US Weighs Banning TP-Link Router Over National Security Concerns (msn.com) 148
U.S. authorities are investigating Chinese router manufacturer TP-Link over national security risks and considering banning its devices, WSJ reported Wednesday, citing sources familiar with the matter. The Commerce, Defense and Justice departments have launched separate probes into the company, which controls approximately 65% of the U.S. home and small business router market.
Microsoft reported in October that Chinese hackers had compromised thousands of TP-Link routers to launch cyberattacks against Western targets, including government organizations and Defense Department suppliers. The company's routers are widely used across federal agencies, including the Defense Department and NASA. The Justice Department is also examining whether TP-Link's significantly lower pricing violates federal anti-monopoly laws, the report said.
Microsoft reported in October that Chinese hackers had compromised thousands of TP-Link routers to launch cyberattacks against Western targets, including government organizations and Defense Department suppliers. The company's routers are widely used across federal agencies, including the Defense Department and NASA. The Justice Department is also examining whether TP-Link's significantly lower pricing violates federal anti-monopoly laws, the report said.
Matters? (Score:5, Insightful)
Would this really matter? By they time they get around to banning anything, a different Chinese company will pop up and make the same thing with the same cheap price and same lax of security.
Re:Matters? (Score:5, Insightful)
TP-Link should have been banned a long time ago, so yes it is quite late. The reality though is that getting back that dominant market position requires significant time and resources, and until you have the large install base the scale of the security risk is limited. Similar measures should be made for other Chinese brands. Of course it is better to do it based on a security audit rather than nationality, but that is a little harder to implement.
Re:Matters? (Score:4, Insightful)
Chinese relations need to revert back to how they were before Tricky Dick through us all under the bus.
Re: (Score:2)
It was also Kissinger, and they both threw Taiwan under the bus as well.
Re: (Score:2)
It was also Kissinger, ...
Looking like that, he talked his way into Jill St. John's bed. Enough said.
Re: (Score:3)
Re:Matters? (Score:5, Informative)
By the mid 1970s China and Vietnam were on opposite sides due to a dispute over Cambodia so much so that China tried unsuccessfully to invade Vietnam in 1979. You could make the case that Nixon's withdrawal from Vietnam helped lead to the end of wars in South East Asia but selling out our friends in Taiwan to the People's Republic of China by stealing their seat on the UN Security Council, having them expelled from the UN, breaking off formal diplomatic relations, declaring them a non-country and ultimately breaking a thirty year military alliance and withdrawing our troops from the Republic of China did not so much as end war in South East Asia as set the stage for what could be a much more serious war than Vietnam five or six decades later. Betraying your closest friends is generally speaking not the way to win friends and influence people. More like the opposite.
Re: (Score:3)
RoC politics at the time were dominated by the KMT - their name literally means "Chinese Nationalist Party". The KMT has always strongly held the position that there's only one China and they're the rightful government of all of it. At the time, they were still convincing themselves tha
Re: (Score:2)
Re: (Score:2)
TP-Link should have been banned a long time ago
Do you have anything to base this on other then xenophobia?
Re: (Score:2)
How about Chinese law itself [ft.com]?
Re: (Score:2)
Using this logic anything made in China could be considered spy tech, as the PRC could be compelling the manufacturers to add backdoors to the products outside the original designs. That would also make any Western company's products a security concern if the device was manufactured in China.
Please link me to consumer router that is not built in China at all.
Re: (Score:2)
None that I know. That's a huge part of the problem, isn't it?
Re: (Score:3)
Re:Matters? (Score:5, Interesting)
Also, let's say they pull a Huawei style ban and demand the ISPs replace any devices they've supplied to end users as part of a service setup bundle, etc. (tinfoil: with one the US definitely has access to a backdoor on instead of a potential one that gives the PRC access)? Since TP-Link seems to be a very popular brand for ISP supplied packages, that's not going to be particularly cheap. As a quick guesstimate; 65% of approx 130m homes in the US (not all of which will have Internet) + businesses, etc. is likely to be somewhere around 75m routers deployed, many of which are probably ISP supplied. Who pays for that? My money is on the taxpaper, one way or another.
Re: (Score:2)
>> how many were more likely compromised through some lame setup of the router by the ISP
Maybe its just that "TP-Link routers are routinely shipped to customers with security flaws, which the company often fails to address" like the article states.
