Drilling down on Uncle Sam's proposed TP-Link ban

Original Article ↗ Hacker News Discussion ↗

Trust in Hardware and Firmware

  • Several commenters argue that nobody really knows what commercial chips are doing; true assurance would require local fabrication and trusted toolchains, which we don’t have.
  • Even with OpenWRT or similar, core components (Wi‑Fi radios, SoC boot firmware, Intel ME–like subsystems) remain opaque blobs with DMA access, so swapping the OS is only partial mitigation.
  • Some conclude that all vendors and countries pose surveillance risks; the “choice” is mostly which government you’re more willing to be spied on by.

TP-Link Security, Quality, and Support

  • Experiences are sharply split:
    • Critics report unstable Deco mesh systems, routers needing scheduled reboots, short effective support lifetimes, and hardware revisions with downgraded specs under the same model name, eroding trust.
    • Others say their TP-Link routers, switches, and Deco units receive firmware updates for many years (including very old models) and are rock solid for home/SOHO use, especially at TP-Link’s price.
  • Some see TP-Link as clearly better value than Netgear/D-Link/Linksys; others report the opposite and praise Ubiquiti, Mikrotik, AVM Fritz! or custom OPNsense/OpenWRT setups.

Geopolitics vs Technical Risk

  • Many see the proposed ban as primarily political: anti-China signaling, trade leverage, or even rent‑seeking/extortion, with little concrete public evidence of TP-Link doing state-directed spying.
  • Others counter that, regardless of corporate reorganization and US HQ branding, TP-Link remains heavily Chinese in ownership, staffing, and manufacturing, and is therefore subject to Chinese state pressure.
  • There’s extensive pushback that singling out Chinese gear is hypocritical given documented US/EU backdoors and lawful‑intercept abuses (Cisco, Crypto AG, etc.). Non‑US commenters often say they distrust US tech at least as much as Chinese.

Regulation, Liability, and Incentives

  • Several argue that consumer routers in general are a national security problem because of pervasive crappy firmware, not one brand; they call for security standards or “building codes” for network software instead of brand bans.
  • Ideas floated: enforce long-term patching, make no‑liability clauses illegal, impose product liability for security failures, or even subscription models dedicated to maintenance (others fear those would be abused).
  • Skeptics note that companies and executives rarely face real consequences for security failures, so they rationally underinvest.

Alternatives, Practices, and Market Impact

  • Many recommend OpenWRT/OPNsense with separate “dumb” APs, or vendor ecosystems like UniFi or Omada, managed locally.
  • There’s frustration at TP-Link’s move toward forced cloud accounts and dark patterns in apps, especially for smart plugs.
  • Commenters worry that bans will reduce competition, push people toward ISP-controlled or US‑backdoored gear, and further normalize insecure, consumer‑hostile networking hardware.