US may ban the sale of TP-Link routers

Distracted said:
I think the point being made was that if the US really cared about dealing with spyware, etc on this level then they would be targeting all brands of networking hardware. Foreign and domestic. Especially those with a past history of problems in this regard.

But they aren't, they are only targeting specific foreign interests, something they have a history of doing, despite being aware of vulnerabilities in other companies kit. This does sound like protectionism.

It doesn't mean that foreign networking kit doesn't contain vulnerabilities. Both things can be true.
Click to expand...

The difference is that while all these routers are susceptible to hacking from all and sundry, TP-Link being Chinese means that they may be suborned at a nation-state level.
 
Distracted said:
I think the point being made was that if the US really cared about dealing with spyware, etc on this level then they would be targeting all brands of networking hardware. Foreign and domestic. Especially those with a past history of problems in this regard.

But they aren't, they are only targeting specific foreign interests, something they have a history of doing, despite being aware of vulnerabilities in other companies kit. This does sound like protectionism.

It doesn't mean that foreign networking kit doesn't contain vulnerabilities. Both things can be true.
Click to expand...
True enough. It's hypocritical, since hundreds of American companies make a living out of stealing and selling peoples data.
 
Quartz said:
The difference is that while all these routers are susceptible to hacking from all and sundry, TP-Link being Chinese means that they may be suborned at a nation-state level.
Click to expand...

If the US wants to pre-emptively ban all devices made in China/by a Chinese company that have the ability to execute code and are connected to the internet then coming out and saying that would make a lot more sense than landing on TP Link alone being an issue. If they want to claim it's about security then some basic product standards would be helpful to make that case, but I don't get the impression that additional regulation of consumer goods is particularly high up the agenda.
 
Caged said:
If the US wants to pre-emptively ban all devices made in China/by a Chinese company that have the ability to execute code and are connected to the internet then coming out and saying that would make a lot more sense than landing on TP Link alone being an issue. If they want to claim it's about security then some basic product standards would be helpful to make that case, but I don't get the impression that additional regulation of consumer goods is particularly high up the agenda.
Click to expand...

The challenge comes with proving the security. Unless you've got fully open firmware for the entire device, and fully open source chips (and... some way to prove that the chips in this given router are the same as the engineering samples which were proven?), you have no way to prove any guarantees or assurances made by the manufacturer about security, lack of backdoors etc. All you've really got is "Trust me, bro".
 
Sure but that's the case for all these types of regulations, including PSTI. What it does is set out in law a process by which breaches can be punished rather than having to try and use existing laws.
 
Quartz said:
The difference is that while all these routers are susceptible to hacking from all and sundry, TP-Link being Chinese means that they may be suborned at a nation-state level.
Click to expand...

Stealing my data, in order of caring...

1. Amazon.
Because they pester me with adverts.

2. The UK government.
I'm not doing anything wrong so I don't care, but having said that, they will probably lose my data to hackers.

3. The Chinese government.
I can't think of anyone that my data is less useful to....other than maybe "Ladies Underwear Dot Com".
 
And suppose you are working from home on a new product? Say Rolls Royce’s new aero engine. Don’t you think China would be interested in that? How about cargo shipping costs?
 
Quartz said:
And suppose you are working from home on a new product? Say Rolls Royce’s new aero engine. Don’t you think China would be interested in that? How about cargo shipping costs?
Click to expand...

What is the attack that you see happening here, broadly speaking? How is your particular router being identified as one to target, and what does the attack look like?
 
You must log in or register to reply here.
Back
Top Bottom