The real lesson here: If you're successful, don't skimp on security/software! Also, don't abandon software/firmware security support for your products so quickly.
If I was in charge over at TP-Link, getting news that tens of thousands of MY company's routers were compromised would have me furious! I'd be freaking out, making sure that we take immediate steps to improve software/firmware quality and to make sure we're in a constant state of trying to compromise our own hardware... To ensure no one else finds vulnerabilities before we do.
Instead, TP-Link seems to have just laughed and focused strictly on profit margins.
Yeah, that's not the lesson here at all. We're still in an era where you will suffer absolutely zero consequences for security lapses and breaches.
Everything that is happening with this administration is simply because it suits American foreign policy or the interests of one of the oligarchs. I mean this with absolutely no hyperbole: the pretense of there being any rule of law for the ultra-wealthy is gone. The White House is openly selling pardons, which have the added effect of cancelling out debts to the US government.
Tiktok getting banned? It had nothing to do with "national security". The government simply had less control over the content and the algorithm on Tiktok than they do on Meta and Google platforms.
Reading through this article, you have Microsoft pointing the finger at TP-Link. That's... rich. Becvause Microsoft has historically been horrible for security. It would take further investigation but I really wonder if TP-Link isn't just a convenient scapegoat.
I don't mean to be hateful with this, but what's the point of your post besides random conjecture and a sort of rant about something only vaguely related to the story?
I see the comment as quite on point. There are many longstanding real problems that have been allowed to fester (in this case, embedded security). While these problems are now being talked about, there is still zero intention to actually address them. Rather they're merely being abused as talking points by fascists pretending that "something is being done" when really the "solutions" are merely the consolidation of autocratic control.
Real reform here would be something like prohibiting tying software and hardware together as one product, source code escrow, etc. Things that actually create security and consumer choice, rather than merely one less vendor to pick from.
Sometimes I wonder if people talking about corruption in the US have ever been to a country that is as corrupt as they say the US is.
Pardons are not being openly sold. There is absolutely not great stuff going on with them but, really, the major difference I see is that it's happening during the administration, rather than in the last few hours.
The US is moving the wrong direction when it comes to corruption but let's not act like we're bottom of the barrel ir that this slide just started in 2024 (or 2016, if you'd like).
No, I'm saying that the slide didn't start with Trump. I also don't think much of what Trump is doing is much, if at all, worse than his predecessors but he has zero shame about it.
Since he's in the news and it's on my mind, I'm not sure the Cheney and the whole Iraq/Haliburton situation has been topped since then. Then there's ever member of Congress suddenly becoming a multimillionaire after they get into office.
The only norm Trump is breaking is that he doesn't care to sweep it under the rug
TP-Link makes really solid products, and if you don’t want to use their firmware then almost all of them can easily flash OpenWRT. In fact most of their routers are built from OpenWRT anyway.
I installed their mesh Wi-Fi system for my parents recently and was really impressed how seamless the process was. It did involve making a cloud account which I wasn’t thrilled about, however.
All modern WiFi APs require closed firmware blobs that run below or parallel to OpenWRT.
You replacing the router OS with OpenWRT does nothing when the radio has full DMA access and runs its own OS on its own processor. The OpenWRT layer will have no idea what it's running/infiltrating/exfiltrating.
I say this as someone who has been running and building OpenWRT forever. It's great but it isn't a panacea.
That's why I bought a PCEngines box (one of the last of their inventory before they went out of business) with completely transparent hardware and no Chinese manufacturer in the supply chain.
Sure, but if you run OpenWRT you can pick the radio firmware image. And you can trust Qualcomm cause they're from San Diego and made Eudora; their firmware won't have intentional security issues.
I bought a cellphone from them many years ago and they never really supported it and I couldn't even buy a replacement battery.
Recently I bought a router with the firm intent of installing OpenWRT, but I received a newer revision that had a different CPU, less RAM, and less flash memory.
These events left a bad impression, but they do make affordable stuff with reasonable quality.
