US may ban the sale of TP-Link routers

Ice Tea

Ice Tea

Ice Tea

Soldato
Joined
1 Nov 2004
Posts
5,144
www.theregister.com

US mulls TP-Link routers ban on national security concerns

It could end up like Huawei -Trump's gonna get ya, get ya, get ya
www.theregister.com www.theregister.com

TP-Link has about 65 percent of the US router market for homes and small businesses. It also partners with more than 300 internet service providers in the US to supply routers for new customer installations, according to the WSJ. The China-based manufacturer's gear is also reportedly used by the Department of Defense and other federal government agencies.
Click to expand...

I never realised that they had such a large chunk of the market, i wrongly thought that Netgear was the biggest.
 
It's simply protectionism. If there were security concerns around vulnerable hardware then they'd stop Asus routers from being imported.
 
Last edited:
According to pcgamer article HERE it is not known how the routers are being infected and most of the affected routers are from Bulgaria, Russia, US and Ukraine.
 
One of the TP Link devices cited is 15 years old, other devices compromised are from a Canadian NAS vendor, Zyxel, and Ruckus. Any focus on one vendors products being vulnerable is missing an opportunity to tackle how EOL devices connected to the wider internet are managed, and what the requirements for firmware support from companies putting products on the market should be.
 
Avalon said:
It’s a good job Cisco and Netgear don’t have some really uncomfortable history when it comes to unpatched vuln’s and being used for botnets, or they would have to ban them. Oh… they’re not Chinese owned brands.
Click to expand...

As per my posts this year:

Rroff said:
Possibly - where I work has had 3 lots of disruption this year due to "unexpected technical issues" in systems either on our end or with service providers we use who provide a service to a wider number of businesses, which given my level of experience with IT and knowing how things work normally IMO are almost certainly due to either malicious tampering or attempted intrusion rather than bugs, etc.
Click to expand...

Rroff said:
Interestingly around the same time as BA had "technical issues" today we were hit with a large scale and sophisticated, though not very effective, cyberattack at work - we are completely unrelated to BA. From what I can see it didn't achieve much other than some disruption, temporarily knocking systems offline, but doesn't seem to have infected anything or compromised any systems, at least not according to IT or from my understanding of what has happened, despite penetrating the network enough to cause disruption.

Bit of a weird one as it seems to have affected quite specific hardware within the network which I guess had some kind of vulnerability but I don't think we were the intended target hence it wasn't very effective - I'm guessing that hardware was hit broadly.
Click to expand...

We've had 2 instances at work of Western brand enterprise routing/access point hardware having vulnerabilities exploited, fortunately we ourselves weren't the intended target and our data doesn't seem to have been compromised, but vulnerabilities were used to compromise certain hardware and attempt to attack another target degrading the performance and/or functionality of our systems.

EDIT: When I said doesn't seem to have infected/compromised anything in the quote above I meant beyond the initial point of vulnerability.
 
Last edited:
SpellowHouse said:
Dude, seriously, talk about closing the gate after the horse has bolted. The toaster had all my data years ago. :mad:
Click to expand...
You are looking a little pale this morning. Would you like me to add a little more colour to your toast? Remember your meeting at 12.45 and don't forget to renew your prescription.
 
drakioned said:
If we’re going to be spied on anyway, there’s an argument for at least having cheaper network gear…
Click to expand...
We live in the UK, since the snoopers charter was introduced, man+ dog can access your browsing data with minimal oversight, in fact even after it was judged to be illegal at one point, it still continued for a significant period.
 
Last edited:
In passing, TP_link seem to have been producing some very interesting routers of late. No idea what they are like "inside" but the specs are impressive.
 
Last edited:
Caged said:
It's simply protectionism.
Click to expand...

No. Routers can host spyware and malware. Back when I was in the defence sector the Chinese were well-known for trying to steal anything and everything.

ETA: for a while I ran a Smoothwall firewall. The probes and attacks were relentless.
 
Last edited:
Thankfully, I'm only interested in their unmanaged switches (SX-105 primarily to upgrade the 10g network fully). That's not likely to have spyware or malware right? Although their record of issues developing with this switch is unusually high (although they're not the only manufacturer with this issue it appears - all the other passive 10gbe unmanaged switches have similar issues; heat based I'm guessing).
 
Quartz said:
No. Routers can host spyware and malware. Back when I was in the defence sector the Chinese were well-known for trying to steal anything and everything.

ETA: for a while I ran a Smoothwall firewall. The probes and attacks were relentless.
Click to expand...

I have to say that if there was anything I would not trust from China, it would be a router. I mean they are key to your security. If the router is compromised you might as well just forget everything else.
 
Quartz said:
No. Routers can host spyware and malware. Back when I was in the defence sector the Chinese were well-known for trying to steal anything and everything.

ETA: for a while I ran a Smoothwall firewall. The probes and attacks were relentless.
Click to expand...
I think the point being made was that if the US really cared about dealing with spyware, etc on this level then they would be targeting all brands of networking hardware. Foreign and domestic. Especially those with a past history of problems in this regard.

But they aren't, they are only targeting specific foreign interests, something they have a history of doing, despite being aware of vulnerabilities in other companies kit. This does sound like protectionism.

It doesn't mean that foreign networking kit doesn't contain vulnerabilities. Both things can be true.
 
Distracted said:
I think the point being made was that if the US really cared about dealing with spyware, etc on this level then they would be targeting all brands of networking hardware. Foreign and domestic. Especially those with a past history of problems in this regard.
Click to expand...

Yes, thanks. That was the point. Fortinet have had a seemingly unending stream of zero-day SSL VPN vulnerabilities and yet the US don't seem that bothered about banning them.

A level playing field where insecure products regardless of vendor result in sales bans would be great, I'd be all for that, except in reality as soon as Cisco achieved enough violations to warrant a sales ban it would turn out that actually it's just guidance.
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom