I'm currently upgrading my home network, trying various options, and one of the headaches is <i>provenance</i> of the equipment.<p>By provenance, I mean where it's designed, where it's manufactured, who has brand oversight of it, who controls the firmware, who runs the IoT phoning-home servers, etc.<p>(I don't have high security requirements for home, but I pay attention to such things out of curiosity.)
Can we start banning hardware companies __after__ we have banned the selling of user data to the highest bidder (which might as well be Chinese companies)?
To be fair, TP-Link routers without OpenWRT installed <i>should</i> be banned, considering their vulnerability history...<p>But they <i>are</i> nice and cheap OpenWRT platforms. Ban the software instead? ;D
What is a good recommendation for replacing a TP-Link Omada AP? I have the Wifi6 AP and it performs great. But if I do need to replace it with something more secure, what are my choices?<p>I know Ubiquity is a choice, but the reason I chose Omada over Ubiquity is that I can host the Omada controller locally and not be forced to use a cloud product.
Wirecutters top two router recommendations are both TP-Link. Near the top of the review they praise "Hitting the sweet spot between price and performance" but then bury the disclosure that you have to pay extra for security, including "most protection."<p>"TP-Link also offers a $5-per-month or $36-per-year plan for Security+ network protection and IoT security. If you don’t pay, you still get some basic functionality such as the ability to block websites and to manually toggle internet access on your kids’ devices, but advanced settings, automatic timed internet control, most protection, and reporting are disabled after the one-month free trial. That said, the Archer AX3000 Pro will continue to provide solid Wi-Fi connectivity even if you don’t sign up for the added plans."<p>This report is a great example of why it's a bad deal to trade away security for a lower price. Wirecutter should have been leading the way in pointing this out, instead of just steering people to the cheapest fast thing, YOLO style (anyone can make that kind of recommendation).<p><a href="https://www.nytimes.com/wirecutter/reviews/best-wi-fi-router/" rel="nofollow">https://www.nytimes.com/wirecutter/reviews/best-wi-fi-router...</a>
I haven't found a competitively priced US made product in the segments where TP-Link seems to do extremely well.<p>For home office switches, if we required PoE 1G + 10G ports - the nearest option sold by US companies is 2x the price of TP-Link. There are no competitively priced options (10-20% additional cost) available for these segments. Ditto for gateways.<p>In the higher end, the campus switches offered by the competition is not even priced at < 10x the TP-Link switch prices. Which means the immediate cost of using TP-Link right now and replacing it with a much better TP-Link 2-3 years down the lane would justify buying TP-Link only. At this point, the expensive gear from competition feels like an over-engineering + cash grab to an end user.<p>Shouldn't more competition be about lowering prices and increasing choices? Where are the choices? Is there even an effort being made to help the end users of these budget segments?
"...routinely fails to address vulnerabilities in its products... When cybersecurity experts point out the flaws...the company declines to engage with them..."<p>I feel like this used to apply to most mass-market home routers. Have things improved recently such that TP-Link is an outlier?
APs are going to be the great new app platform, but also a very clear security problem. They have now grown so much spare capacity they can host a lot of extra interesting services. The noises from China suggest some people in companies like Xiaomi worked this out a while ago.<p>Fundamentally we need to move to a home networking model that involves isolating all clients completely (especially cameras and smart TVs), and using AP hosted services to mediate interaction between them and the Internet at large. This will involve needing to trust the AP, but will have the advantage of being able to deploy slightly less trustworthy devices at the very edge.
An alternative to NY Post, which I don’t find very credible:<p><a href="https://arstechnica.com/tech-policy/2024/12/report-us-considers-banning-tp-link-routers-over-security-flaws-ties-to-china/" rel="nofollow">https://arstechnica.com/tech-policy/2024/12/report-us-consid...</a>
It might be the right move. I’ve noticed a lot of oddities with my top of the line TP Link Mesh routers. Limited ability to configure it compared to past routers (not many advanced settings). Forced use of a very sanitized app instead of a browser based panel. Forced updates with no ability to use the admin panel without accepting the update. And so on. It works and is high quality in a way, but I also don’t trust it. Unfortunately a lot of these issues aren’t visible until after you buy it.
So who knows much about banana pi and using that to build a router. What firmware? Are there better hardware options? Anything user-friendly enough to compare with consumer grade uis for routers? Anything else that should be being asked in this space?<p><a href="https://www.banana-pi.org/" rel="nofollow">https://www.banana-pi.org/</a>
There's that nagging feeling that they're not concerned about security but banning anything that works well, is inexpensive and isn't made by an US company...<p>Anecdote: once I bought the cheapest router I could find online. The idea was to test connecting to a crap AP. Unfortunately the cheapest was a TP-Link and it worked absolutely perfectly, ruining my test plan.
So what are my options here now? I run an omada system - do I move over to ubiquiti or DIY with opnsense ? if firmware is the issue then an entirely open system is what makes sense here.
Things get dumber by the day. I'm very happy with my TP-Link Deco mesh router.<p>The US outsourced absolutely everything to China and is now banning it up down and centre. Shizophrenic much?
We are on a slippery slope of banning everyone: TikTok; Kaspersky, ... TP-Link.<p>Huawei was not banned, they were bullied out of the US market, and had restricted access to US technologies.
“investigators believe that TP-Link routinely fails to address vulnerabilities in its products that are shipped to customers who use the routers for both home and business purposes” good luck finding someone which is able to adress this issue and can deliver the same amount of devices in the price range.<p>Sounds like they want to apply pressure to TP-Link so they start to fix more and faster.
I think this is quite ridiculous. If they collect data, it will be a huge amount. Additionally, most traffic is already encrypted, so they would just get garbage.
Wait until Congress figures out about all the new "free" games pouring out of China, each requiring kernel level anti-cheat software to operate in the background.
Yet another step for nationalists to start pushing for internal technologies across the globe.<p>Slowly I am feeling back into world geopolitics of my childhood.