I can’t wait to get a hold of a bunch of cheap TP Link routers. Those things run OpenWRT like champs.
same
I don't care if China steals my data or uses my router as a vector for a DOS attack at this point. My fascist nation already has domestic back doors to spy on me if I was interesting enough. My opinion of China is roughly the same as my opinion of my own red white and blue shithole, about as low as you can go. In fact, their regular people on the street seem a hell of a lot more prosocial and EMPATHETIC than I've ever seen here in the US going by Rednote. I'm on nobody's side geopolitically because nobody is on my side.
Besides, we destroyed ourselves already. Checkmate CCP! Have fun spying on the ash heap. Spoilers: we're largely poorly educated here by design, so enjoy the stream of "...evolution is just a theory science is fake education is a scam pull yourself by your bootstraps stop virtue signaling it's not greed I'm rationally self-interested... "
Maybe China isn’t the bad guy. They have goals. Goals are good. We’re mainly into destruction and extracting capital. Wild thought, maybe we’ve never been the good guys. :o
I don't think goals are inherently good... Hitler had goals...
I believe you’re referencing Hitler to the incorrect country. China’s moving towards socialism, very slowly. The US is going straight fash at the speed of light.
Sickusername btw. Ever seen them live? One of the best shows I saw in the few surrounding years (of the year I saw them)
In a fucked up way I lol’d at this. If I put on my tinfoil hat I’d say the USA is encouraging China to “spy” on us so they have to absorb the brainrot. Poor bastards
Oh but all the US hardware with spyware from the NSA/FBI is just fiiiiiiiiiine.
As always US wants the data, they just don't want anyone else to have it.
It's also a laugh for them to say "fuck you consumers you don't get to" when the federal government already fucking blew it with SolarWinds.
Personal opinion this is much ado about nothing. In other words this article is baseless fear-mongering.
Trump is a bigger national security concern than fucking TP-Link and no one in power is seriously talking about removing him.
His economic moves will devalue the US Dollar and put it at risk as a reserve currency. Who is gonna step in? China.
But boo hoo, we should ban TP-Link! What a fucking joke. If you're really "worried" about China, get rid of Trump yesterday.
Trump is a bigger national security concern than fucking TP-Link and no one in power is seriously talking about removing him.
There is an abstract ironic beauty to this.
To secure US networks, start by kicking Musk out of government systems.
Seriously, DOGE could be literally installing ransomware that kicks off if anyone tries to block them... They were hooking up random fucking servers right into secured government systems and were given write access at some of those government systems.
"the single greatest insider threat risk the Bureau of the Fiscal Service has ever faced."
https://www.wired.com/story/treasury-bfs-doge-insider-threat/
He is like Spyware or just crappy insecure code become manifest in human form.
As always US wants the data, they just don’t want anyone else to have it for free
I guarantee you that American data is going to Chinese companies. Temu has your data. Alibaba has your data. Bilibili has your data. They're just getting it by purchasing from American data centers.
So what you're saying is, the complaint about China spying on people boils down to piracy?
It's the thing American IP companies care about the most.
Three separate government departments are investigating TP-Link, so someone either tipped the Fed off and you (and the public) know nothing, or this is simply a witch hunt.
Since I know for a fact I can't trust anyone commenting anywhere on the internet as a credible source, I'm hoping those departments who once were independent of the Executive control and free of Trump corruption and are now filled with human excrement yes-men MAGA regarded morons, i will hold my anger until we know more.
The US government has something of a credibility crisis, doesn't it? (And I don't think it started with Trump, though he makes it worse.)
It looks just like the Tik Tok ban to me. Racist/Nationalist nonsense that doesn't solve the actual underlying problem, which is lack of regulation in the US
The best that they've got is that TP-Link is competitive on pricing. Oh no they're not bilking consumers and still make enough money to function, that must mean something shady is happening! Or maybe they're just a company who isn't all-in on ripping off consumers for overpriced tech gear?
Also, the argument that some models force you to log in, sure, if you're a technically un-inclined dingus. If you are technically inclined, literally nothing is stopping you from installing something like OpenWRT/DD-WRT/FreshTomato on your TP-Link router and bypassing the login requirement entirely by replacing the firmware with an open source variant (note: DD-WRT isn't actually fully open like OpenWRT and FreshTomato). The point being that their two major arguments for why TP-Link are dangerous are defeated pretty damn simply.
If I can avoid logging in by installing fresh firmware of my own, and the only other major argument they have is that they're selling at lower prices then competitors... well, that's pretty weak tea.
