what do you think about this news? I've used TP link for a while, should I keep using it?
US lawmakers urge probe of WiFi router maker TP-Link over fears of Chinese cyber attacks
- Thread starter Oscar0411
- Start date
what do you think about this news? I've used TP link for a while, should I keep using it?
It's fine. This is just politicians doing politician stuff.
Twiglets
Senior Member
If you are paranoid enough (read as 'Politician'), then *any* technological device made in China is a *possible* risk.
This is because the CCP has a law mandating that they can order any company to do whatever they ask. [Because 'National Security' etc.]
The real question is whether the risk is real.
With so much stuff being made in China for a huge number of companies globally, this is a hard question to answer.
Is any product made in China any safer than another also made in China and can you prove it ???
Global companies can check devices made in different countries for obvious differences *but* this is unlikely as it is too easy to spot.
Flaws in software are very hard to catch and then you have to ask are they 'deliberate' or just yet more 'Buggy Software' ... Microsoft is quite capable of producing such 'Buggy Software', for example, are they planting cyber flaws or just making mistakes like many other software companies.
At the end of the day you are having to trust *everyone* regardless of whether they are China or the USA or Europe etc etc
>>> The main question for you personally is how much of a target are you ? <<<
Are you involved in something that *would* be of interest to a foreign power or company etc ?
What is considered *safe* kit in your industry ?
Who can you trust to provide the *safe* kit ?
Who can you trust to configure the kit to your needs ?
Are you able to source the kit from a supplier that makes the kit in a *safe* country ?
Has the kit gone through any certification that you can trust ?
Can you add some form of encryption to your workflow to protect the documents/output in its own right ?
Most of these answers lead to having to pay for your assurances by buying more expensive kit that is aimed at professional use.
Big name brands tend to give some assurances of the quality of their kit ? [Again this comes down to you having to trust someone !!!]
At the end of the day noone can give assurances that you will be 100% safe using certain kit *BUT* it is reasonable to expect that the large companies that serve professional use of their kit will have a large number of people focused on keeping their kit safe, because there is a large amount of money to made.
Cheaper domestic use kit tends to be more limited in functionality, quicker to reach EOL and generally considered to be more or less disposable.
This does not mean that domestic use kit is *bad* or *useless* but you do need to understand the strengths/weaknesses and keep on top of updating firmware etc.
Most security is down to not just the kit you use but the way you work and then being aware of the risks of using the internet, in general.
The kit will fail no matter how much it costs *IF* you 'let the baddies in' yourself !!!
Research and learn about the ways people are manipulated into 'opening the door' to malware, ransomware etc.
Understand how to protect your most valuable information from loss by having a working Backup process that you test regularly ensuring the restore process works. [Think about the chaos of a few weeks ago re: Crowdstrike where restoring systems was a large part of the problem.]
To answer your question:
Unless you have *real* proof that there is a problem with your TP-Link kit, it is as safe as any other domestic grade kit.
If you have reason to be worried then invest in professional grade kit with professional grade support etc, if you consider yourself to be a worthy target.
Either way trust nothing 100% and implement your security in depth to make yourself a 'high-cost' target.
The baddies will probably focus on someone else who is quicker/easier to beat !!!
Best of luck
This is because the CCP has a law mandating that they can order any company to do whatever they ask. [Because 'National Security' etc.]
The real question is whether the risk is real.
With so much stuff being made in China for a huge number of companies globally, this is a hard question to answer.
Is any product made in China any safer than another also made in China and can you prove it ???
Global companies can check devices made in different countries for obvious differences *but* this is unlikely as it is too easy to spot.
Flaws in software are very hard to catch and then you have to ask are they 'deliberate' or just yet more 'Buggy Software' ... Microsoft is quite capable of producing such 'Buggy Software', for example, are they planting cyber flaws or just making mistakes like many other software companies.
At the end of the day you are having to trust *everyone* regardless of whether they are China or the USA or Europe etc etc
>>> The main question for you personally is how much of a target are you ? <<<
Are you involved in something that *would* be of interest to a foreign power or company etc ?
What is considered *safe* kit in your industry ?
Who can you trust to provide the *safe* kit ?
Who can you trust to configure the kit to your needs ?
Are you able to source the kit from a supplier that makes the kit in a *safe* country ?
Has the kit gone through any certification that you can trust ?
Can you add some form of encryption to your workflow to protect the documents/output in its own right ?
Most of these answers lead to having to pay for your assurances by buying more expensive kit that is aimed at professional use.
Big name brands tend to give some assurances of the quality of their kit ? [Again this comes down to you having to trust someone !!!]
