What's new

US lawmakers urge probe of WiFi router maker TP-Link over fears of Chinese cyber attacks

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

If you are paranoid enough (read as 'Politician'), then *any* technological device made in China is a *possible* risk.

This is because the CCP has a law mandating that they can order any company to do whatever they ask. [Because 'National Security' etc.]

The real question is whether the risk is real.

With so much stuff being made in China for a huge number of companies globally, this is a hard question to answer.
Is any product made in China any safer than another also made in China and can you prove it ???

Global companies can check devices made in different countries for obvious differences *but* this is unlikely as it is too easy to spot.

Flaws in software are very hard to catch and then you have to ask are they 'deliberate' or just yet more 'Buggy Software' ... Microsoft is quite capable of producing such 'Buggy Software', for example, are they planting cyber flaws or just making mistakes like many other software companies.

At the end of the day you are having to trust *everyone* regardless of whether they are China or the USA or Europe etc etc


>>> The main question for you personally is how much of a target are you ? <<<

Are you involved in something that *would* be of interest to a foreign power or company etc ?
What is considered *safe* kit in your industry ?
Who can you trust to provide the *safe* kit ?
Who can you trust to configure the kit to your needs ?
Are you able to source the kit from a supplier that makes the kit in a *safe* country ?
Has the kit gone through any certification that you can trust ?
Can you add some form of encryption to your workflow to protect the documents/output in its own right ?

Most of these answers lead to having to pay for your assurances by buying more expensive kit that is aimed at professional use.
Big name brands tend to give some assurances of the quality of their kit ? [Again this comes down to you having to trust someone !!!]

At the end of the day noone can give assurances that you will be 100% safe using certain kit *BUT* it is reasonable to expect that the large companies that serve professional use of their kit will have a large number of people focused on keeping their kit safe, because there is a large amount of money to made. :)

Cheaper domestic use kit tends to be more limited in functionality, quicker to reach EOL and generally considered to be more or less disposable.
This does not mean that domestic use kit is *bad* or *useless* but you do need to understand the strengths/weaknesses and keep on top of updating firmware etc.

Most security is down to not just the kit you use but the way you work and then being aware of the risks of using the internet, in general.
The kit will fail no matter how much it costs *IF* you 'let the baddies in' yourself !!!

Research and learn about the ways people are manipulated into 'opening the door' to malware, ransomware etc.
Understand how to protect your most valuable information from loss by having a working Backup process that you test regularly ensuring the restore process works. [Think about the chaos of a few weeks ago re: Crowdstrike where restoring systems was a large part of the problem.]

To answer your question:
Unless you have *real* proof that there is a problem with your TP-Link kit, it is as safe as any other domestic grade kit.
If you have reason to be worried then invest in professional grade kit with professional grade support etc, if you consider yourself to be a worthy target.

Either way trust nothing 100% and implement your security in depth to make yourself a 'high-cost' target.
The baddies will probably focus on someone else who is quicker/easier to beat !!!

Best of luck :)
 
So much misinformation in there...

For starter, TP-Link, the company that manufactures and sells routers, is a Singapore company. Their headquarters are in Singapore and in the US.
 
Just checked they are China company but reorg and registered in Singapore in the past two years, it's supposed to prevent political issues.
 
Aren't quite a few of the router manufacturers Chinese and therefore if there is a political risk with TP Link, it would also apply to several other manufacturers ?
I'd also imagine my ISP supplied router is designed & made by some Chinese company.
The list of non-Chinese router makers seems quite short.

I wold think that as long as they're selling routers, there's an incentive not to harm regular customers. If a major war kicked off, the rate of hacking might increase somewhat.
 
Do not buy nor use no-name Chinese routers unless you can replace the software and uboot.

If your model is supported, you should flash your device today or replace it.
Thanks.
This is the model I have
https://openwrt.org/toh/hwdata/cudy/cudy_wr3000_v1 / technically my model is WR3000s but only difference is that it is white and has an 4 LAN ports instead of 3 that the base WR3000 has.

I have not even opened it. So technically I can still return it. But it is good specs for the price, but of course dont want to be penny wise/pound foolish

So I am happy to keep it and flash openwrt but what do you mean by uboot? How do I know if I can replace that ?
 
I would return it just for "Flash MB: 16." It's cheap for a reason. If you bought this from amazon, the only reviews for it are from people who got the units for free. "Vine Customer Review of Free Product" Giant red flag.

If you can hold off, Asus is about to launch at least four cheap filogic based routers $50-$100.

Dynalink is an asus (Taiwan) subsidiary:

Can't vouch for the WRX36, but a lot of people like it after flashing openwrt. $59 USD only. No need to flash uboot.

Slightly difficult installation though:
One of the reasons I like Cudy is because they let you modify ttl without a script. Which I need to hide hotspot data.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top