Jeff Geerling's reaction: https://www.youtube.com/watch?v=04oL0qVSWJE

If war breaks out you better bet a bunch of equipment will turn off.

Numerous papers showing the ability to easily map indoors areas with WiFi (including occupancy) it’s a liability.

There will be excuses “tariffs” etc but I heard a few have gotten calls from three letter agencies coyly telling you to improve your systems.

It’s a chance to refresh the product line! (of course at the worst time when mem prices are bleed you dry high)

I have a small stockpile of wifi 6 routers running openwrt. I'm set for quite a while given that wifi 6 is plenty fast enough for my family.

This is kind of a boneheaded way of handling whatever issues they're claiming.

What exactly does "produced" mean in this context? That the final assembly was done here, software was written here, PCB was assembled here, SoCs and ICs wwre manufactured here, or something else? Regardless, while consumer routers are 9 of 10 times insecure garbage, it's hard to think of any that aren't manufactured outside the US.

Yeah, it does sound like this should be focused on verifying firmware, including all future updates. If a Chinese company builds the router at a US Foxconn site, it is still the same situation.

If worried about supply chain and inside jobs, I worry more about the IoT widgets I have. They are already inside the LAN, can access the internet, etc.

Anyway, bribes aside, this is probably just a talking point and not much actually changes.

I'd gladly buy an American-made router if one existed!

Prediction: there will appear new "Made in the USA" routers that differ from some Chinese model only by the label. Already the case in Russia for e.g. powerbanks.

As someone who works with networking (consumer prosumer enterprise everything) the problem is far more complex than : make it open.

Manufacturers can support devices for long but it costs money which the consumers / businesses aren’t willing to pay or value. Cybersecurity is a joke and the general consensus is : we will pay for things as and when there is a fire. We don’t put a price on prevention because we can’t really show it to shareholders how we profited from not being attacked since we blocked those. So we create an arbitrary certification and pass things according to it. This certification doesn’t say anything about firmware. But if we do get attacked then we can convince the shareholders to spend money on better equipment this financial year and then not bother until the next time we have a problem.

Some of these certifications focus on what the devices allow you to do (like acls and firewalls) and see if they pass these tests. But actually looking at the firmware and finding vulnerabilities is not in scope.

I would be more impressed if they would ban all enterprise routers manufactured in China. I have had to continuously patch and meticulously mitigate severe vulnerabilities and bugs in Cisco, Dell, HPE, Extreme, Arista routers, switches, fabrics, and others. These are all manufactured in China, Taiwan, Hong Kong, Vietnam, Malaysia, Thailand, and probably elsewhere in the Greater China region... Actually I take it all back. I wish they would just ban companies from shipping bad code and sanction them for causing millions of hours of required labor to ensure their manufacturing defects do not harm businesses and their customers. Thank you for your attention to my chatter.

So... What are the options now for American consumers? What brands are left and available?