Re:Matters? (Score:4, Informative)
Maybe its just that "TP-Link routers are routinely shipped to customers with security flaws, which the company often fails to address" like the article states.
All do.
I was recently involved in 2 major patches to 2 ONT+RG devices from 2 different manufacturers deployed in many millions of homes in the US.
For one of them, a huge number had already been compromised. After a day of the vendor leading us all on wild goose chases to close the fucking door, I found the actual problem in about 30 minutes with binwalk and Ghidra. A hard-coded password on an open ACS port.
Beyond that, almost every device we deploy, I have found at least 1 vulnerability that lets me get into them in emergencies.
The software stacks on these things are cobbled together with open source parts and bash scripting by the lest competent people you can find, for the lowest dollar.
This includes US manufacturers.
The arguable *worst*, which I will not directly name due to close business relationship, is a very American brand.
Re: (Score:2)
Yeah, it's not good business practice to burn bridges, is it? ;-)
Re: (Score:2)
>> the vendor leading us all on wild goose chases
That sounds like incompetence, but at least they were attempting a fix.
"While routers often have bugs, regardless of their manufacturer, TP-Link doesn’t engage with security researchers concerned about them"
Re:Matters? (Score:4, Insightful)
That sounds like incompetence, but at least they were attempting a fix.
Correct, and agreed.
"While routers often have bugs, regardless of their manufacturer, TP-Link doesn’t engage with security researchers concerned about them"
Neither did this company. Hence me finding the bug for them, and distributing the information and mitigation steps OOB. They did acknowledge me, but they also tried very hard play down their culpability and incompetence.
If you get bored, you can browse here [tp-link.com] to see that they fix security and functionality bugs all the time.
Re: (Score:2)
The link shows that you can download firmware but that doesn't imply that they fixed security bugs and responded appropriately to bug reports. I get it that the vendors will routinely try to deflect responsibility but TP is being accused of consistent negligence of security issues.
Re: (Score:3)
Your double standard is absurd.
Don't be a puppet for this weird fucking attempt at reproducing PRC domestic policy in this country.
Re: (Score:2)
The change logs showed they responsibly fix security bugs and respond appropriately to bug reports? Seems unlikely, and the logs are just developer comments, right?
Re: (Score:2)
Of all the evidence presented so far, in that this is the only evidence presented thus far, this makes the case that they are certainly no worse than any other manufacturer.
You're setting a bar that nobody must follow, so again, your double standard is absurd.
Re: (Score:2)
The availability of updated firmware implies that they fix some bugs but it certainly is no indication "that security is a concern of theirs".
Meanwhile;
"An analysis from Microsoft published in October found that a Chinese hacking entity maintains a large network of compromised network devices mostly comprising thousands of TP-Link routers. The network has been used by numerous Chinese actors to launch cyberattacks."
"TP-Link routers are routinely shipped to customers with security flaws, which the company of
Re: (Score:3)
The availability of updated firmware implies that they fix some bugs but it certainly is no indication "that security is a concern of theirs".
This is the dumbest shit I have ever seen.
If one does thing A, then that demonstrates, inarguably, that A is a concern of theirs.
You lost this. Cut it the fuck out.
"An analysis from Microsoft published in October found that a Chinese hacking entity maintains a large network of compromised network devices mostly comprising thousands of TP-Link routers. The network has been used by numerous Chinese actors to launch cyberattacks."
millions of SOHO routers in the US are compromised. It's the #1 most common problem I deal with at work.
Thousands? Give me a fucking break.
"TP-Link routers are routinely shipped to customers with security flaws, which the company often fails to address"
I see you convenient left out the attribution, lol.
"According to people familiar with the topic".
Are you trying to say that hearsay is your evidence?
Are you this intellectually dishonest, or dense, in
Re: (Score:2)
Often manufacturers get caught flat footed with a bug that makes the news, then they run around in circles trying to figure out what to do. The manufacturer may have gotten firmware from a third party and then there's all the politics of shifting blame back and forth between companies until someone figures out what the problem is. And often it is just bad OEM configuration.
Re: (Score:2)
Right, you sell cheap devices with low margins, then you make up for that with cheap labor, cheap parts, and a rushed schedule. I see all sorts of weird shortcuts in cheap stuff in Southeast Asia.
