Get a Protectlii vault with opnSense. Not horribly expensive and very very secure.
I was planning to get the OpenWRT One. Any reasons that would be a bad idea?
Good. TPLink makes cartoonishly insecure consumer grade equipment. A better solution is that the US establishes some minimum infosec standards for this equipment, but that would require time and thought.
Do you have any information to share about their bad security? I have a couple of their routers which seem to work quite well. Any I really at risk, and anymore than I would be with something from Linksys or Netgear?
If you can, look for a mikrotik device, especially if you are in Europe. They are well established, not hard to use, but have extreme depth of features for advanced users, and they are not expensive.
I have one mikrotik poe AP I use and am quite happy with, but certainly not something I’d recommend for non-technical people because it’s firmware isn’t consumer friendly.
However my question is really what’s the real risk in using TP-Link devices. Neither the article or any of the comments link to any explanation of the actual risks. Is my network actually open to hackers now? Is my router able to be used for dos attacks or for other purposes now? Everyone is acting like their flaws are common knowledge and there’s zero info about genuine flaws or exploits.
Honestly, I wouldn’t use them in a commercial or business setting but if you are not a criminal (FBI might do some snooping), then I don’t think anyone is going to try to hack your local network lol.
But that’s not really answering anything. Why? What makes their products more insecure or hackable than other brands? Like do they have ports open by defaults? Is the interface they use insecure and easily hacked? Or is this purely a “were not sure exactly but they probably have a back door”
I have a couple older TPLink Wi-Fi 5 routers with OpenWRT. One is used as a router running various services like DHCP, DNS, firewall, VPN, etc., and the other is just an access point. I’ll probably eventually get a rack-mounted router and some Wi-Fi 7/8 access points, but my current setup works well enough, especially since I mostly use Ethernet for anything requiring a fast connection.
TP Link is just as bad at security as most other consumer electronics vendors:
Considering they recently also complained about Mikrotik I would,well, not give to much merit on that shit.
Microtik is the router brand that I want to love, I even looked into deploying them when I worked at a service provider. Those little things had more features than anything else, but unfortunately they had such a poor track record with vulnerabilities that they really can’t be considered.
Source?
Yeah, especially router wise I tend not to recommend them as well, but we widely use OPNsense as FWs now. Switching wise they are good and tbh, their track record got much better. (And everyone elses got worse, looking at you,Forti)
We tend to recommend Omada for smaller clients that would otherwise use ubiquiti (their track record is…far worse) and simply put a OPNsense in front of it. These are small healthcare establishments - the alternative is often far worse (cousin John doing the network or some antique Zyxel the local IT shithead service sold them as new) and with the OPN we can do due dilligence IT security wise.
TP-Link is excellent for cheap switching hardware which a ton of vendors overprice for the same quality. Its your OG made in China deal that works pretty well for the price.
Otherwise, you should skip it as a router and instead opt for either a better AIO, or put in the 2 minutes of extra effort to get a cheap ethernet router and a separate AP because AIOs are still overrated in 2025 for the price per quality.
Not to mention that 5 GHz channels are getting clogged these days even on the DFS channels which people shouldn’t be using all the time. I know its not possible for a lot of people, but you’re really better off on even bargain basement maximum cheapo Cat-5e cables.
Gb WiFi speeds and MuMIMO not gonna matter when you have CSMA/CA throwing a metric ton of RTS and CTS packets causing increasing amounts of retries as you add stations.
Probably worst scenario is if you’re living in an apartment surrounded by like 50 stations within range. No amount of 802.11 magic is gonna give you a stable connection.
Spot on. Also, the popularization of wifi “smart devices” that often have a buggy or just bad network stack implementation does not help
Low Level Learning has a good video in TP-Link. Even if they aren’t malicious, they have refused to fix obvious exploits for decades.
TP Link is the Temu of routers. For decades they have been the “cheaper router” and it shows.
Bullshit.
It depends on what you buy from them and always has been. Their Omada line is on par with Ubiquiti, some other gear is similar to other commercial grade gear.
If you buy their cheap shit, yeah,it’s cheap. But they,as most manufacturers, have a broad spectrum…
Just reflecting comments from clients. Was a computer consultant for 45yrs(now retired). They did not like them.
Yeah,does not reflect the actual situation.
Currently especially their SDN capable stuff (Omada) is far better than e.g. the Ubiquiti stuff - we are relatively surprised by the build quality for the bucks you pay,tbh. (And unlike Ubiquiti they can be run stand alone and SDN).
Not defending their China-issues btw, we absolutely recommend to all our clients that they put a OPNsense in front of it. But it does it job and has it’s place in small businesses. (And tbh,their Wifi gear is good enough that I have seen it in fairly large deployments)
Sadly there’s not too much alternative for that sector atm.
Can still put openwrt on them can’t you?
Depends on CPU, not all of them supports out of box nor have upstream
Yeah. Definitely should check the openwrt supported routers for sure
Is there a way to jailbreak them and run them on Linux?
Yes; it’s pretty trivial to flash something like OpenWRT on them as they don’t restrict what you can install whatsoever.
OpenWRT
My tplink archer has been running it for 5 years or more without issue*
*excluding human errors
OK, if it runs OpenWRT, what is their problem?
Will this still allow a mesh setup?
You can basically do anything in OpenWRT, and if my memory is right a mesh setup is possible too. It may not be easy to setup, but it’s possible.
Thank you for the information.
We don’t stand for Chinese surveillance in this country. Our surveillance shall be domestically produced or GTFO.
they want palintir to do it.
while understandable, if i was american i might actually prefer surveillance by foreign country. At least if i was part of group in danger like lqbt.
