this post was submitted on 21 Feb 2025
218 points (100.0% liked)
Technology
68244 readers
3859 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Oh but all the US hardware with spyware from the NSA/FBI is just fiiiiiiiiiine.
As always US wants the data, they just don't want anyone else to have it.
It's also a laugh for them to say "fuck you consumers you don't get to" when the federal government already fucking blew it with SolarWinds.
Personal opinion this is much ado about nothing. In other words this article is baseless fear-mongering.
Trump is a bigger national security concern than fucking TP-Link and no one in power is seriously talking about removing him.
His economic moves will devalue the US Dollar and put it at risk as a reserve currency. Who is gonna step in? China.
But boo hoo, we should ban TP-Link! What a fucking joke. If you're really "worried" about China, get rid of Trump yesterday.
There is an abstract ironic beauty to this.
To secure US networks, start by kicking Musk out of government systems.
Seriously, DOGE could be literally installing ransomware that kicks off if anyone tries to block them... They were hooking up random fucking servers right into secured government systems and were given write access at some of those government systems.
https://www.wired.com/story/treasury-bfs-doge-insider-threat/
He is like Spyware or just crappy insecure code become manifest in human form.
Security concerns usually don't talk about themselves
I guarantee you that American data is going to Chinese companies. Temu has your data. Alibaba has your data. Bilibili has your data. They're just getting it by purchasing from American data centers.
So what you're saying is, the complaint about China spying on people boils down to piracy?
It's the thing American IP companies care about the most.
Yeah, it boils down to... who do you want seeing your data?
The Chinese? or the Americans?
On one hand, I wouldn't trust the US with anything. On the other hand, there's a pretty good chance whatever they keep that data on catches on fire or has a plane fall on it.
TP-Link has a bad history of significant security vulnerabilities that have to either be gross negligence or intentional backdoors. Consumer router firmware is notoriously neglected in the grand scheme of tech, but TP-Link is exceptionally bad. Your average and even most above average techies probably have no idea unless they follow security releases or live in the security world. I personally wouldn't know much if anything about them if not for some YT content I watch about software and security. I don't love blanket blocking of stuff, but this one I feel is necessary to help protect an ignorant population.
I 100% agree with the sentiment that Trump is way more dangerous, because he is, but the two issues can be addressed (or not unfortunately) at the same time. If our reps won't stop Trump, and not going to be upset over he small wins that we do get.
Do you have any links to the alleged bad history? I couldn't find anything, partly because the recent political theatre makes it hard to be informed.
Here is the main video I watched that breaks down a recent ish CVE and at the end he gives some thoughts on TP-Link, D-link, and another and just his professional security opinion on them.
It is only one source, but I think it's a strong one.
Thanks!
So, say I have a POE outdoor router that is TP-link. It is wired to my main router and is the network for outdoor cameras. How bad an idea is this?
If you're just running it in AP mode and extending from your base router you will be better off than if it's your WAN device. I don't know enough about these exploits to know how they are executed, so I can't give you a solid answer, but I think it's best to err on the side of caution when it comes to your data security.
If you're fairly tech savvy and willing to put in a little effort, you can flash the firmware on the TP-Link with something open source like openWRT and that would eliminate any exploits directly caused by their coding. I haven't done this in years, but I'm sure there are plenty of guides to walk you through this. It would require resetting up your network, but you'd need to do that if you replaced anyway.
Personally, I would replace the device with something higher quality. I don't have recommendations for you, but I'm sure there are some resources you can find with security minded device recommendations. For "pro-sumer" grade stuff, where it's better than your off the shelf options but not enterprise grade, I've heard Unify is a good option, but it's complicated and expensive.