s a reason American social media companies arent allowed to operate in China
WealthyMarmot@reddit
Everyone’s “allowed” to leverage their tech. Doesn’t mean I want someone to leverage it against me.
UnexpectedFisting@reddit
Why would you think that’s sarcasm?
Chinese hacking groups have been behind some of the largest US cyberattacks in history, and our infrastructure has been a critical attack vector for years and has been singled out by multiple agencies as becoming a national security threat because of how old and easy to topple parts of it has become, notably our electric grid.
You should read this, it’s a good interview
https://www.cbsnews.com/news/china-hacking-us-critical-infrastructure-retired-general-tim-haugh-warns-60-minutes-transcript/
Ok_Pineapple_5700@reddit
Just leaving it here for you
UnexpectedFisting@reddit
Um okay? Love the whataboutism
If you can’t discuss the topic on hand then maybe don’t discuss. Hot take I know
Ok_Pineapple_5700@reddit
What is there to discuss lol. People love to spew whataboutism when you point out a similar subject that the side they're defending did. And say "that's not the same" lol. They were caught red handed spying on "allies" and used the NSA to listen to their citizens but yeah we should worry about TP Link routers
UnexpectedFisting@reddit
I mean you literally posted an article about how the US spied on another PM, when the topic at hand was cybersecurity threats and hacking between the US and China. Not to mention it’s a 4 year old article. You didn’t even read the interview I linked talking about infrastructure hacks, you’re clearly not here to contribute
Ok_Pineapple_5700@reddit
Since you read the article, tell me how did the US managed to spy without mentioning cybersecurity and hacking. Go
airinato@reddit
The idea is to bully China, the government doesn't give a fuck about home routers and never has and TPLink has just about ZERO enterprise presence.
dafdiego777@reddit
I think it's more likely the US government thinks its avoiding a remote chance of a shit storm with plenty of other products on the market vs whatever cost savings consumers lose.
Exist50@reddit
What other products? Cisco? They don't even need the government to tell them to put a backdoor in. They have plenty themselves.
airinato@reddit
You can remove any pretense of 'thought' with this government. Literally just follow the cash, either someone made a donation to be against them or TPLink about to have a special million a plate dinner in Flo Rida and this recommendation will magically disappear.
The agency spearheading is DHS by the way, not the actual security agencies we have that they've gutted.
TimeRemove@reddit
The US has been doing this stuff for years. They claim they have security concerns around some Chinese thing, ban it, but never present their technical findings or even describe what specifically they're concerned about. With no independent security researchers finding anything either or it being "leaked" to the public.
It comes across as protectionism without the evidence.
xeoron@reddit
Back doors keep being found. It is owned by China. They also do not release security updates regularly when there is a damning issue found. Tech circles know their cheap products are not safe because of it.
Exist50@reddit
Such as?
U3011@reddit
They may be confusing the hard-coded password scandal or two that TP-Link has suffered. I do not know of any backdoors present in TP-Link hardware, but they were never on my radar because their products used to be terrible.
zakats@reddit
In the open source (military) intel world, this commonly discussed as the angle China is likely to exploit in a conflict between them and the US.
-
This pairs with Xi saying they need to be ready to invade Taiwan by 2028... and the insane d-day like landing craft/infrastructure they're building. It's coming.
JUSTsMoE@reddit
The only threat is the US. I am sorry to burst your bubble, but no one is buying your american propaganda anymore.
zakats@reddit
You okay, bud?
airinato@reddit
Ya they keep saying China will spy on me. I'd rather have that than the DHS that is actively disappearing U.S. Citizens and gathering intel to charge people with thought crimes. This recommendation is by DHS too....
iBoMbY@reddit
Has there been a week when they didn't find a backdoor in Cisco hardware? Sometimes even something specifically coded as a backdoor, like hard-coded credentials?
jameson71@reddit
As if the sky high tariffs weren’t enough protectionism
pixel_of_moral_decay@reddit
Yup.
Meanwhile the stuff allowed is shit and gets maybe 1 firmware upgrade if you dig deep in the manufacturers website.