> Recently I bought a router with the firm intent of installing OpenWRT, but I received a newer revision that had a different CPU, less RAM, and less flash memory.
This also happened many years ago with Linksys (prior to Cisco). It’s not that uncommon for manufacturers to release new revisions of hardware without necessarily making it clear to the purchaser. If their purpose is to deliver a router and they can shave a few cents off the BOM with less RAM, but it still works with their software, why would they care. And once new revisions have been released into the supply chain, it can be hard to know exactly what version you are buying.
In the Linksys case, IIRC they eventually re-released the first revision WRT54G as the WRT54GL (for Linux), so that people who wanted different firmware could get the exact hardware they wanted.
Wouldn't it be nice if that was illegal? Sell whatever, but label it accurately, it's different hardware so it needs to have a different version label in the listing or something.
We see this all the time with SSDs, where a high-spec model is released to reviewers, then a low-spec model is mass-produced and sold under the same model number. That's fraud, isn't it? Shouldn't it be?
I'm getting ready to set a mesh network for my older parents as well. Do you have any suggestions for hardware and software? I live a ways away from them so I need this to be pretty much faultless. I don't want to drive 4 hours for IT support.
The TP-Link option was great. If it was for myself, I'd build my own with OpenWRT but my goal was to minimize the chance of downtime in case I'm not available to help debug issues. They already had a TP-Link range extender running for 4+ years without ever needing to touch it, so I figured their mesh network was a good option too.
Do any of TP-Link's mesh routers support OpenWrt? I didn't think there was overlap between the "easy to set up for my parents" and "easy to install custom firmware" subsets.
And in reverse, you think Palentir has a transparent business model to trust with your data? I don't get why people find china more suspect than most of these billionaire led monopolies buying politicians and laws and spout paranoid gibberish about Christianity and anti Christ etc.
Both might be fundamentally evil or being, but they aren't different in danger based solely on how white they are.
China isn't the major threat for consumer routers; it's crappy firmware. Millions of networks have been compromised from non-state actor attacks on crappy consumer routers. You wanna protect America? Impose a software building code on critical network infrastructure (which should include consumer routers and modems). But they aren't gonna do that, because they're just trying to score cheap political points and put pressure on China for trade concessions.
> the U.S.-based company’s products handle sensitive American data and because the officials believe it remains subject to jurisdiction or influence by the Chinese government.
These cowards have not yet finished banning TikTok
I have TP-Link Deco's for our WiFi, sitting behind a Firewalla Gold. This has been by far the nicest, simplest at home setup I've ever deployed. Do I love that I chose TP-Link? No. But price to purpose it was the best product available to me at the time.
If TP-Link gets banned, my concern is what that means for the massive market share in the US. Warranty? Software updates? Or maybe that action is what turns them into an agent of the state. Or do you horde all the hardware until its valuable like DJI parts are today?
I thought it was the Chinese owner of Tiktok that got paid money.
What is your evidence that the US government was paid any money as part of that deal (over and above any taxes that would have been incurred by any sale of any business).
"Gifted" would be misleading if (as I suspect) the entity that ended up with American Tiktok is the entity that won a bidding war to make the most attractive offer to the Chinese owner.
I don't get what to make of this. Is it all just security theater? The idea of having consumer networking hardware that isn't riddled with security vulnerabilities seems to be a ship that sailed long ago. I doubt this move will prevent major nation states from hacking into whatever they want.
As a hardware founder, low quality plastic is not rocket science. On trips to China I’ve heard similar things about other companies, specifically that Foxconn makes everything it uses, including things like coolant or plastic for prototype production.
Does anyone know what their chips are doing? Do you, really?
Until we have desk side silicon fabrication/placement, with accompanying tunnelling microscope features, we simply cannot trust our silicon in any way other than through utterly peaceful means, which is to say, through systems of human trustworthiness.
Technology never allows us humans to advance sufficiently well to do without it .. unless it is evenly distributed.