There's also the DD-WRT, Tomato, and so forth, open source Linux firmware for routers. Much better quality overall, more features, better thoughput, etc. It may have holes too but it doesn't feel as slip-shod. Snag is that it won't work on many routers. Ie, the CPU changed from v2 to v3 of a router, but the box
Re: (Score:2)
There's also the DD-WRT, Tomato, and so forth, open source Linux firmware for routers. Much better quality overall, more features, better thoughput, etc. It may have holes too but it doesn't feel as slip-shod.
Couldn't agree less.
*WRT and Tomato are not great software stacks, either, at least from my network engineer perspective.
Their configuration schema is truly fucking bizarre and nonsensical.
Sometimes they work with offloading functionality on the routers, sometimes they don't- but they *rarely* have better throughput.
I am an open source aficionado, and I look forward to the day where we have an open source SOHO router stack that doesn't suck.
In the meantime, I use EdgeRouter devices from Ubiquiti for c
Re: (Score:2)
Oh ya, I got better throughput first time I switched over. That's because consumer routers suck. Maybe commercial ones are better, but for home use the routers are terrible, especially the ones that are included with the ISP.
A big noticeable factor, the reason I attempted the DD-WRT, was because my streaming was getting a hiccup every 15 minutes. Like ten seconds of nothing happening. It seems that DNS was refreshing in that time period, and there were some followon effects? Anyway upgrading it was ver
Re: (Score:2)
Oh ya, I got better throughput first time I switched over.
Insert magic meme here.
The throughput is based on:
1) Device supports offloading (flow usually)
a) How good that is. Flip 6 coins. If all 6 are heads, DD-WRT supports that offloading engine.
2) Device doesn't support offloading,br> a) CPU speed.
In situation 2, all forwarding is done in the kernel, and that code is stable. DD-WRT adds *zero* magic here.
The forwarding happens in the ksoftirqd threads, and nothing in the universe can steal CPU time from them.
I'd say either placebo, or those folks ship
Re: (Score:2)
It's just a scheme to prop up failing US companies that can't complete. You will be forced to buy their shit no matter how inferior it is.
TP Link products are good. Often supported by open source firmware, and their own firmware tends to be feature rich. They don't disable advanced features just to make you buy the more expensive model.
Re: (Score:3)
Would this really matter? By they time they get around to banning anything, a different Chinese company will pop up and make the same thing with the same cheap price and same lax of security.
Probably doesn’t even take a company change to plasti-dip the same box in a different color and slap a new logo on it. Could probably be done in a couple of days. Or hours, if the graphics guy in Marketing is feeling it that morning after a third cup of coffee.
Yeah, it’s weird the invoice is coming from the same address, but the guy buying 5,000 of them only gives a shit about the number in the bottom right corner. They don’t put addresses there.
Re: (Score:3)
a different Chinese company will pop up
TP-Link isn't a small no-name company popping up on Alibaba to sell shit only to disappear in a smokebomb when you look at them. They are a massive brand globally that has been around for just shy of 30 years and manufacture their own products, not simply rebadge generic shit.
No a different company won't just pop up and take their place.
And webcams that *require* chinese server? (Score:5, Insightful)
What we need is a blanket ban on any device not letting the purchaser simply choose what IPs the device will ever talk to.
Re:And webcams that *require* chinese server? (Score:5, Insightful)
What about all the cheap webcams that *require* the use of a chinese server? What we need is a blanket ban on any device not letting the purchaser simply choose what IPs the device will ever talk to.
Line up 100 consumers. Ask them what an “IP” is. Ask them if they know why they should know.
You’ll see rather quickly why GUIs are written for toddlers, and why admin functions were reduced to an touchscreen-enabled app permanently logged in, a while ago.
Re: (Score:3)
GUIs are also good for when you cannot be arsed to recall or look up arcane Unix CLI syntax because you are only using the particular command once every 5 years.
Apple had a good one for their MPW development system. It could either use some unixy-like text commands or you could pull up a dialog box for that command and use radio buttons, check boxes, and text fields. It built the command for you as you worked the GUI. Then you could execute it right there or copy and paste it into another window. It was won
Re: (Score:2)
IBM AIX had a tool like for management tasks that was called SMIT. Same story, you manipulated the GUI and it built a command line for you. Great learning tool. It started as a text menu, but then got developed into an X11 version.
