TP-link is reportedly being investigated over national security concerns linked to vulnerabilities in its very popular routers.
We have this really great approach to security where we allow the adversary to infiltrate a huge portion of our infrastructure for years and at many different levels, and then we say “hm, maybe we shouldn’t be allowing this?”
Almost like it has less to do with security and more to do with securitization of economic competition.
If you really think this is just about economic competition, you’re very wrong.
The FBI didn’t recommend using encrypted messaging apps because our infrastructure being compromised is no biggie.
These are computers manufactured by and in a foreign country that’s expressed mutual hostility to the US. Computers follow instructions and manufacturers are in the best positioning to add custom instructions like “if you receive this instruction, brick yourself.”
After the cyber attacks in the last decade people should realize crypto scammers aren’t the only one’s that have an interest in shutting down important infrastructure.
This comment of yours immediately evokes the idea of the right hand that doesn’t know what the left hand is doing.
The right hand is the security theatre that the west is showing its citizens against foreign adversaries who hack their devices and introduce vulnerabilities.
Meanwhile the left hand has been doing mass layoffs and moving manufacturing off-shore ever since the 60s and 70s and trying to fuck over it’s own labour forces to make exponential profits.
Whats funny here is that you guys are bitching about “foreign adversaries” while also handing over the blueprints of your entire infrastructure to said adversaries without giving them anything valuable in return for their cheap labour cost and weak laws.
What did you expect to happen?
Does it matter now? The alternatives are either Chinese companies, made in China, or filled with Chinese parts.
I’ll give China credit, they’ve stitched everyone else right up, and we slurped it down because we’re a sucker for cheap shit.
You can buy plenty of American made routers and other hardware that isn’t quite as shady. But like you said, we love our cheap shit here, and don’t give its malicious intent a second thought.
And no, it does not matter now, that’s sort of my point. Pandora’s box has been opened.
Well its just natural for coubtries to do this at this point when they dont like each other
In an off topic, I often prefer a open hardware router like raspberry pi router as it gives me control! For me it’s safer to use as documentation is open like pfsense and openwrt.
I don’t understand why doesn’t Raspberry Pi make a router when they’ve ideas like the 500 🤦🏻♂️
There’s already OpenWrt for Pi. All you need is to add a switch or a USB ethernet adapter.
The US government is just upset because it’s harder to place back doors in non-US hardware. It’s a US national security concern to NOT have US back doors in devices.
That’s not all. The US government exists to look out for the interests of wealthy americans.
Every dollar spent on a different nation is a dollar that could’ve been spent on them, in their eyes.
American business owners know that China is competitive because they can provide better products at cheaper prices. Americans would need to invest in making their products better or lower prices to compete with China. Both result in lower profits for owners.
This is why we will never stop seeing FUD against products that offer us a better deal than those looking to exploit us further. It’s more profitable to convince useful idiots to “buy american” than it is to actually sell them products worth buying at competitive prices.
Countries like China, Germany, Taiwan, etc. have competitive exports because they have direct and indirect subsidies to their manufacturing sectors at the expense of their household sector.
Some of these subsidies include a weak currency relative to their economy, weakened labour laws, preferential interest rates, capital controls, labour movement restrictions, etc.
China uses all of these. Germany primarily used the Hartz “reforms” which basically decoupled wage growth from productivity and GDP growth.
The reduces the household share of national income and they cannot afford to consume the production of their manufacturing sector and therefore the excess production must be exported.
This comment is suspicious to me. It’s been companies like Apple that have pioneered using Chinese labor to increase their profits. Moving jobs to the USA won’t help make them any richer. It makes economic sense but not strategic sense
Running OpenWRT is generally a good idea. I’m not gonna lie and say it’s easy to setup. But it’s worth it.
It’s a good idea, but there’s going to be firmware at lower levels (roughly the BIOS) that could still be compromised. It’s best to just not buy Chinese hardware designed and manufactured by a Chinese company with no western involvement when you can avoid it.
This didn’t even occur to me when I bought my new router recently. I just went with one of the best-reviewed models that had all the features and speed I needed.
Did you get a TP Link?
Last time I was in the market, they were a top pick.
I’m not sure, but with routers, I think OpenWRT installs/flashes at the firmware level. There could be hardware level vulnerabilities I suppose.
In the case of Lenovo laptops used in Iraq (2004), China had additional hardware chips snooping and sending data back via Ethernet cable.
An even better way is to leave vulnerable pieces in all parts of the firmware / software stack. E.g. old version of SSH with a known vulnerability or two, old web server, etc. Then just exploit as needed.
The examples you gave are all at the OS level and installing OpenWRT would fix them. The firmware/BIOS level is much more custom and can be susceptible to attacks the OS is completely unaware of (effectively pre-installed rootkits). Hence why I mentioned it may not be enough to install OpenWRT.
I’d personally hope they just force open sourcing their firmwares if they want to stay in the market. I really like my Omada stuff, ubiquiti is just a tough pill to swallow on price.