Right now we are all at the mercy of the masters of silicon. This is no joke!
I've been really happy with the TP-Link smart plugs. I keep upgrading them as The Latest Standard That's Definitely The Real One This Time Trust Us Bro comes out, and the Matter ones are excellent. Getting an instant response from them is really nice. I see no reason to buy others.
I would buy only Hue but that's because I have more money than sense, and they don't actually make smart plugs last time I looked, they make plugs but label them all as lights in the app, which is more annoying than it sounds.
The real problem to solve ditching TP-Link _routers_ is that all routers are uniformly fucking awful, and all you are doing is choosing your particular poison. This is especially true after Apple exited the game so long ago. I use Google Wifi because it mostly works most of the time, but that's not glowing praise. But the world has become trained that rebooting a router once a week and praying that it works when it comes back is a perfectly normal state of affairs and we couldn't possibly do this any better.
I would buy only Hue but that's because I have more money than sense, and they don't actually make smart plugs last time I looked,
Ikea makes Zigbee smart plugs with power monitoring (Inspelning) that are ~10 Euro here (probably $10 in the US). Also Zigbee does not have all the security issues, since it is purely local and will talk with whatever hub/bridge you choose, e.g. Homey, Hubitat, or if you want to go free software Home Assistant or zigbee2mqtt.
It's somewhat insane to me that people use WiFi plugs for actuating things that actuate real-life electrical devices. Even more from companies that have a bad security reputation. Zigbee or Z-Wave all the way or possibly Matter over Thread, but the only Matter device that I had (an upgraded Eve Energy plug) has been a pain.
The real problem to solve ditching TP-Link _routers_ is that all routers are uniformly fucking awful, and all you are doing is choosing your particular poison. This is especially true after Apple exited the game so long ago.
I switched to Unifi gear (Cloud Gateway Max, two of their U7 access points, and a bunch of their managed switches) and they are a dream to set up. Making VLANs, associating VLANs with SSIDs, etc. is so easy. I had a TP Link managed switch and the interface was a huge pile of crap and I saved it several times after misconfiguration by virtue of it having a serial console. I only used it for two months or so because it was so frustrating.
I have some TP-Link smart plugs and was happy with them for a long time because their app could be used without an account. Then I recently got the new version of the app and it forces an account, there's no more guest mode. I'm done with TP-Link now.
But Sir! We are talking here between USA <eagle sound> versus rest of the world that’s unsafe and all the time attacking USA people privacy. Cisco is India based, not American!
disclaimer: not connected in any way with Cisco, just disappointed business customer.
I don't have any particular opinion on TP-Link (never used their products), but the idea that a low-cost vendor targeting home and SMB users is somehow a state-level agent trying to compromise those users... needs evidence.
I mean, in the case of actors like Huawei, you can at least credibly make the argument that the continued access of their support staff to internal provider networks is a significant risk, but that vector is entirely absent here.
Sure, embedded firmware has been, is, and will continue to be a tire fire prone to embarrassing compromises, but containing those is mostly about notification and containment by government agencies (which the current US administration is doing their utmost best to kneecap) and/or large ISPs (which in the US have traditionally never cared).
Forcing "foreign" products off the market in favor of "domestic" replacements with the exact same, if not worse, flaws won't fix a thing, unless you put some pretty significant controls into place that nobody is willing to enforce or even outline.
But it does provide ample opportunity to profit personally, and that’s much more of a priority for the current federal administration than fixing anything.
The fact that TP-Link products are vastly better and cheaper than all their numerous competitors is indeed a bit strange. You have to either think that all the people at Linksys, Netgear, D-link, etc. are incompetents or that something a bit out of the ordinary is going on at TP-Link...
I see that at the company I work at. US management at many companies is about doing the absolute minimum for a maximum of profit. It doesn’t allow for competence or long term investment so companies turn into empty shells.
Eero used to be pretty close. Years ago, I used to stalk the subreddit despite never owning an Eero just because the (US based) devs would often drop knowledge bombs. AFAIK they wrote the entire software stack in house.
