The FCC decided that all foreign-made consumer-grade Internet routers are prohibited from receiving FCC authorization and are therefore prohibited from being imported for use or sale in the US.
https://infosec.exchange/@briankrebs/116280575943263005Open linkView original on lemmy.ca813
Comments152
This is just their way of saying they want state sponsored backdoors into all private home networks.
Or, guess what, the next thing will be that all new domestically produced routers will require ID verification before they'll connect.
every 6 hours.
With screenshots of your systems sent and analyzed by ai
Side note: I thought that meme was from idiocracy, but apparently it's actually from a 4chan greentext and I had made a false memory of it being in the movie 😅
Honestly would've fit perfectly in that movie, but the verification can doesn't have electrolytes.
It’s got what plants crave.
They don't want to, they already have it and just don't want people to be able to avoid it.
https://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act
… does America even manufacture routers?
We don't lol
Electronics manufacture of any kind has been heavily outsourced since at least 1995.
That only means we're going to take over a country that makes routers.
Greenfield makes routers right? Or is it Iceland? My hands are Huuuuuge!
China? Yeah fat chace
Time to dust off the old US Robotics 14.4k sportster.
It depends on their version the fcc is considering "manufactured". If they mean it in a literal sense, there's pretty much just starlink. If they mean it can be an American company but put together overseas then there's plenty, like Netgear and Linksys.
linksys is owned by foxconn since 2018, the times when they were cheap brand of cisco are long gone.
I think the last time that was the case, they were called modems and made by US Robotics.
Shortly after the chips and components started coming from Japan and eventually Taiwan.
If foreign made routers pose a severe cybersecurity risk then why would you let the current ones on the market stay? If they were truly a problem you'd remove them from the market, not grandfather them.
But like everything with this capricious administration the real reason they're doing this is probably because someone greased their palms.
The foreign backdoors will stay for critical infrastructure
Honestly it feels like they get their Intel from memes.
Awesome. So what used to be a $50 router is about to be a $150 router. Great.
And it’s going to suck BALLS
$150 will get you a mini PC that you can run OPNsense on. Hopefully they don't ban WiFi access points next.
there is not much wifi access points that are not routers at the same time and i doubt that said regulation would make such a minor a distinction.
also keep in mind that the news articles are specifically talking about tp-link products.
unfortunately we can only guess, because only official document i have found is as vague as the news reports.
https://www.fcc.gov/supplychain/coveredlist
Access points and routers are usually separate once you get away from the consumer grade stuff. The people that run OPNsense at home often use MikroTik or Ubiquiti access points.
i don't think there is single mikrotik that can't function as a router. the fact you can configure them as software bridge does not change that.
the rest answered here:
There are many access points that are not routers.
There are. Just need to shop in the business side of the store and not consumer. At worst pro-sumer.
there are some but they are definitely in the minority. also this regulation is focused on home and soho devices, it specifically mentiones tp-link, which is really not enterprise brand.
also the regulation from what i found is so vague, that i suspect that for the author router equals to "that white box with antenna sitting on my table" and is very likely they have no clue about difference between l2 and l3 layer and what router actually is.
You're being pretty stubborn about your positions but you're misinformed/ignorant.
There are SO many Wi-Fi access points that aren't routers, but a combo router is what most home users buy or get from their ISP. So that's what you think is "most" when in reality the consumer market is dwarfed by commercial.
TP-Link has Omada which is not as enterprise as CISCO but it definitely supports small and medium sized businesses, which are at the greatest risk to vulnerabilities due to low IT department skills.
Conditional approvals - it's a bribe scheme. Companies can ask for exceptions. Sure they wouldn't Grease any palms...
They bulit the bribe into the law: "Producers of consumer-grade routers that receive Conditional Approval from DoW or DHS can continue to receive FCC equipment authorizations. Interested applicants are encouraged to submit applications to [email protected]."
So the application process is "drop us an email and we'll tell you where to deposit the money."
