FCC updates covered list to include foreign-made consumer routers

Posted by moonka 1 day ago

473 points | 405 commentspage 8

caspian123456 9 hours ago|

[dead]

supernetworks 1 day ago||

[flagged]

beart 1 day ago|

Hey, sorry I'm a bit lost trying to follow your comment. Who are "We" that you are referring to?

gnabgib 1 day ago|||

I think the we is a bot.. they already posted this: https://news.ycombinator.com/item?id=47497129

And suggested a mod should read comment history: https://news.ycombinator.com/item?id=47497296

supernetworks 1 day ago||

Not a bot. Anyway if you have questions about router security rather than moderation happy to "delve" into that.

gnabgib 1 day ago||

Yes, please share more of what you've found about wifi security.

supernetworks 1 day ago|||

Supernetworks -- ill update. Our initial comment got moderated for too much self promotion so also apologies there and again for anyone who is offended

supernetworks 1 day ago||

[flagged]

tomhow 1 day ago|

Please avoid low-substance, self-promotional comments like this on HN. It's OK to mention your own product/service occasionally, but only if it's in context and as a part of a comment that makes a substantive, insightful contribution to the discussion.

Also, we recommend using a username that seems human, rather than being based on a company/brand name, otherwise it seems like you are here primarily for promotional purposes rather than curious conversation. You can email us to change the username if you'd like – hn@ycombinator.com.

supernetworks 1 day ago||

Thanks Tom. This whole comment thread is a bit of a dumpster fire of opinions however we have been working on the wifi security problem for a long time and we have a lot to say about it. Router manufacturers competing into involution that ship RCE (much of which is triggerable from a web page) have created a substantial risk to consumers, in this case with a lens on the US market. We tackle hardware & software and prioritized network isolation as the first thing to resolve. We have tons on our blog and page about network security and have open source software.

tomhow 1 day ago||

> however we have been working on the wifi security problem for a long time and we have a lot to say about it

Great, please share it with us! If what you've said is true, the kind of comment you're uniquely qualified to share is the very thing the thread most needs.

supernetworks 1 day ago||

You can check our comment history https://news.ycombinator.com/threads?id=supernetworks

tomhow 1 day ago||

Right; about 20 comments over nearly three years, and nothing substantive in the current thread.

The whole point I'm trying to make is that you're qualified to make a substantive comment in the current thread and instead you've just posted a low-substance promotional comment.

anonym29 1 day ago||

What the fuck?! I did not sign up to live in some third world shithole where I can't get first-world networking equipment. I do not want some piece of shit closed-source proprietary netgear ameritrash. FUCK! Give me back my god damn chinese routers!

Chinese citizens have more computing freedom than American citizens at this point. What the fuck happened to the land of the free?

0cf8612b2e1e 1 day ago||

I doubt anything will be pulled from the market. This is instead notice to the companies that now is the time for a donation to the administration’s ballroom.

anonym29 1 day ago||

Right now, the way this is currently worded, every single foreign-made consumer router has already been pulled from the market, and has to request permission to be reintroduced. The only consumer routers not currently affected are those that are either already purchased (some good, but won't last forever) or are American-made (overpriced, underpowered dogshit)

racingmars 1 day ago||

From the news release "What does this mean?" section: "This update to the Covered List does not prohibit the import, sale, or use of any existing device models the FCC previously authorized."

So no, this does not pull all existing routers off the market. Anything that already got FCC approval remains approved and new stock may be imported and sold.

ReptileMan 18 hours ago|||

> I do not want some piece of shit closed-source proprietary netgear ameritrash.

So much different than the piece of shit closed-source proprietary netgear chinesium.

Consumer routers are shit full stop.

anonym29 14 hours ago||

Plenty of Chinese routers offer better performance at lower prices with factory support for OpenWRT, unlike Ameritrash.

ReptileMan 14 hours ago||

Only Glinet. With all the rest is hit and miss and some are with locked bootloaders.

vsgherzi 1 day ago|||

I understand the anger but I wouldn't go as far as that last part... the GFW is the ultimate censorship tool. For the record I run tp-link aps

wao0uuno 16 hours ago|||

Lmao you're an IT guy, right? Get yourself a Raspberry Pi 5, PCIe adapter and a second hand gigabit Intel NIC. Slap a case on that, put OpenWRT on it and bam! High performance, high quality router built from trustworthy parts running open source operating system. Not the prettiest and simplest solution but at least that way you don't have to depend on Realtek chips and Chinese firmware.

anonym29 14 hours ago|||

Pi 5 can't come close to handling gigabit wireguard tunnels. I can do an x86 build that will, but still, incredibly aggravating.

Marsymars 13 hours ago||

You'll probably see better performance with a non-wireguard VPN with the RP5 since it has hardware accelerated AES instructions.

vaxman 12 hours ago|||

There is an entire WORLD that lives in your computer below the operating system (eg, OpenWRT). For example, in your Raspberry Pi 5, there is a chip called the VideoCore GPU and it contains a big blob of code known only to Raspberry Pi Foundation and, perhaps, Five Eyes. The Chinese processors are like that too!

Even if you have the source and build system to recreate the exact binary blob and can reload it with Jedec or whatever, there is another world below the firmware...called microcode. Some of the microcode comes from the FAB preloaded! Even if you can get the source code for the microcode and somehow read it out and verify it is the same, you guessed it...there is another world below that [1 https://www.researchgate.net/publication/380555600_Trustwort... ] [2 https://dl.acm.org/doi/fullHtml/10.1145/3579856.3582837 ] [3 https://ieeexplore.ieee.org/document/7546493 also https://www.semanticscholar.org/paper/A2%3A-Analog-Malicious... ]

0xy 1 day ago|||

The computing freedom = a plausibly deniable backdoor.

https://nvd.nist.gov/vuln/detail/CVE-2023-1389

supernetworks 1 day ago||

Another favorite, https://www.synacktiv.com/publications/cool-vulns-dont-live-...

the router sniffed plaintext http to grab HTTP User agents to put them into a curl bash command line string. Nice RCE from the browser.

mx7zysuj4xew 1 day ago||

Why wasn't anyone notified about this being in the works? What bulletins did I fail to notice. WHAT THE HELL IS GOING ON HERE

crimshawz 18 hours ago||

Long overdue.

razorbeamz 1 day ago|

I'm sure people will get right on buying American-made routers.