I have no idea if that's still the case, especially post AMZ, but worth looking into if so.
I miss the insider information. Some Redditors were not nice and they all left Reddit and their insider information stopped flowing, it's a shame, it was cool to see behind the development veil.
Per company government acquisition "bans" are stupid for PR and security reasons. Brand-specific banlists are whackamole when the same hardware and software will be immediately duplicated with another cat-walks-on-keyboard brand name that will disappear within a year.
Instead, there should be in-depth, enforced audit, compliance, and evaluation standards for gear for particular purposes. If it doesn't meet particular standard(s), then it can't be purchased or used.
I don’t like that TP Link routers regularly force you to accept new terms of service within their app. If you don’t, then you can’t access much of their configuration options. Basically you get locked out of your own device. I feel like these dark patterns should be illegal.
"TP-Link Systems told The Post it has sole ownership of some engineering, design and manufacturing capabilities in China that were once part of China-based TP-Link Technologies, and that it operates them without Chinese government supervision."
Is that even possible? Or do you always have to be on good terms with the Chinese government to own engineering, design, and manufacturing capabilities in China?
Could you please stop posting unsubstantive comments and flamebait? You've been doing it repeatedly lately. It's not what this site is for, and destroys what it is for.
I'm so glad there's other American drone manufacturers that cater to the consumer market, like Skydi-oh right, they stopped making consumer drones after the successes in forcing DJI out of the market.
>drones from the American company Skydio proved ineffective in Ukraine [notably, a Skydio drone was used by the U.S. Army to drop a combat grenade for the first time], as they were unreliable in front-line interference conditions.
>The problems with Skydio drones in Ukraine were reported last year, and the manufacturer acknowledged the poor quality of its products.
>According to Alex, a key issue with today's low-quality products is the "information gap among many European and American manufacturers about current battlefield conditions and the timing of when they receive this information."
Surprisingly
>Some of the most effective ones have included the German-made Vector drones and Polish-made FlyEye drones.
The real lesson here: If you're successful, don't skimp on security/software! Also, don't abandon software/firmware security support for your products so quickly.
If I was in charge over at TP-Link, getting news that tens of thousands of MY company's routers were compromised would have me furious! I'd be freaking out, making sure that we take immediate steps to improve software/firmware quality and to make sure we're in a constant state of trying to compromise our own hardware... To ensure no one else finds vulnerabilities before we do.
Instead, TP-Link seems to have just laughed and focused strictly on profit margins.
The real lesson here: don't forget to bribe the president of the US.
If this was actually the lesson then they'd be banning Fortinet, but it seems these concerns about security don't apply to US listed companies.
Or maybe, don't capture 50% market share in a country that's decided your country of origin is the threat of the decade.
Unfortunately people like you are hardly ever in charge of this kind of thing.
Yeah, that's not the lesson here at all. We're still in an era where you will suffer absolutely zero consequences for security lapses and breaches.
Everything that is happening with this administration is simply because it suits American foreign policy or the interests of one of the oligarchs. I mean this with absolutely no hyperbole: the pretense of there being any rule of law for the ultra-wealthy is gone. The White House is openly selling pardons, which have the added effect of cancelling out debts to the US government.
Tiktok getting banned? It had nothing to do with "national security". The government simply had less control over the content and the algorithm on Tiktok than they do on Meta and Google platforms.
Reading through this article, you have Microsoft pointing the finger at TP-Link. That's... rich. Becvause Microsoft has historically been horrible for security. It would take further investigation but I really wonder if TP-Link isn't just a convenient scapegoat.
I don't mean to be hateful with this, but what's the point of your post besides random conjecture and a sort of rant about something only vaguely related to the story?
That this is a political issue, not technical
I see the comment as quite on point. There are many longstanding real problems that have been allowed to fester (in this case, embedded security). While these problems are now being talked about, there is still zero intention to actually address them. Rather they're merely being abused as talking points by fascists pretending that "something is being done" when really the "solutions" are merely the consolidation of autocratic control.