The excuse that it's for security reasons just immediately falls apart when you get to this part of the article:
So it's fine to supposedly threaten national security if you do some more manufacturing in the US? Uh-huh. How does that balance out exactly?
The unwritten part is where Trump gets a free gold plated golf cart or some other stupid shit to sweeten the deal.
Its grift allllll the way down.
I hate to say anything that would defend any of this, but cheap Chinese routers are very prone to security issues. There's a guy that has a youtube channel built arond taking apart and reverse engineering all kids of electroncis. He's found some pretty bad stuff in generic routers, static logins, telemetry sent home, remote executable code in the admin portal while not logged in.
I agree there's a lot more here they hope to gain, and that those gains are their primary objective, but there are some real issues from consumer network electronics.
That may be true and is certainly a well known concern …. Yet given the US government’s recent history, I have a hard time believing much of what they say
Cheap Chinese routers as a risk being true doesn’t prevent it from also being true that the current us administration is full of shit and likely more concerned about enriching someone connected to them, or tilt at windmills
There's better ways to do it then, EU don't have that problem for example, and we buy plenty from China.
We just have safety and security standards enshrined into law, and don't deal with anyone that doesn't agree to follow them.
It's why some products have the C€ symbol on them, which is "this has been imported, and meets all legal requirement", and all shops are not allowed to sell anything without that cert if imported.
(Though this don't apply to direct-to-consumer delivery from other nations, so it's not bulletproof)
That's kinda what's going on. They're pulling the FCC logo and making it illegal to resell without authorization. Hopefully, (but not assuredly) part of that authorization will be to make sure they comply with security.
Though I'm absolutely certain those 'agreements' cost a pretty penny and it's lining someone's pocket as well.
Ah but the C€ don't require you to manufacture some or all parts in the country though, or to pay a fee for the courtesy of dodging the law
Not that i'd be suprised for it to be so, but conditional approval doesn't automatically mean pay a fee and we don't check.
This is America
If I read this right it goes beyond the cheap no-name Chinese stuff that we hopefully all know to avoid by now. This would prevent US companies from outsourcing manufacture to foreign countries, which pretty much all companies do at this point
That would keep routers.ca from reselling Temu routers, net win.
I just hope that part of this doesn't include mandatory backdoors for US agencies. This might be the start of the great firewall of the US
it will
if that ends up being the case, us linux nuts can start making and selling our own routers!
Side Hustle!
until that has you labeled as a terrorist
They'll nail us to the wall for using lemmy before they nail us for making routers :)
In the Age of Technology and AI, it does make sense to have any manufacturing operations in house than overseas. Ofc if there were countries we could trust that would be onpar as well, but the U.S. pretty much shit the bed on alliances.
Sounds like it's just a modern version of Indulgences to me.
This only applies to routers.
It's not widely known outside the ham radio community, but part of the 2.4GHz wifi band overlaps the 13cm amateur radio band. If you turn off 5GHz wifi and lock the 2.4GHz AP to Channel 1, it qualifies as a ham radio, and can be sold as a ham radio instead of an AP/Router. You do need a ham radio license to operate it as a Ham AP, but you do not need a license to buy a Ham AP.
If the end user wants to turn on 5GHz after the fact, there is not a damn thing the FCC can do about it.
That deals with the need for a WiFi access point, but not the main router functionality. Another approach would be a low-power PC running OPNsense or PFsense with a WiFi card repurposed as an access point. Or, if the new policy concerns only routers and not access points, a PC for the router plus a dedicated WiFi access point (some device that is not capable of being a router).
Lol nice
But you can't run encryption on it. So that means no WEP, no WPA, no SSL, TLS, VPN, etc.
So yes, while you could run your own wireless access point, it doesn't solve the main requirement for most people which is privacy.
You aren't understanding my point.
My point is that you can continue to import and sell the exact same physical device, just with a little change in marketing, and possibly software.
My point is this: Once you have acquired the device, there is fuck all the FCC can do about you converting your "ham radio" back into a consumer-grade router.
This is technically not true, the FCC can and does enforce spectrum usage rules. Whether they will expend resources chasing down your router or your unlicensed GMRS is another matter.