Which do you prefer FreshTomato or WRT ones?
I haven't tried FreshTomato, just know it exists. I used to roll DD-WRT but I've moved to OpenWRT because I prefer code that is auditable.
TP-Link has a bad history of significant security vulnerabilities that have to either be gross negligence or intentional backdoors. Consumer router firmware is notoriously neglected in the grand scheme of tech, but TP-Link is exceptionally bad. Your average and even most above average techies probably have no idea unless they follow security releases or live in the security world. I personally wouldn't know much if anything about them if not for some YT content I watch about software and security. I don't love blanket blocking of stuff, but this one I feel is necessary to help protect an ignorant population.
I 100% agree with the sentiment that Trump is way more dangerous, because he is, but the two issues can be addressed (or not unfortunately) at the same time. If our reps won't stop Trump, and not going to be upset over he small wins that we do get.
So, say I have a POE outdoor router that is TP-link. It is wired to my main router and is the network for outdoor cameras. How bad an idea is this?
If you're just running it in AP mode and extending from your base router you will be better off than if it's your WAN device. I don't know enough about these exploits to know how they are executed, so I can't give you a solid answer, but I think it's best to err on the side of caution when it comes to your data security.
If you're fairly tech savvy and willing to put in a little effort, you can flash the firmware on the TP-Link with something open source like openWRT and that would eliminate any exploits directly caused by their coding. I haven't done this in years, but I'm sure there are plenty of guides to walk you through this. It would require resetting up your network, but you'd need to do that if you replaced anyway.
Personally, I would replace the device with something higher quality. I don't have recommendations for you, but I'm sure there are some resources you can find with security minded device recommendations. For "pro-sumer" grade stuff, where it's better than your off the shelf options but not enterprise grade, I've heard Unify is a good option, but it's complicated and expensive.
Do you have any links to the alleged bad history? I couldn't find anything, partly because the recent political theatre makes it hard to be informed.
Here is the main video I watched that breaks down a recent ish CVE and at the end he gives some thoughts on TP-Link, D-link, and another and just his professional security opinion on them.
It is only one source, but I think it's a strong one.
Thanks!
Yeah, it boils down to... who do you want seeing your data?
The Chinese? or the Americans?
On one hand, I wouldn't trust the US with anything. On the other hand, there's a pretty good chance whatever they keep that data on catches on fire or has a plane fall on it.
Please yes, I look forward to cheaper routers due to oversupply.
I don't understand why they're considering a ban. People should be changing the default password on their router. If they aren't and they leak information that isn't theirs, tough shit, fine them. If they leak their own information, let them deal with the consequences.
There are so many people who just don't get tech though. I was just at my buddy's patents house, probably early 60s, and they have a random default SSID and password. It's like 15 digits long. Secure as can be. If they really bothered to type that in on all their devices, I'm thinking they were probably incapable of changing it through the software.
Or they just didn't know how. Which is a distinct possibility. Some devices these days even let you share the Wi-Fi password through QR code or similar. So you don't have to enter it until every device.
Dumb policy but still fuck tp link routers. They never took security remotely seriously to the point where their products are known for being a good entry point into learning about exploiting embedded devices.
Don't really care or think the government spyware concerns are particularly legitimate but they definitely aren't secure products to have on your network
You sure you're not confusing TP-Link with D-Link? The latter has been the common attack surface I'm familiar with, and the former has been a staple for enthusiasts and as a tool for pentesters.
There's quite a few TP-Link Models that can be flashed with open source firmware. The ones I helped friends and family with seemed to get software updates consistently after being discontinued.
This isn't an all out endorsement, but I've certainly seen worse.
Every single consumer SOHO router is just a data mining security clusterfuck these days, brand is irrelevant. The only way to really get away from it is to run your own SBC or NUC with a wifi card and shit.
They make mini PCs with five Ethernet ports that are perfect for this sort of thing.
Mikrotik is probably OK IMO.
probably, lol. they don't even support openwrt
And?
what do you base that probably upon?
It's a European company, they are widely deployed and well regarded.
Their hardware is decent and well priced.
I don't think if anyone else can provide this type of hardware at that price point.
His economic moves will devalue the US Dollar and put it at risk as a reserve currency. Who is gonna step in? China.
China doesn’t want to become the world currency, but they do want a BRICS currency. This will take years, though.
I buy a lot of TP-Link switches because they are cheap so please dont
This is a most excellent place for technology news and articles.