Real reform here would be something like prohibiting tying software and hardware together as one product, source code escrow, etc. Things that actually create security and consumer choice, rather than merely one less vendor to pick from.
The Chinese see their exports rise because America no longer controls the world. They'll just sell their stuff to emerging markets.
Sometimes I wonder if people talking about corruption in the US have ever been to a country that is as corrupt as they say the US is.
Pardons are not being openly sold. There is absolutely not great stuff going on with them but, really, the major difference I see is that it's happening during the administration, rather than in the last few hours.
The US is moving the wrong direction when it comes to corruption but let's not act like we're bottom of the barrel ir that this slide just started in 2024 (or 2016, if you'd like).
So the claim is that corruption only started in DC with Trump becoming President?
Did I read the last sentence correctly?
No, I'm saying that the slide didn't start with Trump. I also don't think much of what Trump is doing is much, if at all, worse than his predecessors but he has zero shame about it.
Since he's in the news and it's on my mind, I'm not sure the Cheney and the whole Iraq/Haliburton situation has been topped since then. Then there's ever member of Congress suddenly becoming a multimillionaire after they get into office.
The only norm Trump is breaking is that he doesn't care to sweep it under the rug
TP-Link makes really solid products, and if you don’t want to use their firmware then almost all of them can easily flash OpenWRT. In fact most of their routers are built from OpenWRT anyway.
I installed their mesh Wi-Fi system for my parents recently and was really impressed how seamless the process was. It did involve making a cloud account which I wasn’t thrilled about, however.
You aren't thinking low enough for firmware.
All modern WiFi APs require closed firmware blobs that run below or parallel to OpenWRT.
You replacing the router OS with OpenWRT does nothing when the radio has full DMA access and runs its own OS on its own processor. The OpenWRT layer will have no idea what it's running/infiltrating/exfiltrating.
I say this as someone who has been running and building OpenWRT forever. It's great but it isn't a panacea.
That's why I bought a PCEngines box (one of the last of their inventory before they went out of business) with completely transparent hardware and no Chinese manufacturer in the supply chain.
Sure, but if you run OpenWRT you can pick the radio firmware image. And you can trust Qualcomm cause they're from San Diego and made Eudora; their firmware won't have intentional security issues.
TP-Link let me down twice.
I bought a cellphone from them many years ago and they never really supported it and I couldn't even buy a replacement battery.
Recently I bought a router with the firm intent of installing OpenWRT, but I received a newer revision that had a different CPU, less RAM, and less flash memory.
These events left a bad impression, but they do make affordable stuff with reasonable quality.
> Recently I bought a router with the firm intent of installing OpenWRT, but I received a newer revision that had a different CPU, less RAM, and less flash memory.
This also happened many years ago with Linksys (prior to Cisco). It’s not that uncommon for manufacturers to release new revisions of hardware without necessarily making it clear to the purchaser. If their purpose is to deliver a router and they can shave a few cents off the BOM with less RAM, but it still works with their software, why would they care. And once new revisions have been released into the supply chain, it can be hard to know exactly what version you are buying.
In the Linksys case, IIRC they eventually re-released the first revision WRT54G as the WRT54GL (for Linux), so that people who wanted different firmware could get the exact hardware they wanted.
Wouldn't it be nice if that was illegal? Sell whatever, but label it accurately, it's different hardware so it needs to have a different version label in the listing or something.
We see this all the time with SSDs, where a high-spec model is released to reviewers, then a low-spec model is mass-produced and sold under the same model number. That's fraud, isn't it? Shouldn't it be?
Hey, that's really timely for me.
I'm getting ready to set a mesh network for my older parents as well. Do you have any suggestions for hardware and software? I live a ways away from them so I need this to be pretty much faultless. I don't want to drive 4 hours for IT support.