Next up, foreign VPNs and shortwave radios are illegal to use.
Then phone calls are restricted.
Then international mail has to be inspected and censored.
All hail Chairman Trump!
USA USA 👊🇺🇸🔥
https://www.ic3.gov/PSA/2026/PSA260312
Compromised devices already comprise what amounts to a foothold within US network infrastructure that makes attribution of actors and defense of critical infrastructure impossible.
It's actually a really good situation for China since they have access to millions of these compromised devices in police stations, fire stations, hospitals, within critical infrastructure networks etc.
Also, the equivalent of mail censorship is already being done by more subtle means.
The US is more fucked than you know. I just hope the US doesn't piss china off too much. The asymmetric warfare will claim more lives of civilians than combatants.
Well tell us your four point plan about how to overthrow the US government and take back control. You can base it on one of the numerous revolutions you have obviously been a part of. It's not like you are just some asshole who doesn't really know anything about it and you are just greatly oversimplifying the situation.....that couldn't be it.
I'm not American but my country knows a thing or two about burning the Whitehouse down.
Go to Truesizeof.net and look at how fucking big America is. It's roughly as big as all the countries involved with the Arab Spring events added together but it would basically have to be overthrown all at once. We can't overthrow Virginia then slowly work our way around to other states.
People outside America act like we are doing nothing but there are protests, riots, and people are getting disappeared by ICE every day. There is no magical way to get a few million people to roll over the White House becuase the president has his own very violent army (ICE) and much of the military supports him becuase they fired all the generals who didn't.
We are not spoiled fat lazy childten. Most of us work at least two jobs and still live paycheck to paycheck. Roughly 60% of the population is one paycheck away from homelessness.
.....but yeah all Americans are lazy fat fucks for not fixing a situation you have never been in or offer any real solutions for.
Look at France because all because they wanted to raise the retirement age. Maybe we should start making jokes about Americans being docile. Like they make fun of the French being cowards. And all Americans do is protest once every couple of months. And say we good.
Sorry I don't have white privilage.
White dudes voted him in, this aint on me. I voted Harris.
What do you want a foreign-born non-white immigrant to do? Political violence? So that it incites even more xenophobia?
Join a community and do what they do.
Call up your local NAACP and find activist groups to be a part of. Advocate for yourself instead of waiting for whitey to save you from the mess they created.
No but that's fine, he voted harris. His opinion was heard and rejected. Nothing else he can do
As someone who's working on starting a diyhrt homebrew and joining the SRA: unless you've lived through the rise of fascism stfu, chances are if you lived here you'd be doin jack shit too.
Fascism/late stage capitalism is exhausting by design. If I didn't spend the past decade removing corporate software from my computers I don't even know how I'd be comfortable doing any of this safely
Proper privacy in today's day in age requires, at least, an understanding of Linux systems administration/, basic network architecture, and virtualization.
That's before we talk about neutralizing ME.
If you're not splitting your identities/footprint across several permanent and burner VM's w/ different public IP's you're probably doing it wrong.
How is that reasonable to expect out of the average person?
You know not everything is online. And it would probably be more efficient if people got odd their phones and did shit in the real world. But maybe america well be the first virtual protest that works.
Yeal well seriously, tomorrow the nazis are marching in my city near me, and I will be there. They want to remigrate my family. I don't need 5 VPNs, i need to leave my phone at home and physically go there.
Sorry friend im not your enemy. But quit thinking of yourself as the main victim when your country's bombing people for breakfast. I spent 3 years comforting my wife as her friends were getting widowed or orphaned. And guess what, harris was still in power. So less voting and more doing, chopchop.
Stay safe
Your medicine you need to live isn't actively being made illegal. The FDA is already being petitioned to make lists of us. There prepping to fucking camp us. This isn't something I need to protest its something Im going to need to live.
Did I say I was?
Read the previous comment and try again.
No, but this holier than thou attitude like you're the only one willing to do something is obnoxious.
Wow are you from an alternative timeline? Because Harris has never been in power here.