At the end of the day noone can give assurances that you will be 100% safe using certain kit *BUT* it is reasonable to expect that the large companies that serve professional use of their kit will have a large number of people focused on keeping their kit safe, because there is a large amount of money to made.
Cheaper domestic use kit tends to be more limited in functionality, quicker to reach EOL and generally considered to be more or less disposable.
This does not mean that domestic use kit is *bad* or *useless* but you do need to understand the strengths/weaknesses and keep on top of updating firmware etc.
Most security is down to not just the kit you use but the way you work and then being aware of the risks of using the internet, in general.
The kit will fail no matter how much it costs *IF* you 'let the baddies in' yourself !!!
Research and learn about the ways people are manipulated into 'opening the door' to malware, ransomware etc.
Understand how to protect your most valuable information from loss by having a working Backup process that you test regularly ensuring the restore process works. [Think about the chaos of a few weeks ago re: Crowdstrike where restoring systems was a large part of the problem.]
To answer your question:
Unless you have *real* proof that there is a problem with your TP-Link kit, it is as safe as any other domestic grade kit.
If you have reason to be worried then invest in professional grade kit with professional grade support etc, if you consider yourself to be a worthy target.
Either way trust nothing 100% and implement your security in depth to make yourself a 'high-cost' target.
The baddies will probably focus on someone else who is quicker/easier to beat !!!
Best of luck
jerry6
Very Senior Member
nothing to worry about yet I still use TP ink products
tiddlywink
Senior Member
..
Last edited:
tiddlywink
Senior Member
..
Last edited:
Aren't quite a few of the router manufacturers Chinese and therefore if there is a political risk with TP Link, it would also apply to several other manufacturers ?
I'd also imagine my ISP supplied router is designed & made by some Chinese company.
The list of non-Chinese router makers seems quite short.
I wold think that as long as they're selling routers, there's an incentive not to harm regular customers. If a major war kicked off, the rate of hacking might increase somewhat.
I'd also imagine my ISP supplied router is designed & made by some Chinese company.
The list of non-Chinese router makers seems quite short.
I wold think that as long as they're selling routers, there's an incentive not to harm regular customers. If a major war kicked off, the rate of hacking might increase somewhat.
tiddlywink
Senior Member
..
Last edited:
Can I ask also about Cudy routers? I read this article and it is making me a bit aprehensive? I also worry about AOMEI backup software though unrelated to article. Cudy is mentioned by a user below. I am not necessarily saying I agree with the article but I am just curious as to what people here think https://cybernews.com/security/walm...n-china-contain-backdoors-to-control-devices/
tiddlywink
Senior Member
..
Last edited:
Thanks.Do not buy nor use no-name Chinese routers unless you can replace the software and uboot.
If your model is supported, you should flash your device today or replace it.
[OpenWrt Wiki] Cudy
openwrt.org
This is the model I have
https://openwrt.org/toh/hwdata/cudy/cudy_wr3000_v1 / technically my model is WR3000s but only difference is that it is white and has an 4 LAN ports instead of 3 that the base WR3000 has.
I have not even opened it. So technically I can still return it. But it is good specs for the price, but of course dont want to be penny wise/pound foolish
So I am happy to keep it and flash openwrt but what do you mean by uboot? How do I know if I can replace that ?
tiddlywink
Senior Member
..
Last edited:
One of the reasons I like Cudy is because they let you modify ttl without a script. Which I need to hide hotspot data.I would return it just for "Flash MB: 16." It's cheap for a reason. If you bought this from amazon, the only reviews for it are from people who got the units for free. "Vine Customer Review of Free Product" Giant red flag.
If you can hold off, Asus is about to launch at least four cheap filogic based routers $50-$100.
Dynalink is an asus (Taiwan) subsidiary:
Can't vouch for the WRX36, but a lot of people like it after flashing openwrt. $59 USD only. No need to flash uboot.
Slightly difficult installation though:
[OpenWrt Wiki] Dynalink DL-WRX36
Similar threads
Latest threads
-
-
News US govt. is considering a ban on Amazon’s bestselling router brand- Started by AntonK
- Replies: 2
-
BGW320-500 + SL-SWTGW215AS + RT-AX86U + ORBI(RBR50)
- Started by josep
- Replies: 4
-
RT-BE88U and RT-AX59U AiMesh Network on Latest FW
- Started by Szadzik
- Replies: 2
-
Need WiFi 6 router with native support for modifying it's DNS server config
- Started by Patrick9876
- Replies: 3
Support SNBForums w/ Amazon
If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!