It’s all bullshit. If I’m being honest my dahua and hikvision cameras are much better in every regard hardware and software to most of the crap on Amazon.
leafdude-55@reddit
How is it protectionism? They aren't blocking equipment from other countries like Taiwan
TimeRemove@reddit
They're blocking equipment though:
https://www.scmp.com/news/china/article/3330692/us-bans-new-chinese-telecoms-gear-citing-national-security-risks
lovely_sombrero@reddit
Meanwhile, the US was caught intercepting network gear in transit and installing spyware in it. I'm sure they've since moved on from that to just straight up building the spyware into the gear in the factory.
wornoutseed@reddit
The NSA has always had surveillance programs in place against the public.
zR0B3ry2VAiH@reddit
Actually yeah this is a good move and should have really been done years ago when they couldn't even patch their own routers. They couldn't patch their own routers because they didn't even have the source code to the routers. They were buying it from a company in China.
Plank_With_A_Nail_In@reddit
Evidence is only required in courts of law.
leafdude-55@reddit
You have to assume it's compromised. The CCP spies on everyone and it's nieve to think they aren't using tp link to do so
airinato@reddit
As opposed to the U.S.?
Neverending_Rain@reddit
I don't think US regulatory agencies are concernened about US spyware.
airinato@reddit
Well kudos for the only sane take I've seen here, but this isn't regulatory agencies, they've been gutted. And the footnote of the article explains what this really is:
"The potential ban of TP-Link products is another in a long list of bureaucratic moves or discussions that have come against the backdrop of trade negotiations between the US and China. While a potential breakthrough in these talks was achieved today, a source for The Washington Post said a ban on TP-Link products remains a bargaining chip for the administration."
leafdude-55@reddit
Yes the US spies too. So countries should do what they can to protect themselves. China doesn't allow US technology in that they deem a security risk
airinato@reddit
As a U.S. Citizen, China is less of a threat to me than my own government.
advester@reddit
That's not the way security works. We don't need a presumption of innocence because we aren't putting TP Link in jail. And revealing evidence is meaningful support to an enemy (the definition of treason).
StickiStickman@reddit
If anyone wants proof that the US is actually brainwashing people, look no further
leafdude-55@reddit
People are down voting this comment for saying something obviously true because for some reason they are defending the CCP. In security you have to assume that any available attack vector can be used by an adversary
Deep90@reddit
If this was true, the US would be enforcing the Tiktok ban which was already passed into law.
Exist50@reddit
Lmao.
sereko@reddit
So you think the government should be able to pick and choose winners based on nothing? What happens when a company pisses off President thin skin and he bans them out of spite?
RedditNotFreeSpeech@reddit
Right and it's interesting their not banning omada which in theory would be even more valuable as a hacked asset since it's targeted more towards commercial.
jhenryscott@reddit
Absolute garbage. The TPLink/Omada home setup is the best value in home/SMB networking. God that’s a dumb idea.
Low-Temperature-6962@reddit
I just bought a tp-link omada, ER605, new, 50 dollars, cheap because of the bad reputation. I'm going to try to install OpenWRT on it, Instead of using the native software. Assuming it is the software that is the problem. Currently using Ubiquiti Edge router lite, but it periodically ramps up to near 100 usage and then I have to reboot it. I think the problem might be a botnet infection, and the Edge Lite won't take OpenWRT.
More-Ad-4503@reddit
i have one of their older routers i think i'll get one of their wifi 7 ones once prices tank
jhenryscott@reddit
Yeah I run a OPNsense filtering bridge then set up vlans on my tplink smart switch
leafdude-55@reddit
There is a reason that it is cheaper. Don't introduce potential backdoors into your network just to save a couple bucks. Unifi equipment is not much more than Omada and is in most cases better
jhenryscott@reddit
Every piece of hardware you didn’t build yourself introduces the potential for a security vulnerability. I have spec’d Unifi in the past and found zero compelling reason to use it again. Omada is tremendously capable hardware.
Low-Temperature-6962@reddit
OpenWRT forever!
Royal_Reference4921@reddit
If you’re in the US, shouldn’t you fear backdoors that would allow the US government to surveil you more than the Chinese government? Only one of those two has the ability to arrest you.
elvss4@reddit
Fear mongering
More-Ad-4503@reddit
great i can get their routers cheaper now
Low-Temperature-6962@reddit
Here's the problem. Us companies are buying the hardware manufactured in China anyway. Us companies are only adding software, and for that they are most likely outsourcing the software anyway. Hence, low quality and full of vulnerabilities. The ban will only put up prices but create no new US jobs. Just higher profits.
mooocow@reddit (OP)
Highlights of the article: * US Gov believe TP-Link is directly controlled by the Chinese government. * Commerce is now able to give 30 days notice to TP-Link regarding the ban and TP-Link will have 30 days to respond. Commerce has not issued a notice, with some thinking this has to do with tariff negotiations. * Estimates that TP-Link control above 50% of the home router market.