The only explanation that makes sense to me is that this is a law to:
ISP provided equipment is also made outside of the US. This affects way more than just telecom stuff
but does ISP provided equipment count as consumer grade?
Ding ding ding
First thought upon seeing this headline. How long until we see the great firewall of USA?
Yes, everything trump does is a request for a bribe.
WHAT
I am really fucking glad I recently bought a high-end router, holy shit
FUUUUUUUUCK
Force consumers into US made, AI-laden, crappy hardware full of backdoors for the regime.
Even more isolationism. Knowing how the usa works, they discovered the equipment was set up for spying on their people and they want all of that "spying on their own people" power for themselves.
My assumption as well, after after the video release in the Guthrie case, we know objectively that every device with a microphone or camera and a wireless connection is spying on us and feeding the data to the US government without a warrant too.
Can you link to the evidence from the Guthrie case?
I’ve always figured it was theoretically possible. Interested in any cases of it in the wild.
Here's one source: https://www.nbcnews.com/tech/tech-news/investigators-wrangled-video-nancy-guthries-google-nest-camera-backend-rcna258460
I'm 100% sure it was Kash's call, and he was just too stupid to realize what the FBI was inadvertently admitting to by releasing this footage.
Thank you, that’s fascinating. Not exactly aa egregious as a smart phone constantly sending out mic and cam data. But it’s nonetheless interesting Kash is being so open about it. Comes across to me as marketing the idea to the public that “if you let us and corporate America spy on you, we will keep you safe”.
Yup, they followed up with a Super Bowl ad to that effect, and the negative response was so strong that Ring/Amazon immediately walked it back.
Yup. That's basically what happened with TikTok.
Gold colored Trump Router incoming
Dude don’t give them ideas, I live here
TBF the more stupid ideas we give them, the less time they have to do really bad things
like they actually spend time scamming people... they have people for that.
A promise of it not the actual router.
I can understand the FTC being involved because trade. But the FCC? Maybe regulatory authority over WiFi? But this seems like massive over reach.
Remember when conservatives claimed to support smaller government?
I only remember when conservatives lied everytime they opened their mouths.
Yeah, Reagan was always talking about small government, and then he blew up the deficit with unchecked spending. ¯\_(ツ)_/¯
I mean... "Small government" Republicans were always demonstrably lying, as far back as any of them have been alive. Every one of them just wanted to shift money from things that support people to the pockets of their donors.
How about the bit where they say home routers have to be approved by the DHS or the "Department of War"? This is not normal.
People not being sure what their router is actually doing is the issue. Instead of hoping for local manufactoring why not mandate against black box software running on the router? Mandate routers come with schematics like all electronics used to do? Promote computer literacy while you're at it.
But that would be a sensible approch and strengthen the consumer. Not in the interest of the oligarchy.
A nice thought. But the Great Unwashed Masses do not care. They want a Quick Start Guide that just says "Plug it in" and no other steps required. They want the black box because they don't want to learn and understand.
And that attitude is less about the oligarchy and a lot more about all lazy people.
Sorry, are you expecting the government, which is owned and controlled by the ruling class, to make legal changes which would go against their own interests? Haven't you been paying attention?
If you want change, there's only one way for us to get it, and it's through a social revolution.
Consumer grade.
Because if they try and ban cisco they'll collapse
Not manufactured in the US
First routers, then foreign operating systems, then cars…
The USA is doing an impressive job of sanctioning the USA.
Use openwrt.
Build your own open WRT router or get one of theirs. It's the best way to go and you don't get dragged through the monthly fee wringer for stupid child security or other stuff that is not well designed.
If you're building your own router I'd recommend OPNsense. I hear PFsense is also good.
Thanks! appreciate it.
Yea but the n100 I got to run it was made in China. I think I'm breaking the law now 🤣
You can always get your own non-router hardware of significantly higher quality and run PFSense or similar for an end result that blows any consumer grade router out of the water. Unless they start banning all PCs this is the better way to go anyway.
