TP-Link faces ban from US. Hijacked TP-link routers being hacked by Chinese state hackers.

Gromett · Wednesday at 6:58 PM

Worth considering if you have a tp-link router.

TP-Link faces possible US ban as hijacked routers fuel Chinese attacks

Founded in China, TP-Link makes routers popular in US homes and businesses.

arstechnica.com

Gromett · Wednesday at 7:20 PM

PS: My advice would be to dump tp-link. This has been the case for a while now.

Phill D · Wednesday at 7:48 PM

Do you know if this is applicable just to routers or does it affect boosters / repeaters also?

StillGoing · Wednesday at 10:10 PM

That’s a shame. They make some good kit and I have found their support to be excellent.

Gromett · Thursday at 12:32 AM

Phill D said:
Do you know if this is applicable just to routers or does it affect boosters / repeaters also?

I suspect the software is shared across platforms and would all be suspect.

Gromett · Thursday at 12:32 AM

StillGoing said:
That’s a shame. They make some good kit and I have found their support to be excellent.

Me too I was a fan of theirs for quite some time.

Markman · Thursday at 1:41 AM

I have a GL-inet Chinese mifi. Love it. How would I find out if it has the same deliberate design/vulnerabilities?

GL-X3000 / Spitz AX

A WiFi 6 Dual-SIM 4G/5G Cellular Router that supports 5G NR Dual-SIM Failover & Multi-WAN, pre-installed with OpenWrt 21.02, OpenVPN and WireGuard.

www.gl-inet.com

Gromett · Thursday at 2:03 AM

Markman said:
I have a GL-inet Chinese mifi. Love it. How would I find out if it has the same deliberate design/vulnerabilities?

GL-X3000 / Spitz AX

A WiFi 6 Dual-SIM 4G/5G Cellular Router that supports 5G NR Dual-SIM Failover & Multi-WAN, pre-installed with OpenWrt 21.02, OpenVPN and WireGuard.

www.gl-inet.com

I am sorry I can't help on that one.

Sue and Rick · Thursday at 4:27 AM

I don't really understand the details of this. We have a portable sim unit we use abroad. What problems could we have? we connect our phones and use the wifi data. Maybe look at our security cameras now and again.

Deafender · Thursday at 6:44 AM

Gromett said:
PS: My advice would be to dump tp-link. This has been the case for a while now.

Yep, they have good products at reasonable prices… however through my work, which can at times involve sensitive and valuable personal data, I’d been made aware of the undertones around TP Link and possible snooping and vulnerability risks, and instructed to swap out the TP Link devices (Router and the WiFi Boosters) that had originally supplied to me for my home working set up - this wasn’t down to any specific incident I know of, just the possible threat of something sinister, and the risk of damage it may cause - so I’m not surprised to see this coverage coming up more widely.

Networking and communications devices like domestic routers, internet boosters, WiFi cameras etc. where your data gets managed for you on the data systems of such overseas organisations as TP-Link, are well up there for the potential of sinister activities, and it a risk area worth thinking about - I agree with the OP- if you can, look at other alternatives to this particular brand for home internet routers and boosters…

Roger S · Thursday at 7:05 AM

Sue and Rick said:
I don't really understand the details of this. We have a portable sim unit we use abroad. What problems could we have? we connect our phones and use the wifi data. Maybe look at our security cameras now and again.

We too have a portable TP link router for travelling and will do some bank transfers whilst away so not good to hear. I wonder if they will be looking at our holiday phtos too !

Masman · Thursday at 7:33 AM

I don't have a TP Router but have WiFi boosters and cameras that run from virgin router. Not being a technophobe can anyone tell me what the risks are for online use eg banking.My laptop uses WiFi but runs from virgins WiFi .

Diabalo · Thursday at 7:46 AM

Back in 2020 the US has banned a lot of Chinese network equipment over concerns around security.

The cynics would say they have done it so there own companys can step in. I believe the UK had issues with Huawei on the 5G networks and banned those.

From Tinternet

There advice was If you are using IT technology from Chinese companies, it would be a good idea to start looking at alternatives. The China-based companies currently under the ban are:

Huawei
ZTE
Hytera
Hikvision
Dahua

Companies not under ban that make comparable IT equipment are (as of this writing):

Microsoft (U.S.)
IBM (U.S.)
Oracle (U.S.)
HP (U.S.)
Cisco (U.S.)
Juniper Networks (U.S.)
Arista Networks (U.S.)
TCS (India)
Nokia (Finland)
Samsung (South Korea)
Ericsson (Sweden)

Diabalo · 2024-12-21T12:38:28+0000

Gromett This is an interesting watch, it's long and takes a little awhile to get to the nitty gritty.