I'm searching routers, standalone and mesh, and TP-Link seems to dominate recommendations, especially for the price.
Deep90@reddit
Ironically their security cameras are able to be run more privately than a lot of American ones.
(Looking at you ring)
Low-Temperature-6962@reddit
I would not rely on that.
Deep90@reddit
Rely on what?
You can but the internet to tp-link cameras and they still work. They have local SD recording and can also stream the footage over your local network to a NVR that you own.
Low-Temperature-6962@reddit
Ah, well I did not know that about Amazon ring cameras, how awful. And you explained how you have properly sandboxed your camera, so 👍
Deep90@reddit
Thank you :)
Exist50@reddit
I'm not sure if that's irony, or a contributing factor...
leafdude-55@reddit
Yes avoid that spyware. There are private American options though. Unifi and Honeywell have options that store video locally
Deep90@reddit
I'll have to check Honeywell. I was familiar with unifi but they are expensive.
Currently on reolink which you can block Internet on.
FranciumGoesBoom@reddit
Unifi is the Apple of networking....
I've got a few cameras and hopefully getting the G6 doorbell soon. Mostly because it integrates with my equipment already and I can store everything local. I'm not getting any cameras that automatically stores video in a cloud environment.
Deep90@reddit
Luckily there are more and more options these days.
They also just run better because they don't depend on uploading and downloading data constantly.
ctskifreak@reddit
I gave their Kasa stuff a try with a simple smart plug, and I have a mix of Kasa and Tapo stuff. I like it better than the Wyze camera I tried.
Deep90@reddit
Reolink is another good option.
Saneless@reddit
When I was looking for a triband mesh a few years ago my options were TPLink and a Netgear at double the price. And the reviews were garbage for Netgear
I've been happy with it. Even was able to add on a unit to fit in the mesh
I'll ditch it but the other companies gotta step the fuck up. With even less competition I don't see that happening
leafdude-55@reddit
There's tons of good alternatives. For plug and play + low price Asus is my go to. For high end stuff I switched to unifi
Saneless@reddit
I wouldn't call $700 for Asus and $400 for TPLink exactly an alternative. Or low price.
I need a multi device mesh, the nightmare spiders are useless in my house
ivandagiant@reddit
Hell yeah does this mean we are about to get flooded with cheap routers from the government
I’ll raw dog a government router
apocbane@reddit
I built my own with Arch and a few old NICs.
JelloSquirrel@reddit
Yah all TP-Link shit has mandatory cloud integration, same as Huawei. That's the backdoor, always on persistent root access to your device.
Coffee_Ops@reddit
Having trouble with where that's the federal government's concern. Ubiquiti does the same, are we banning them too?
Shadow647@reddit
That's not really true, you can set up Ubiquiti hardware on a local network controller without using their cloud at all.
Low-Temperature-6962@reddit
What about ubiquity or tp as gateway? Neither is safe with std soft.
Coffee_Ops@reddit
Go try to set up the Ubiquiti controller on an airgap network and let me know how it goes.
Spoiler: They removed that ability years ago.
Shadow647@reddit
I did that earlier this year so clearly it wasn't years ago
In fact I am not sure that it has even happened :)
Coffee_Ops@reddit
https://community.ui.com/questions/CloudKey-Gen2-or-setup-without-internet-or-firmware-2-x-or-request-2622878/c2deba1b-b3a9-4654-b6b3-e64f33143ab3
It may have been a bug, or a feature they walked back, but it absolutely happened.
notam00se@reddit
https://www.tp-link.com/us/support/faq/4096/
Omada has software and hardware controllers available, just like Ubiquiti.
Shadow647@reddit
Omada are not 'home routers', they're categorized as SMB
Coffee_Ops@reddit
Omada are prosumer same as ubiquiti.
JelloSquirrel@reddit
Manufacturer with persistent root access with a government that legally requires to give them that access with no oversight. It's pretty obvious what the issue is, not all governments are democracies with strong separation of what the government is and isn't allowed to do.
Coffee_Ops@reddit
The oversight is "that's a private matter for the consumer who can choose a vendor who does not do that".
It's pretty wild for an old guy like me to see people so quickly in favor of the government making these market choices for the consumer.
dparks1234@reddit
People will read the Snowden leaks about the NSA yet act surprised when someone implies China might want to do similar stuff with their massive international tech export industry. People are either naive or they think the US and China are never going to clash sabres.