The TP-Link option was great. If it was for myself, I'd build my own with OpenWRT but my goal was to minimize the chance of downtime in case I'm not available to help debug issues. They already had a TP-Link range extender running for 4+ years without ever needing to touch it, so I figured their mesh network was a good option too.
ASUS routers with Merlin firmware work well in a mesh configuration.
Do any of TP-Link's mesh routers support OpenWrt? I didn't think there was overlap between the "easy to set up for my parents" and "easy to install custom firmware" subsets.
OpenWRT runs well on Deco M5 with a custom build.
https://forum.openwrt.org/t/ipq4019-adding-support-for-tp-li...
From what I could tell in the admin panel, those mesh routers _are_ OpenWRT. And they have an advanced section where you can upload a firmware .bin.
Assuming there isn't a hidden little core running a hidden little OS somewhere.
Yeah companies should be held guilty unless proven otherwise. Of course you can never actually prove anything, so they are all guilty by default. /s
Of course there is probably a hidden little os running on hidden core within the hidden hardware running the hidden os.
You can't bootstrap nearly any embedded ARM SoC and run Linux without running some closed Chinese blob just to bring it up lol
And in reverse, you think Palentir has a transparent business model to trust with your data? I don't get why people find china more suspect than most of these billionaire led monopolies buying politicians and laws and spout paranoid gibberish about Christianity and anti Christ etc.
Both might be fundamentally evil or being, but they aren't different in danger based solely on how white they are.
China isn't the major threat for consumer routers; it's crappy firmware. Millions of networks have been compromised from non-state actor attacks on crappy consumer routers. You wanna protect America? Impose a software building code on critical network infrastructure (which should include consumer routers and modems). But they aren't gonna do that, because they're just trying to score cheap political points and put pressure on China for trade concessions.
Virtually every home router and a whole lot of small business routers should be considered “national security risks”.
TP-Link may be sore for getting singled out but they are certainly not unique.
> the U.S.-based company’s products handle sensitive American data and because the officials believe it remains subject to jurisdiction or influence by the Chinese government.
These cowards have not yet finished banning TikTok
Because Jeff Yass asked Trump not to
I have TP-Link Deco's for our WiFi, sitting behind a Firewalla Gold. This has been by far the nicest, simplest at home setup I've ever deployed. Do I love that I chose TP-Link? No. But price to purpose it was the best product available to me at the time.
If TP-Link gets banned, my concern is what that means for the massive market share in the US. Warranty? Software updates? Or maybe that action is what turns them into an agent of the state. Or do you horde all the hardware until its valuable like DJI parts are today?
My guess is they’ll be forced to sell their US division to whatever company gives the government the most money (sort of like the Oracle-Tiktok deal).
I thought it was the Chinese owner of Tiktok that got paid money.
What is your evidence that the US government was paid any money as part of that deal (over and above any taxes that would have been incurred by any sale of any business).
He's referring to whoever paid in America to be gifted the largest propaganda platform.
I'm sure money also went to Chinese owners.
"Gifted" would be misleading if (as I suspect) the entity that ended up with American Tiktok is the entity that won a bidding war to make the most attractive offer to the Chinese owner.
I don't get what to make of this. Is it all just security theater? The idea of having consumer networking hardware that isn't riddled with security vulnerabilities seems to be a ship that sailed long ago. I doubt this move will prevent major nation states from hacking into whatever they want.
> The company says it researches, designs, develops and manufactures everything except its chipsets in-house.
So, the plastic bits?
Presumably the software, the boards, connectors, antenna design, etc.
> connectors, antenna design
And also passives like SMD resistors. They are also refining copper and iron from raw ore. /s
They actually make their own iron in the heart of a dying star.
They actually manufacture a synthetic star from which they gather their elements.
As a hardware founder, low quality plastic is not rocket science. On trips to China I’ve heard similar things about other companies, specifically that Foxconn makes everything it uses, including things like coolant or plastic for prototype production.
