Comment on The US Is Considering a TP-Link Router Ban—Should You Worry?
SnotFlickerman@lemmy.blahaj.zone 1 day ago
Oh but all the US hardware with spyware from the NSA/FBI is just fiiiiiiiiiine.
As always US wants the data, they just don’t want anyone else to have it.
It’s also a laugh for them to say “fuck you consumers you don’t get to” when the federal government already fucking blew it with SolarWinds.
Personal opinion this is much ado about nothing.
Trump is a bigger national security concern than fucking TP-Link and no one in power is seriously talking about removing him.
Three separate government departments are investigating TP-Link, so someone either tipped the Fed off and you (and the public) know nothing, or this is simply a witch hunt.
Since I know for a fact I can’t trust anyone commenting anywhere on the internet as a credible source, I’m hoping those departments who once were independent of the Executive control and free of Trump corruption and are now filled with human excrement yes-men MAGA regarded morons, i will hold my anger until we know more.
The US government has something of a credibility crisis, doesn’t it? (And I don’t think it started with Trump, though he makes it worse.)
The best that they’ve got is that TP-Link is competitive on pricing. Oh no they’re not bilking consumers and still make enough money to function, that must mean something shady is happening!
Also, the argument that some models force you to log in, sure, if you’re a technically un-inclined dingus. If you are technically inclined, literally nothing is stopping you from installing something like OpenWRT/DD-WRT/FreshTomato on your TP-Link router and bypassing the login requirement entirely by replacing the firmware with an open source variant (note: DD-WRT isn’t actually fully open like OpenWRT and FreshTomato). The point being that their two major arguments are defeated pretty damn simply.
If I can avoid logging in by installing fresh firmware of my own, and the only other major argument they have is that they’re selling at lower prices then competitors… well, that’s pretty weak tea.
Which do you prefer FreshTomato or WRT ones?
I haven’t tried FreshTomato, just know it exists. I used to roll DD-WRT but I’ve moved to OpenWRT because I prefer code that is auditable.
It looks just like the Tik Tok ban to me. Racist/Nationalist nonsense that doesn’t solve the actual underlying problem, which is lack of regulation in the US
As always US wants the data, they just don’t want anyone else to have it for free
I guarantee you that American data is going to Chinese companies. Temu has your data. Alibaba has your data. Bilibili has your data. They’re just getting it by purchasing from American data centers.
So what you’re saying is, the complaint about China spying on people boils down to piracy?
It’s the thing American IP companies care about the most.
TP-Link has a bad history of significant security vulnerabilities that have to either be gross negligence or intentional backdoors. Consumer router firmware is notoriously neglected in the grand scheme of tech, but TP-Link is exceptionally bad. Your average and even most above average techies probably have no idea unless they follow security releases or live in the security world. I personally wouldn’t know much if anything about them if not for some YT content I watch about software and security. I don’t love blanket blocking of stuff, but this one I feel is necessary to help protect an ignorant population.
I 100% agree with the sentiment that Trump is way more dangerous, because he is, but the two issues can be addressed (or not unfortunately) at the same time. If our reps won’t stop Trump, and not going to be upset over he small wins that we do get.
Do you have any links to the alleged bad history? I couldn’t find anything, partly because the recent political theatre makes it hard to be informed.
Here is the main video I watched that breaks down a recent ish CVE and at the end he gives some thoughts on TP-Link, D-link, and another and just his professional security opinion on them.
It is only one source, but I think it’s a strong one.
Thanks!
So, say I have a POE outdoor router that is TP-link. It is wired to my main router and is the network for outdoor cameras. How bad an idea is this?
If you’re just running it in AP mode and extending from your base router you will be better off than if it’s your WAN device. I don’t know enough about these exploits to know how they are executed, so I can’t give you a solid answer, but I think it’s best to err on the side of caution when it comes to your data security.
If you’re fairly tech savvy and willing to put in a little effort, you can flash the firmware on the TP-Link with something open source like openWRT and that would eliminate any exploits directly caused by their coding. I haven’t done this in years, but I’m sure there are plenty of guides to walk you through this. It would require resetting up your network, but you’d need to do that if you replaced anyway.
Personally, I would replace the device with something higher quality. I don’t have recommendations for you, but I’m sure there are some resources you can find with security minded device recommendations. For “pro-sumer” grade stuff, where it’s better than your off the shelf options but not enterprise grade, I’ve heard Unify is a good option, but it’s complicated and expensive.
Rekall_Incorporated@lemm.ee 1 day ago
There is an abstract ironic beauty to this.
floofloof@lemmy.ca 1 day ago
To secure US networks, start by kicking Musk out of government systems.
SnotFlickerman@lemmy.blahaj.zone 1 day ago
Seriously, DOGE could be literally installing ransomware that kicks off if anyone tries to block them…
Infynis@midwest.social 1 day ago
wired.com/…/treasury-bfs-doge-insider-threat/
Imgonnatrythis@sh.itjust.works 1 day ago
He is like Spyware or just crappy insecure code become manifest in human form.
rottingleaf@lemmy.world 1 day ago
Security concerns usually don’t talk about themselves