Odd-no-more · 2024-12-21T12:54:26+0000

I had a TP router for years, until it failed. Now I use the one supplied by my internet provider. How would I know who's made it?

Gromett · 2024-12-21T13:00:00+0000

Odd-no-more said:
I had a TP router for years, until it failed. Now I use the one supplied by my internet provider. How would I know who's made it?

You don't need to worry if it was supplied by your internet provider. They will provide security updates and if not available send out a replacement.
Security becomes their responsibility. They are for the most part good on this.

StillGoing · 2024-12-21T13:10:24+0000

A lot of TP-link routers allow you to install third-party firmware.

Gromett · 2024-12-21T13:35:10+0000

StillGoing said:
A lot of TP-link routers allow you to install third-party firmware.

I played with open-wrt many years ago. Probably a good way to resurrect old or vulnerable routers.
However, maybe not for the tech novice perhaps? I always had a couple of spare routers lying around in case I messed thing up and needed to reset.

Odd-no-more · 2024-12-21T13:51:28+0000

I also have a TP-link booster, should I worry about that?

Gromett · 2024-12-21T15:10:41+0000

Diabalo said:
Gromett This is an interesting watch, it's long and takes a little awhile to get to the nitty gritty.

I tried but he is so slow and ponderous. I gave it 5 minutes and couldn't bear doing another 25 sorry

Gromett · 2024-12-21T15:12:33+0000

Odd-no-more said:
I also have a TP-link booster, should I worry about that?

I personally wouldn't trust tp-link anymore.

Basically the problem is that they allow vulnerabilities to persist for a long time sometime never fixing them. This leaves you open to having it hacked.

Diabalo · 2024-12-21T15:17:07+0000

Gromett said:
I tried but he is so slow and ponderous. I gave it 5 minutes and couldn't bear doing another 25 sorry

The practical interesting stuff to do with the actual hardware and how he hacks it starts about 5.30. It's ineresting that he unsolders the chip for the firmware extraction.

Gromett · 2024-12-21T15:33:56+0000

Diabalo said:
The practical interesting stuff to do with the actual hardware and how he hacks it starts about 5.30. It's ineresting that he unsolders the chip for the firmware extraction.

If it requires hands on of the device it is not a security issue I would worry about to be honest. EVERYTHING is hackable if you can take possession like that.
There is no such thing as perfect security.

However, remote execution vulnerabilities. Such as the CVE-2024-5035, as a single example would be really scary one.

https://thehackernews.com/2024/05/tp-link-gaming-router-vulnerability.html

The first rule of writing secure code is NEVER trust user input. It should always be filtered, validated and restricted to specific inputs.

If they are having issues with this first rule, then I am not sure how much trust can be given to the rest of their code.

As you can see from the article and I repeat here.

The appear to kill of security updates pretty quickly.

Gromett · 2024-12-21T15:39:18+0000

I would like to see a new law where any device connected to the internet has to have at least the following.
For 5 years from time of sale to the end user - guaranteed and timely security updates for all security issues no matter how minor.
A user interface that will notify the user of an available security update.
A user interface that will notify the user when such updates are no longer being produced with a warning of the implication.
Each device must ship with a unique username and password combo not a default setting. OR must force the user to select one before going active.

For routers without a screen, the notification may be a simple bright red flashing LED.

The manufacturers of these devices need to take more responsibility for the damage they cause to the internet by weak security.

oldiesontour · 2024-12-21T15:53:30+0000

I only use mobile data for banking never wi if is that safer ???

TP-Link faces ban from US. Hijacked TP-link routers being hacked by Chinese state hackers.

Gromett

TP-Link faces possible US ban as hijacked routers fuel Chinese attacks

Gromett

Phill D

StillGoing

Gromett

^{_{Subscribers do not see these advertisements}}

Gromett

Markman

GL-X3000 / Spitz AX

Gromett

GL-X3000 / Spitz AX

Sue and Rick

Deafender

^{_{Subscribers do not see these advertisements}}

Roger S

Masman

Diabalo

Diabalo

Odd-no-more

^{_{Subscribers do not see these advertisements}}

Gromett

StillGoing

Gromett

Odd-no-more

Gromett

^{_{Subscribers do not see these advertisements}}

Gromett

Diabalo

Gromett

Gromett

oldiesontour

^{_{Subscribers do not see these advertisements}}

Latest journal entries

UK to Cyprus - Week 1, France

28 days in Languedoc (including travel)

Our roadtrip july 2023