this post was submitted on 18 Dec 2024
45 points (100.0% liked)

Cybersecurity

5882 readers
13 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago
MODERATORS
 

TP-Link is the bestselling router on Amazon—and has been linked to Chinese cyberattacks

U.S. authorities are investigating whether a Chinese company whose popular home-internet routers have been linked to cyberattacks poses a national-security risk and are considering banning the devices.

The router-manufacturer TP-Link, established in China, has roughly 65% of the U.S. market for routers for homes and small businesses. It is also the top choice on Amazon, and powers internet communications for the Defense Department and other federal government agencies.

Investigators at the Commerce, Defense and Justice departments have opened their own probes into the company, and authorities could ban the sale of TP-Link routers in the U.S. next year, according to people familiar with the matter. An office of the Commerce Department has subpoenaed TP-Link, some of the people said. Action against the company would likely fall to the incoming Trump administration, which has signaled an aggressive approach to China.


Alternate Coverage: https://www.msn.com/en-us/money/markets/u-s-weighs-ban-on-chinese-made-router-in-millions-of-american-homes/ar-AA1w51es

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 2 weeks ago (1 children)

Fuck... installing OpenWRT wouldn't eliminate this threat vector, would it?

[–] [email protected] 6 points 2 weeks ago

Depends if and where there may be something funky. If it's just insecure default firmware, then yes. If it's some kind of low-level vulnerability that can be remotely exploited, no.

If there is something to this, I'm leaning toward the former.