Re: And webcams that *require* chinese server? (Score:2)
Re: (Score:2)
smitty
Thank you for opening the nostalgia portal. I cut my teeth on 4.1.5.
Re: And webcams that *require* chinese server? (Score:2)
Re: (Score:2)
Well, step up one level, why do they require the use of ANY server? That's the bug right there.
Re: (Score:2)
But do let the Chinese be more educated than their US counterparts. I'm sure that won't have any consequences what so ever.....
Re: (Score:2)
OpenWRT support (Score:5, Informative)
I have a TP-Link router. I am not afraid of it because I have reflashed it with OpenWRT. A lot of their routers run Linux and are supported by OpenWRT.
Pretty much all consumer routers come from China so you don't really have a choice about where the hardware comes from. But you do have a choice about the software, if you look at the OpenWRT ToH [openwrt.org] before you buy. Buying a router which isn't supported by them is a very bad idea. Yes, there are some other distributions as well. Maybe you think one of them is better, you do you etc. But I want one well supported option and that's as close as you can get.
Re: (Score:2)
Also how... often do you update OpenWRT. In my experience it was far behind on a lot of security updates for key parts, like openssl. I could have gone down the rabbit hole of trying to update the dependency and rebuilding but that was a pain I wasn't willing to accept. I moved on to a different platform not based on an existing consumer router.
Re: OpenWRT support (Score:2)
Routers with more RAM and flash are most likely to support newer OpenWRT. Buy one of those.
You can update packages, or where supported, you can update the whole system. More resources, more interest, more support.
Re: OpenWRT support (Score:2)
Re: OpenWRT support (Score:2)
Not sure about that. There is some meshing software available in it, though. I've never bought a mesh router. Closest I've gotten is using WDS, which worked OK.
Right to Repair (Score:3, Insightful)
The software and firmware of ALL devices must be open-sourced, or at least made public for inspection.
I distrust closed software, but currently it cannot be avoided. Then I have to decide - do I prefer the US or the Chinese to spy on me? Americans would chose Chinese spying, because China has less power over US citizens than Uncle Sam.
If the problem lies in hardware and hard-coded components, then the US government is duty-bound to reveal this and provide proper evidence. Simply banning Chinese stuff doe
Re: (Score:2)
Then I have to decide - do I prefer the US or the Chinese to spy on me? Americans would chose Chinese spying, because China has less power over US citizens than Uncle Sam.
I frankly don't think it makes a difference. I think China would wind up selling us that data, which would be filtered through corporations before the government got their hands on it. It's the capitalist way!
If the problem lies in hardware and hard-coded components, then the US government is duty-bound to reveal this and provide proper evidence.
On one hand, I agree with the principle. On the other hand, by the time you have the evidence, it's too late. We should never have allowed so much of our manufacturing to leave the country. But then, we should never have allowed Intel to do stock buybacks instead of R&D either.
Re: (Score:2)
It is not "our" manufacturing. And if you assert the right to tell Intel how to manage their business, then you are half a step away from telling women how to manage their "business".
You, the government and everyone else should realize that leaving people to make their own decisions is better.
Re: (Score:2)
But you do have a choice about the software, if you look at the OpenWRT ToH [openwrt.org] before you buy.
And one of the major problems with this method is that the list is somewhat limited relative to the hardware on the shelves, and the hardware on the shelves has a tendency to be retailer-specific. It's easy for Best Buy to make a price match guarantee when they have exclusivity on the model, rinse/repeat for most other retailers. Even worse are the revisions; Router X rev.1 might support OpenWRT, while rev.2 might not.
A good amount of this has to do with the different chipsets that don't provide drivers for
Re: OpenWRT support (Score:2)
That is a real problem but not a big one. I bought my Linksys router because OpenWRT compatibility was an advertised feature.
Re: (Score:3)
I don't suppose they're also going to ban Cisco and Netgear: US confirms takedown of China-run botnet targeting home and office routers [therecord.media]: "KV targets Cisco and Netgear"
Over and over, including with TP-Link, you find two common threads: (1) default/weak passwords, and (2) unpatched firmware. I haven't found a single reference to an attack that accused or implied that TP-Link intentionally installed backdoors to allow APTs to gain control, The problem is that consumers don't change their password or patch th
Re: (Score:2)
The problem is that consumers don't change their password or patch their firmware.
