this post was submitted on 18 Dec 2024
116 points (96.8% liked)

Technology

59982 readers
4137 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

TP-link is reportedly being investigated over national security concerns linked to vulnerabilities in its very popular routers.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 15 points 3 hours ago* (last edited 3 hours ago) (2 children)

It's a good idea, but there's going to be firmware at lower levels (roughly the BIOS) that could still be compromised. It's best to just not buy Chinese hardware designed and manufactured by a Chinese company with no western involvement when you can avoid it.

[–] [email protected] 2 points 1 hour ago (1 children)

This didn't even occur to me when I bought my new router recently. I just went with one of the best-reviewed models that had all the features and speed I needed.

[–] paraphrand 1 points 52 minutes ago

Did you get a TP Link?

Last time I was in the market, they were a top pick.

[–] [email protected] 1 points 2 hours ago (1 children)

An even better way is to leave vulnerable pieces in all parts of the firmware / software stack. E.g. old version of SSH with a known vulnerability or two, old web server, etc. Then just exploit as needed.

[–] [email protected] 1 points 1 hour ago (1 children)

The examples you gave are all at the OS level and installing OpenWRT would fix them. The firmware/BIOS level is much more custom and can be susceptible to attacks the OS is completely unaware of (effectively pre-installed rootkits). Hence why I mentioned it may not be enough to install OpenWRT.

[–] [email protected] 1 points 37 minutes ago

Yes of course, you're right. The point I'm making is that wherever you're putting in backdoors, instead of backdoors, you can just leave unlatched vulnerabilities. Gives you solid plausible deniability.