They (FCC) forced firmwares being signed so nobody can install their own on the off chance it unlocks TX power or frequencies not allowed by FCC.
Can’t say I’ve ever seen an example of signed firmware that didn’t exist to further exploit the working class.
You’ve never used Linux?
Signed firmware just means you can prove a given key was used to sign something. Most Linux distributions sign their packages so you know one of the trusted keys from the maintainers was used to sign the packages (and yes, this includes firmware), which prevents a man-in-the-middle from modifying packages.
The only problem I have with signed firmware is if there’s no way to change the acceptable keys. Signing itself is an important security feature, its only problematic if the user can’t upload their own signed packages.
I honestly like the GL.iNet approach in terms of software which is kinda like Android.
I recently bought their Flint 2 (GL-MT6000) based on multiple recommendations online when looking for a router that supports OpenWRT. That’s preinstalled, with AdGuard Home and WireGuard VPN on top of it. I’m looking forward to set it up and play around with it.
What do you exactly mean when you describe their approach in software as Android-like? That it’s easy to install services in OpenWRT?
It’s OpenWRT as you said but with their own skin and added features instead of completely spinning it off from the ground just because one has a feature to add as an idea like the native AdGuard Home home you mentioned, this makes sure it’s either continually supported because of OpenWRT or anyone can install the vanilla OpenWRT if support is no longer carried by the manufacturer.
So who tf is left who makes good wireless routers? When I bought my tp-link it was top rated and recommended by everyone.
Yeah, most of those sites end up recommending the same brands over and over, which causes people to buy them and talk about them. I don’t want to say, a scam, but it feels… scummy.
They never talk about other brands like Ubiquiti. Which isn’t a perfect brand either, but I’ve never seen it compared. Or even a low end Netgate. It’s always TP-Link, Asus, Netgear, Linksys, or D-Link… the same brands that have existed for the last 20 years offering crap. But Ubiquiti, Hawking, Belkin, etc. you basically never see.
I just googled it. Top 3 sites were wired.com, pcmag.com, and reddit.com/r/HomeNetworking (with a top comment pointing to cnet.com and nytime.com). And if you guessed TP-Link was recommended no.1 on all of them, you’d be right. To me, with the absolute garbage reviews on all of them, and the stupidity small sample size, it feels like TP-Link just buys the reviews because customers will read the reviews and buy their garbage. There was a mattress company that did something very similar years ago. The deck is stacked against customers.
And especially scummy, is TP-Link offers some cheaply made, highly marked up garbage that underperforms. They also are notorious for not delivering consistent updates to their routers. Maybe one or two updates, and they certainly don’t care if all the features don’t work. Just looked up one I bought from them before I wised up, the Archer C5400. 2 updates on a $200 router, that came highly recommended. Checked the v2, and also just 2 updates. I doubt it’ll ever see another.
On top of their terrible support and pathetic hardware… they also moved to a cloud SaaS config model. They want you to sign up for an account and use TP-Link Tether. Here’s something written up 3 years ago on [reddit](https://www.reddit.com/r/hardware/comments/tbthjj/psa_newer_tplink_routers_send_all_your_web/}
My general suggestion for most people who want something that just works and is easy to use… the Ubiquiti Dream router isn’t a bad option. It’s not the best, but if you don’t want to really get into how networking works, it’s a good option.
I’m a techie, but I’m past the point where I want to tinker and mess with my stuff for hours or days to get it up and running. I’m sure the enterprise grade options are better, but I just want some plug and play option that at least allows me access to the more detailed stuff if needed. This looks like a solid recommend.
I gave up on TP-Link. I will never purchase any consumer router from them again. Little to no updates, connection issues that were made worse with an update, features REMOVED with an update, settings wouldn’t always stick, which results in a factory reset to get it to do anything. WPA3 just doesn’t work. It even would “mysteriously” turn it’s DHCP server back on, no matter how many times I turned it off, when it was in AP mode. Friend had the same model and most of the same issues.
I have had better luck with the other brands, but I feel like most of them suck or cost way more than they should.
Just get an enterprise grade router (e.g. Mikrotik) and a separate AP (e.g. Ubiquiti).
“just”
That’s not an option for most people. They’re either not savvy enough to manage everything at that level or don’t care to and they will likely spend more money doing it this way.
They actually made a great suggestion with mikrotik…granted I come from a networking background but those can be as simple as you want or as complex as you need. Their products are resilient and prices are a chefs kiss for what you get. Now if they had recommended just some juniper or cisco gear I’d agree with you but mikrotik makes great products at great prices.
Why not? They have a super user-friendly “Quick Set” UI that’s literally one screen with:
- WAN port and IP
- LAN network (subnet)
- VPN (optional)
WiFi is a little more complicated since it’s a separate unit, but Ubiquitis instructions are extremely straightforward if you use their app (single AP only) or their cloud management service.
I’m no IT pro, and I got it set up quickly. I’ve since added a bunch more to my setup and learned a ton, but basic setup is pretty approachable. If you know enough to understand the issues in the article, you’ll be 100% fine.