CatsAndCapybaras@reddit
That argument may work if the US were a democracy with a strong separation of what the government is and isn't allowed to do.
JelloSquirrel@reddit
Definitely eroding in the US but it's generally had better protections than most countries. Plus the us government isn't worried about itself or being hypocritical. The ai built into everything is the closest we've ever had to Chinese style state surveillance tho.
lupin-san@reddit
This argument doesn't really work. Is Ubiquiti linked to a hostile state?
tapper82@reddit
not if you flash it with OpenWrt
vandreulv@reddit
3 routers from TP Link, no cloud integration required. I was able to set them all up locally using the direct IP address in a browser.
Dreamerlax@reddit
It's optional?
RedditNotFreeSpeech@reddit
I just setup two new tplinks and I was able to skip any cloud integration
NootHawg@reddit
I was about to say the same thing. I’ve had these wifi6 TP link mesh routers for about 2 years I believe and I have never had anything about cloud integration come up. This is more propaganda to scare people. You can load open source firmware like openwrt if you’re concerned about spyware or whatever they claim TPlink is doing or might possibly do.
RedditNotFreeSpeech@reddit
It's plausible that you could embed a backdoor in the hardware but it's just FUD without evidence and it's weird to target this one brand when it could be true for any.
Ploddit@reddit
What's the scope of this? Just routers? Not wireless APs or switches?
Low-Temperature-6962@reddit
I would assume they consider wireless aps a big, if not the biggest, risk.
thatmatmik@reddit
My router is a Verizon g3100 sitting in front of a handful of Omada gear - the router is manufactured in Taiwan with R&D in Taiwan & China. If China is the problem, shouldn't we ban these too? How about every other device built in china? Is Yealink on the chopping block? Extreme Networks?
Enterprise grade stuff should be used in enterprises. No one in their right mind should deploy discount commercial grade networking equipment for Enterprise use. But a coffee shop who just wants to stand up a hot spot with a captive portal on the cheap?
Soul seems really sus
NetJnkie@reddit
Incoming ballroom donation!
tapper82@reddit
Pleas look to see if your routers can take OpenWrt and then You can take controle of the FW on it.
Dark_ShadowMD@reddit
This govt want you disconnected guys... They hate you being online...
anival024@reddit
The exact opposite is the case. They want everyone online and monitored and tracked at all times.
Dark_ShadowMD@reddit
Isn't that what your TV is for? Dunno...
Earthborn92@reddit
i just bought a shiny new TP-LiNK WIFI 7 router a week ago...
i guess you could pay a premium for the ASUS one.
morgartjr@reddit
Why aren’t we doing the same for Lenovo?
v12vanquish@reddit
lenovo is taiwan..
leafdude-55@reddit
Idk why Lenovo hasn't been targeted. They have a huge enterprise presence unlike TP Link
vandreulv@reddit
Because they own Motorola and it is still seen an an "American" company.
Desistance@reddit
Give them time. If it works for TP-Link then it will work for the rest
WealthyMarmot@reddit
Ubiquiti is an American company that does offer plenty of NDAA-compliant options
max1001@reddit
But all the cheap $5 IoT devices are fine to sell on Amazon.
LickMyKnee@reddit
https://www.youtube.com/watch?v=KiSjtLajTy0
LickMyKnee@reddit
https://www.youtube.com/watch?v=KiSjtLajTy0&list=RDKiSjtLajTy0
letsgoiowa@reddit
It's a shame because they have by far the best value hardware. As a general principal though don't install enemy devices directly into your network though, but we have yet to see an example of it coming to bite you (I think). I want some kind of evidence.
I have been thinking about replacing my tplink router for a while just because of this.
Dreamerlax@reddit
Good. More for the rest of the world.
DanceWithEverything@reddit
Just routers? Switches are not affected (allegedly?)
EasyRhino75@reddit
I wonder if this would include the Omada brand.
And I wonder what Commerce things about the other Chinese router companies.
leafdude-55@reddit
Avoid all networking equipment from China. It's not worth the risk when there are plenty of alternatives
narwi@reddit
Now show some proof it is more dangerous than Cisco made ones from various brands.
RedditNotFreeSpeech@reddit
Home Depot just clearanced. Kar I'd their tplink
jaquan123ism@reddit
so i would have to potentially imo downgrade to ubiquity more expensive for nearly the same equipment and software as omada