Using a single default password is a design flaw. Assign a different password to each device. Have it generate the password itself on first run. Don't allow packets to pass through the WAN side until the password is changed. There's a reset button on the router, so there's no user problem with having different passwords for each device since they can be cleared. You could use a short press to allow a one time login, and a long press to clear settings. You could also hold up activity if the user has failed t
Re: (Score:2)
Yes, but this isn't in any way unique to TP-Link, nor does "ban TP-Link" do anything to actually solve the flaw or implement your solution.
Re: (Score:2)
Yes, but this isn't in any way unique to TP-Link, nor does "ban TP-Link" do anything to actually solve the flaw or implement your solution.
Point to where I said that, admit that I didn't, or leave me alone forever.
Re: (Score:2)
What I do is run a dedicated OPNSense (FreeBSD) firewall/router on a mini PC appliance and have a few stand-alone WIFI access points. Everything goes through a dedicated managed switch, so only the OPNSense device sees internet traffic.
I actually use Omada APs, which happen to be made by TP-Link. If there are back doors that could be exploited by someone else, well, I keep my management network on a separate VLAN from my WIFI and "public" ethernet drops with no internet access, so no TP-Link/Omada hardware
Re: (Score:2)
At the level of consumer-tier routers there aren't actually just tons of SoC vendors (Broadcomm, Mediatek and Qualcomm seem to be the big ones that do fully
Re:OpenWRT support (Score:4, Informative)
Do you feel there are any additional concerns above and beyond the software layer with using Chinese hardware?
You can't reasonably be sure that the chips are safe, but you can be reasonably sure that they're not phoning home on everyone all the time because it's too likely that someone would catch that.
So the question then becomes whether they would be vulnerable to some kind of magic packet attack. Looking at my router (the one I'm using right now is actually a Linksys, my TP-Link router is a backup) I can see that the wifi driver is running in user space. Consequently the bar for exfiltration of data is somewhat higher than it would be otherwise. But since flash memory can be so very small and hold so very much, you can never be sure that the wifi chip or SoC (sometimes the same chip and, sometimes different, but likely to be separate for recent wifi standards) isn't storing your data. All you can do is use encryption for anything passing through it, making that moot, and not reuse login credentials you use to log in to the router.
Odd how even after World War II, it doesnâ(TM)t seem like many sat around wondering if Made in Japan was suspect.
The devices were less sophisticated then. If a radio wanted to spy on you (I used to have a Sony receiver for example) it would have to broadcast what you were doing on another radio frequency, and that would be very easy to detect. You might even discover that by accident.
To my mind, the danger is in devices which normally phone home, with more danger for those devices which do it more. They might not be able to send MUCH data home during normal activity (unless it's a cloud-based camera or similar which is sending data all the time) but they could easily send something, like passwords or other types of access credentials. Hence the reloading of a router with OpenWRT, which never talks to the manufacturer again by design. This provides the maximum reasonable security in a world in which you can't fab your own open source hardware.
Re: (Score:2)
Odd how even after World War II, it doesnâ(TM)t seem like many sat around wondering if Made in Japan was suspect. The devices were less sophisticated then.
The military didn't use equipment manufactured in Japan, exactly because Japan was suspect.
Re: (Score:2)
Even after that, Japan has largely been at the US' beck and call. After all, it's hard to say no to the group that's responsible for preventing your utter annihilation by your geographical neighbors whom you've pissed off. After 70 years, it's also hard for them to build up a force that could protect themselves in the event the US didn't, simply bec
Re: OpenWRT support (Score:4, Insightful)
Thanks for the information.
Amazing that OpenWRT supports so many routers (269 TP-Link alone).
Good advice to ditch dodgy vendor software for quality open source.
You wanted cheap electronics (Score:5, Insightful)
Re: (Score:2)
Consequence : various "hackers" move on ... (Score:2)
Actually, "they" almost certainly have multiple zero-day attacks in the bag, and will just devote more time to finding new ones in less popular systems.
I wonder how many are targetting TP-Links flashed with OpenWRT. Very unlikely to be no attention there, if "flashing your router" was ever a significant thing.
America attempts to confiscate foreign businesses (Score:3, Interesting)
"The Justice Department is also examining whether TP-Link's significantly lower pricing violates federal anti-monopoly laws"
Do you know what's exactly NOT characteristic of a monopoly? Lower prices. TP-Link doesn't own nearly enough of the market to have a monopoly, either. Not like Microsoft! But, hey, Microsoft is an American monopoly.