I don't think they were saying the plastic bits are rocket science, proverbally or not
Does anyone know what their chips are doing? Do you, really?
Until we have desk side silicon fabrication/placement, with accompanying tunnelling microscope features, we simply cannot trust our silicon in any way other than through utterly peaceful means, which is to say, through systems of human trustworthiness.
Technology never allows us humans to advance sufficiently well to do without it .. unless it is evenly distributed.
Right now we are all at the mercy of the masters of silicon. This is no joke!
Absolutely. We'll never be 100% free until we can fabricate computers at home, just like we can write our own software at home.
Even with desk-side silicon fabrication, one would have to hope the hardware/software with the design tools wasn’t already backdoor-ed…
Reflections on trusting trust...
I've been really happy with the TP-Link smart plugs. I keep upgrading them as The Latest Standard That's Definitely The Real One This Time Trust Us Bro comes out, and the Matter ones are excellent. Getting an instant response from them is really nice. I see no reason to buy others.
I would buy only Hue but that's because I have more money than sense, and they don't actually make smart plugs last time I looked, they make plugs but label them all as lights in the app, which is more annoying than it sounds.
The real problem to solve ditching TP-Link _routers_ is that all routers are uniformly fucking awful, and all you are doing is choosing your particular poison. This is especially true after Apple exited the game so long ago. I use Google Wifi because it mostly works most of the time, but that's not glowing praise. But the world has become trained that rebooting a router once a week and praying that it works when it comes back is a perfectly normal state of affairs and we couldn't possibly do this any better.
I would buy only Hue but that's because I have more money than sense, and they don't actually make smart plugs last time I looked,
Ikea makes Zigbee smart plugs with power monitoring (Inspelning) that are ~10 Euro here (probably $10 in the US). Also Zigbee does not have all the security issues, since it is purely local and will talk with whatever hub/bridge you choose, e.g. Homey, Hubitat, or if you want to go free software Home Assistant or zigbee2mqtt.
It's somewhat insane to me that people use WiFi plugs for actuating things that actuate real-life electrical devices. Even more from companies that have a bad security reputation. Zigbee or Z-Wave all the way or possibly Matter over Thread, but the only Matter device that I had (an upgraded Eve Energy plug) has been a pain.
The real problem to solve ditching TP-Link _routers_ is that all routers are uniformly fucking awful, and all you are doing is choosing your particular poison. This is especially true after Apple exited the game so long ago.
I switched to Unifi gear (Cloud Gateway Max, two of their U7 access points, and a bunch of their managed switches) and they are a dream to set up. Making VLANs, associating VLANs with SSIDs, etc. is so easy. I had a TP Link managed switch and the interface was a huge pile of crap and I saved it several times after misconfiguration by virtue of it having a serial console. I only used it for two months or so because it was so frustrating.
Eve smart plugs are solid and don’t have any unnecessary cloud stuff.
I bought a dedicated router and separate WAPs and cable modem and it works really well. The converged devices are terrible though.
I have some TP-Link smart plugs and was happy with them for a long time because their app could be used without an account. Then I recently got the new version of the app and it forces an account, there's no more guest mode. I'm done with TP-Link now.
OpenWRT is the way to go. If it doesn't run on it, I'd skip such router.
I'll just leave this little NSA intercepting Cisco products reminder here: https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa...
But Sir! We are talking here between USA <eagle sound> versus rest of the world that’s unsafe and all the time attacking USA people privacy. Cisco is India based, not American!
disclaimer: not connected in any way with Cisco, just disappointed business customer.
SSL added and removed here! :)
I don't have any particular opinion on TP-Link (never used their products), but the idea that a low-cost vendor targeting home and SMB users is somehow a state-level agent trying to compromise those users... needs evidence.
I mean, in the case of actors like Huawei, you can at least credibly make the argument that the continued access of their support staff to internal provider networks is a significant risk, but that vector is entirely absent here.
