Good. TPLink makes cartoonishly insecure consumer grade equipment. A better solution is that the US establishes some minimum infosec standards for this equipment, but that would require time and thought.
Do you have any information to share about their bad security? I have a couple of their routers which seem to work quite well. Any I really at risk, and anymore than I would be with something from Linksys or Netgear?
Am I really at risk, and anymore than I would be with something from Linksys or Netgear?
As always, depends on your threat model. I have cheap TPLink switch in my home network because its cheap and kept behind a pfsense firewall. The TPLink switch is not allowed to talk to the internet. This is good enough for me as I don’t have a threat model where something attacks the switch from inside my network.
For completeness here are Cisco’s and Netgear’s vulnerabilities. Infosec security is a journey, not a destination.
Thank you for that! I’m keeping the cvedetails link bookmarked.
My two devices, the Archer BE9300 router and the TL-WA3001 AP aren’t listed with any known vulnerabilities, though I suppose it may be they haven’t been tested. The BE9300 is pretty popular though so that would be surprising.
The known vulnerabilities in their other devices don’t appear malicious or any worse than other common vendors either however. Given the state of the US government and its desire to monitor it’s citizens, I can’t decide if it’s contempt for TP-Link is a bad thing or not. They might just be mad they can’t get the vendor to give them a backdoor.
Nowadays it wouldn’t surprise me if a secondary system was hidden on a chip on a router, meaning you could replace the main firmware and still be spied on, it’s better to have hardware you can trust top to bottom from the country you live in, but as far as what the risk cited by US officials is then it’s probably something like being used as a sleeper device that will later be included in massive botnet attacks like the AISURU botnet well documented to be made up of compromised consumer devices.
My money would have been on Cisco rather than TP-Link, though.
It’d have to literally be a full CPU that somehow has only read access to the RAM such that it’d be a genuine feat of engineering. Either that or the whole thing is just a virtualized device, but the cooling demands for either method would exceed the threshold for passive cooling in those enclosures and require fans at that point.
Bloomberg wrote an article several years ago that was absolutely slaughtered for making up from bad sources such a chip concept except even more unbelievable because they claimed it was hidden inside the PCB itself and only like 6 or 8 pins? Absolutely absurd for anyone who understands electrical engineering or microcontrollers at all.
If you can, look for a mikrotik device, especially if you are in Europe. They are well established, not hard to use, but have extreme depth of features for advanced users, and they are not expensive.
I have one mikrotik poe AP I use and am quite happy with, but certainly not something I’d recommend for non-technical people because it’s firmware isn’t consumer friendly.
However my question is really what’s the real risk in using TP-Link devices. Neither the article or any of the comments link to any explanation of the actual risks. Is my network actually open to hackers now? Is my router able to be used for dos attacks or for other purposes now? Everyone is acting like their flaws are common knowledge and there’s zero info about genuine flaws or exploits.
Honestly, I wouldn’t use them in a commercial or business setting but if you are not a criminal (FBI might do some snooping), then I don’t think anyone is going to try to hack your local network lol.
But that’s not really answering anything. Why? What makes their products more insecure or hackable than other brands? Like do they have ports open by defaults? Is the interface they use insecure and easily hacked? Or is this purely a “were not sure exactly but they probably have a back door”
Good. TPLink makes cartoonishly insecure consumer grade equipment. A better solution is that the US establishes some minimum infosec standards for this equipment, but that would require time and thought.
Do you have any information to share about their bad security? I have a couple of their routers which seem to work quite well. Any I really at risk, and anymore than I would be with something from Linksys or Netgear?
Here are two new vulnerabilities from this month.
Here are some more exploits from 2023
Here are all the TPLink vulnerablies known publicly
As always, depends on your threat model. I have cheap TPLink switch in my home network because its cheap and kept behind a pfsense firewall. The TPLink switch is not allowed to talk to the internet. This is good enough for me as I don’t have a threat model where something attacks the switch from inside my network.
For completeness here are Cisco’s and Netgear’s vulnerabilities. Infosec security is a journey, not a destination.
Thank you for that! I’m keeping the cvedetails link bookmarked.
My two devices, the Archer BE9300 router and the TL-WA3001 AP aren’t listed with any known vulnerabilities, though I suppose it may be they haven’t been tested. The BE9300 is pretty popular though so that would be surprising.
The known vulnerabilities in their other devices don’t appear malicious or any worse than other common vendors either however. Given the state of the US government and its desire to monitor it’s citizens, I can’t decide if it’s contempt for TP-Link is a bad thing or not. They might just be mad they can’t get the vendor to give them a backdoor.
Replace the firmware on your current TPLink devices with OpenWRT, for a temporary solution.
OpenWRT is a permanent solution for older TP-Link routers. Their newer routers are locked down and not supported by OpenWRT.
A solution to what exactly? Nobody has provided any information about definitive risks.
An as OpenWRT goes it would either be a permanent solution or no solution at all. How would it be temporary?
Nowadays it wouldn’t surprise me if a secondary system was hidden on a chip on a router, meaning you could replace the main firmware and still be spied on, it’s better to have hardware you can trust top to bottom from the country you live in, but as far as what the risk cited by US officials is then it’s probably something like being used as a sleeper device that will later be included in massive botnet attacks like the AISURU botnet well documented to be made up of compromised consumer devices.
My money would have been on Cisco rather than TP-Link, though.
It’d have to literally be a full CPU that somehow has only read access to the RAM such that it’d be a genuine feat of engineering. Either that or the whole thing is just a virtualized device, but the cooling demands for either method would exceed the threshold for passive cooling in those enclosures and require fans at that point.
Bloomberg wrote an article several years ago that was absolutely slaughtered for making up from bad sources such a chip concept except even more unbelievable because they claimed it was hidden inside the PCB itself and only like 6 or 8 pins? Absolutely absurd for anyone who understands electrical engineering or microcontrollers at all.
If you can, look for a mikrotik device, especially if you are in Europe. They are well established, not hard to use, but have extreme depth of features for advanced users, and they are not expensive.
I have one mikrotik poe AP I use and am quite happy with, but certainly not something I’d recommend for non-technical people because it’s firmware isn’t consumer friendly.
However my question is really what’s the real risk in using TP-Link devices. Neither the article or any of the comments link to any explanation of the actual risks. Is my network actually open to hackers now? Is my router able to be used for dos attacks or for other purposes now? Everyone is acting like their flaws are common knowledge and there’s zero info about genuine flaws or exploits.
Honestly, I wouldn’t use them in a commercial or business setting but if you are not a criminal (FBI might do some snooping), then I don’t think anyone is going to try to hack your local network lol.
But that’s not really answering anything. Why? What makes their products more insecure or hackable than other brands? Like do they have ports open by defaults? Is the interface they use insecure and easily hacked? Or is this purely a “were not sure exactly but they probably have a back door”
I don’t know but I wouldn’t use TPLink in an apartment building because there might be more chances of someone trying to hack you I guess.
Why?