This looks like yet another ploy to steal foreign businesses to benefit greedy American corporations. It has nothing to do with security and everything to do with the Almighty Dollar.
Re: (Score:2)
Do you know what's exactly NOT characteristic of a monopoly? Lower prices.
Actually that is false. Lower pricing is something that could explicitly be an anti-trust violation if you have market power, while being legal if you don't have market power. History is rich with large companies cutting prices to undercut new entrants while eating the losses they make - propping up their business from other income or from external investment until their competitors go bankrupt. History is full of companies found guilty of this as well.
Look up "predatory pricing".
That said I doubt that is w
Re: (Score:2)
Do you know what's exactly NOT characteristic of a monopoly? Lower prices.
The practice is called "dumping", and it's something monopolizers use to build their monopoly, and is illegal under US (Federal) anti-trust (anti-monopoly) laws.
How old are you, and why the fuck didn't you learn this shit in high school?
Re: (Score:2)
"Do you know what's exactly NOT characteristic of a monopoly? Lower prices."
That's how it starts. Very low prices subsidized by some other part of the company until the competition is driven out of business, then the monopolist raises prices to rake in the profits. See the history of the US railroads, Standard Oil, and Carnegie's steel company, or more recently Chinese rare earth production.
Re: (Score:2)
The US Government does not subsidize Microsoft in an attempt to skew the market.
What do you call not holding them accountable for violating antitrust law in basically every way possible under the Bush administration? They should have been broken up there, but they weren't. Instead they got a less-than-a-handslap punishment and kept doing business just the same way as always.
Re: (Score:2)
Re: (Score:2)
That natural monopoly was ill-gotten- to be sure.
But it's not going to go away now, nor was it then. Not when 80-something% of all applications and games used by users of computers are Windows-only.
There is an obscenely high barrier to entry for replacing Windows outside of dumbshit dork circles.
Re: (Score:2)
What do you call not holding them accountable for violating antitrust law in basically every way possible under the Bush administration?
They literally were held accountable.
They should have been broken up there, but they weren't.
They won an appeal. The justice system favoring their argument against being broken up is not government malfeasance or protectionism.
Instead they got a less-than-a-handslap punishment and kept doing business just the same way as always.
They signed a binding consent decree.
They did, in fact, change the aspects of their business they were required to.
The fact that your personal belief about what needed to change was not agreed to upon by the courts and attorneys doesn't mean some kind of conspiracy to protect them took place.
Your take on this is complete shit.
Re: (Score:2)
The justice system favoring their argument against being broken up is not government malfeasance or protectionism.
Yes, in fact it is. Bush's AG Ashcroft said out loud that they weren't breaking them up because it wouldn't be in the best interest of the nation, by which he meant the MIC and Five Eyes because Microsoft is a member of PRISM and a defense contractor.
Your take on this is complete shit.
By all means, keep covering your eyes and ears and letting shit flow out of your mouth.
Re: (Score:2)
Yes, in fact it is. Bush's AG Ashcroft said out loud that they weren't breaking them up because it wouldn't be in the best interest of the nation, by which he meant the MIC and Five Eyes because Microsoft is a member of PRISM and a defense contractor.
This is bullshit.
It wasn't the AG's choice. It was the court's.
This is what actually happened. [nytimes.com]
I don't know where your recollection of this comes from, but it's not reality.
By all means, keep covering your eyes and ears and letting shit flow out of your mouth.
Bullshit, dude. Quit trying to make a conspiracy out of a legal matter.
Re: (Score:2)
Of course it does, they just go about it in different ways: https://subsidytracker.goodjob... [goodjobsfirst.org]
The US is even more up its ass than China when it comes to giving money to private companies and trying to create favourable market conditions through protectionism. It's not China that came up with "too big to fail" while unironically babbling like a toddler about how the market will "regulate itself".
Re: (Score:2)
Unlike in the USA, where there is no such thing as PRISM, and laws don't apply to private companies.