Yes. I run OPNsense and it's very good, and all you need is a machine with two or more Ethernet ports. But this option is becoming more expensive with the crazy prices of RAM and storage.
You can run pfsense on a gig of memory if you arent using Snort or pfblocker. I had this on a vps for an email gateway, worked fine. Adding block lists or services gooses memory usage though
Does the US really make their own routers pretty much all electronics come from the China.
I suspect what's going to happen is that the components will come from China and then some white label manufacturer will just put them together in the US, therefore they were "made" in the US so are okay. But it'll be literally the same chips and circuit board and firmware as before.
Won't even assemble them... they'll just buy, slap a made in USA and branding sticker, rebox, and sell at a 150% markup
TrumpiFi Gold incoming in 3... 2... 1...
It'll feature the B, G, N, E, P S T E and I bandwidths.
But in fact USA and Israel are the countries that spy on anyone. I am more concern about USA and Israel spying than from India and China. In this point in history USA and Israel are the enemy of the world.
All countries spy on each other.
I definitely agree about being more worried about the US spying than China though.
The only reasonable stance in 2026 is any government entity is just as much of a threat to an individual's well-being and livelihood as a criminal organization.
No one should be spying on you. Not the CCP. Not the US NSA/CIA, not Mossad, not anyone.
Unintentionally shutting down ai data centers. Lol, we know this will only be selectively enforced!
Well it does say consumer-grade. Not sure what the reasoning there is, as backdoors in enterprise equipment would be much worse for national security
A very speculative, cynical interpretation: something of value will be exchanged for the privilege of conditional approval.
enterprise equipment manufacturers have already paid the bribe.
Enterprise grade equipment comes with entire teams dedicated to securing it, with various overlapping services intended to identify and mitigate vulnerabilities. Along with enterprise level agreements around usage and support.
Consumer grade is just fire and forget, you're on your own.
And if thee is a back door that all means nothing.
What are you envisioning precisely when you say a "back door"?
You're absolutely right. Legalese makes fools of us all.
Outsourcing of manufactoring work is forbidden now? LOL
IMHO it is yet another scheme to make poor people pay more to rich people. And yet again nobody resists it.
It's that, and also an invitation to bribery, and also a demand for surveillance backdoors. And your router may need your biometric data to protect the children (but not from billionaire pedophiles).
Manufactured probable cause.
TPLink needed to get their shit in order for years. This has been cooking since 2019. However, this administration is just turned it into a bribery scheme.
Thus assuring the American public of using shitty American made junk filled with who knows what spyware, and paying two or three times what the piece of junk is worth.
So... who's getting the kickbacks out of this deal? Let me guess... does it wear a lot of orange makeup?
Isn't Mikrotik commonly used for servers? Or is that just Europe?
Anecdotally, I haven't run into a single Mikrotik deployment since university.
I worked for an MSP that sold those products for all use cases. The Mikrotik home routers(with wifi) are the best you can buy, if you can figure them out. Most people run at least one Ubquity ap to get higher band radio coverage for their homes.
I'll just keep building my own
Good luck Americans!
So this may be a good place to ask. With this news in mind does anyone have a good guide to follow to build your own router. I’ve read a little that a mini pc with more than one Ethernet port is the only requirement but I haven’t found any good guides yet, only articles on why you should.
If you search for "install OPNsense" or "install PFsense" you'll find quite a few guides. It's not difficult to get going with these, but you should expect a bit of a learning curve if you're coming from preconfigured home routers. It's worth it though: these are far more powerful systems than regular home router software and give you much more control and advanced features like VLANs and intrusion detection.
Thanks I appreciate it!
I have done a couple similar setups. Fun facts: cell towers have asymmetrical signal and if you are too close, your signal is bad. Those are hard ones to explain to farmers that have towers installed on their properties.
Landom of free!
glad a built my own last year.
i dont even know how this is going to work out in practice - who's going to start making routers in the US?
VPNs? I don't understand your question.
so wrote too soon i meant routers. no one physically makes them here
So buy a last gen router and then flash the update when you get it.