Sure, embedded firmware has been, is, and will continue to be a tire fire prone to embarrassing compromises, but containing those is mostly about notification and containment by government agencies (which the current US administration is doing their utmost best to kneecap) and/or large ISPs (which in the US have traditionally never cared).
Forcing "foreign" products off the market in favor of "domestic" replacements with the exact same, if not worse, flaws won't fix a thing, unless you put some pretty significant controls into place that nobody is willing to enforce or even outline.
But it does provide ample opportunity to profit personally, and that’s much more of a priority for the current federal administration than fixing anything.
If only there were US manufacturers that could produce things at a decent price and didn't actively hate their customers.
The fact that TP-Link products are vastly better and cheaper than all their numerous competitors is indeed a bit strange. You have to either think that all the people at Linksys, Netgear, D-link, etc. are incompetents or that something a bit out of the ordinary is going on at TP-Link...
I see that at the company I work at. US management at many companies is about doing the absolute minimum for a maximum of profit. It doesn’t allow for competence or long term investment so companies turn into empty shells.
Eero used to be pretty close. Years ago, I used to stalk the subreddit despite never owning an Eero just because the (US based) devs would often drop knowledge bombs. AFAIK they wrote the entire software stack in house.
I have no idea if that's still the case, especially post AMZ, but worth looking into if so.
I miss the insider information. Some Redditors were not nice and they all left Reddit and their insider information stopped flowing, it's a shame, it was cool to see behind the development veil.
I’m sure there’s some way to inject advertising - otherwise it’s just leaving money on the table.
I'm old enough to remember most cable modems and set-top boxes being manufactured in the US.
They were... not great...
I am pretty sure the companies that made those, had a monopoly on them and charged $500 a piece went bankrupt too.
There is, but corporate greed doesn't allow it.
Per company government acquisition "bans" are stupid for PR and security reasons. Brand-specific banlists are whackamole when the same hardware and software will be immediately duplicated with another cat-walks-on-keyboard brand name that will disappear within a year.
Instead, there should be in-depth, enforced audit, compliance, and evaluation standards for gear for particular purposes. If it doesn't meet particular standard(s), then it can't be purchased or used.
I don’t like that TP Link routers regularly force you to accept new terms of service within their app. If you don’t, then you can’t access much of their configuration options. Basically you get locked out of your own device. I feel like these dark patterns should be illegal.
I don’t get the end game here D-link isn’t any better. Are we heading for isp enforced hardware in our homes?
God help us.
"TP-Link Systems told The Post it has sole ownership of some engineering, design and manufacturing capabilities in China that were once part of China-based TP-Link Technologies, and that it operates them without Chinese government supervision."
Is that even possible? Or do you always have to be on good terms with the Chinese government to own engineering, design, and manufacturing capabilities in China?
So much freedom in America lately. TP-Link, DJI, BYD, must be great to never have these options.
Could you please stop posting unsubstantive comments and flamebait? You've been doing it repeatedly lately. It's not what this site is for, and destroys what it is for.
If you wouldn't mind reviewing https://news.ycombinator.com/newsguidelines.html and taking the intended spirit of the site more to heart, we'd be grateful.
I'm so glad there's other American drone manufacturers that cater to the consumer market, like Skydi-oh right, they stopped making consumer drones after the successes in forcing DJI out of the market.
and their mil drones are subpar
https://en.defence-ua.com/news/which_western_drones_have_sho...
https://www.defensenews.com/global/europe/2025/11/07/of-fibe...
>drones from the American company Skydio proved ineffective in Ukraine [notably, a Skydio drone was used by the U.S. Army to drop a combat grenade for the first time], as they were unreliable in front-line interference conditions.
>The problems with Skydio drones in Ukraine were reported last year, and the manufacturer acknowledged the poor quality of its products.
>According to Alex, a key issue with today's low-quality products is the "information gap among many European and American manufacturers about current battlefield conditions and the timing of when they receive this information."
Surprisingly
>Some of the most effective ones have included the German-made Vector drones and Polish-made FlyEye drones.