Spectrum (Score:2)
All of this consumer router stuff is garbage. I remember a few years ago when I had some cable modem from Spectrum. Now, the configuration I had was basically that my Spectrum crap fed into my own access point so I could control it. Unfortunately, I found out that Spectrum kept "updating" their access point, and every time they turned some kind of built-in wireless functionality on. And they had the (outer) network password and everything else. Now, that wasn't really a security problem because my own equip
Re: (Score:2)
some neighbor kid started pirating my wireless
Sounds like you were using WEP at the time or no WiFi security at all.
Software-wise, OpenWrt is the way to go with these consumer routers.
Gargoyle is nice too (and easier to use) while still being OpenWrt based, if your router is supported.
Re: (Score:3)
some neighbor kid started pirating my wireless
Sounds like you were using WEP at the time or no WiFi security at all.
Wow...So, wireless connectivity has changed up since 2004; it's been well over a decade since routers shipped with either WEP or a truly open SSID.
Spectrum's modems now are all-in-one appliances that are modems, routers, switches, and APs in a single box. For the general public, this is probably a net positive, but Spectrum also has a habit of letting that appliance broadcast "SpectrumWIFI", which enables people to use that public-ish system from the modem of its customers (it has a captive portal login so
Re: (Score:2)
Spectrum's modems now are all-in-one appliances that are modems, routers, switches, and APs in a single box
I just received a new modem from Charter/Spectrum 2 weeks ago, because the new one supports 2.5Gb ethernet.....it has none of that stuff, it's strictly just a modem. I have the 1Gb tier of service, maybe that has something to do with it?
I have a pfSense machine running as my router, Spectrum hasn't given me any flak for that.
Re: (Score:2)
some neighbor kid started pirating my wireless
Sounds like you were using WEP at the time or no WiFi security at all.
Software-wise, OpenWrt is the way to go with these consumer routers. Gargoyle is nice too (and easier to use) while still being OpenWrt based, if your router is supported.
Yes and no. My equipment was secured. The problem was that these bozos at Spectrum sent some update, turning WiFi back on with their equipment after I'd previously disabled it. So it reenabled as an open "guest" access point or whatever the hell they call it, when there was absolutely no reason for their device to have WiFi on at all. Whenever I sail the high seas I make sure my IP is obfuscated.
list growing (Score:2)
The list keeps growing... and now the scope is expanding. Kinda surprising that the government is using so much TP-Link. I'm sure contractors that care won't install it.
https://www.acquisition.gov/df... [acquisition.gov].
I am Cornholio! (Score:2, Funny)
TP-Link used to be the king of open source (Score:3)
I have used a lot of TP-Link routers with OpenWRT in the past. They were awesome (except hardware quality. They all needed replacement in a few years, but then the wifi tech was also advancing)
https://openwrt.org/toh/hwdata... [openwrt.org]
They just worked out of the box, and even sometimes using the original firmware's update page. (Yes, just download the open source firmware, open router, upload, and reboot).
At one point they locked the bootloader.
And everything went downhill from there.
Their excuse? US people installing EU firmware to unlock illegal bands (airports and all). However this was when they started selling "mesh" routers and other changes, which makes me at least suspicious.
Anyway, if you have an older TP-Link with lots of RAM and internal storage, look up support on that page. If not, just use a better router.
Re: (Score:3, Informative)
Almost all brands are made in china (Score:2)
Re: (Score:2)
Chinese TP ... (Score:2)
Re: (Score:2)
Re: (Score:3)
A couple of brothers who were very into networking, TP == twisted pair.
Re: (Score:3)
Re: (Score:2)
Werner Siemens didn't choose his family name
Re: (Score:3)
Solid German engineering
Can you point out on a map of Germany where I can find Taiwan? You know, Zyxel being a Taiwanese company which has much of their manufacturing in *checks notes* oh dear ... China.
Re: (Score:2)
Re: (Score:2)
They have a STUN bug that they don't seem to care about fixing.
Beyond that, their interface was put together by a toddler.
Otherwise, as long as you never interact with the thing, or don't need it to do anything advanced, I agree, they're a great price point for physical feature set.
Re: (Score:2)
Re: (Score:2)
Attribution is practically impossible. If there is a security hole (intentional or not), anyone can use it. The only way to be sure who did it is if it was yourself. Or if you catch them in the act at their own machine.
That's from a technical point of view. From a political point of view, you can always attribute it to whoever it is most beneficial to you for them to have done it. (Which can be embarrassing if the foreign state actors du jour turn out to have been a bored teenager in California again.)