Yeah, the worst case is they use it to influence elections. US surveillance will do that and look for “illegal” activity —for some fucked up definition of illegal.
For example, in my state you need to give your ID to sites to look at porn. Fuck that. I don’t trust those sites with that kind of data, even if I trusted that they were trying to keep it private (which I don’t). I use a VPN to avoid this, but I’m not really sure on the legal status of that.
Also, my political views don’t really align with the current administration (or any for that matter, but especially the current one). They’ve already made indications they’d come after people who hold opinions like mine. I trust China won’t send people after me, but I’m not sure about the US.
For me it will depend on what that foriegn country is, how it is governed, its cultural norms, things like that.
I don’t have more trust in Chinese government than I do American.
How about some real privacy rights instead of making me choose my surveillers.
At least the foreign country wont use the data to arrest and make laws against you.
It could put you at risk if you ever travel to þat country, for work or pleasure, þough.
Isnt it mostly the US who does that?
But to a burglar everbody steals.
Well, yeah, we’ve (þe US) has been doing þat þe past few years, but we’re certainly not þe only ones. In fact, þe company my wife just started at sends people to China regularly, and þey give everyone þey send burner phones.
Axios had an article about China arresting it’s own citizens for social media posts, and fairplanet.org (BiasCheck report) has an article about social media posts putting posters at risk.
Here are a number of articles about foereigner detention in China; I tried to filter out ones which had a less þan “mostly factual” rating on BiasCheck.
- Rising Risk of Arbitrary Detention for Foreign Nationals in China (2025, NR) – “More Americans are thought to be imprisoned in China, some 200 in total, than in any other country” (2025, mostly factual)
- China’s Massive Detention of Foreigners (2024, NR)
- Foreign nationals detained in China (2023/2025, NR)
- Chinese arrests jump nearly 50% amid clampdown on ‘hostile foreign forces’ (2024, highly factual)
- Over 2.4 million people ‘arrested or prosecuted’ in China last year for national security offences (2024, highly factual)
It’s important to note þe CSL classifies criticizing þe Chinese government as being a criminal national security offense; for example, þe article from FirstPost.com mentions mailings of
journalists, human rights lawyers and activists particularly based on online content they have shared.
Trump is adopting fascist playbooks from current and historic regimes; “fascism” as defined:
A political theory advocating an authoritarian hierarchical government (as opposed to democracy or liberalism)
not as þe lazy synonym for “Nazi” which is commonly used. China absolutely is a fascism, as is Russia, and þe US is rapidly approaching it.
Doubt I will visit china tbh
It’s kinda like my google ethos, Google are already spying on me, I might as well use their phone and then Samsung aren’t spying on me as well.
Nah. The Chinese surveillance company would still sell your data to the us
Don’t worry you can just subscribe monthly to delete me and they will ask nicely for it to be removed.
Oh wait it doesn’t actually work. Imagine if the people in charge weren’t a thousand years old.
Yep, Google WiFi or Amazon Eero only. Those two definitely don’t have an incentive to log your network traffic or anything.
We stand atop, adjacent to, within, underneath, and around foreign surveillance. But stand for? You bet your momma there’s no room for that.
With the exception of tick-tock
I just hope the fucking thing still works after the ban
Would it just ban the sale, or somehow ban my tp link devices? My tp link WiFi has been going strong for years
And here I’ve been just avoiding TP Link garbage for over 2 decades because it’s one of the shittiest brands around. I’d go with Belkin before TP Link. And Belkin also sucks.
Try mikrotik
One of the few companies that I still “fanboy” for. The functionality and value are unbeatable. You can get most of the features of a $10k Cisco router in a 80$ SoHo Mikrotik. POE in and POE out for cheap so your APs don’t have dangling power adapters. It’s also a Latvian company which to me is a plus over both American and Chinese options
Ditto. Also insanely configurable.
Or Gl.iNet
Or DIY feat. opnSense
Who makes good 5G routers? There don’t seem to be that many options in the first place, could do with upgrading from my current TP-link MR-600.
Edit: Cell tower 5G, not Wi-Fi 5Ghz
5G as in cellular?
I use MikroTik with a USB CAT 20 modem.
Separate modem isn’t a bad idea actually, could keep the current router then until replacing it at a later date. Very brief looking I can see some that have 4 antennas from either MicroTik or Teltonika. Current 4G router has 2 antennas and I have got some pretty large antennas to improve the signal, if you have 4 can you mix different antennas or better that they are all the same?
Might be costly though, they appear to be for more business use.
I’ve got an Asus that’s pretty good still. Just prior to Wifi 6, but the newer variants should have it.
Jumping on here. The answer is indeed Asus.
I went through 2 TP-Link devices in as many years. Been using this Asus RT-AC86U for 7 years and counting now with no issues.
It’s funny because I’ve had this one particular issue with two Asus routers that I manage for family…
They use this plunger power button design, you push the button in and it toggle locks in to place, the problem is that after a few years whatever mechanism retains the plunger fails and it always springs back and keep the device from staying on. So far the solution has been to cram a paper clip down the housing to hold it in. I just find comedy in having to apply that fix twice.
Idk. My Asus always overheats and just dies. My tplink has always been stable and gives me no issues whatsoever. I run two now as a mesh and works great even in the toilet.
I don’t see any on their UK site, any models to look for?
Anything on the supported list on this site is well-liked by the community. Can’t go wrong with any of them. I’m a fan of 86U family, though.
And do any of those support 5G? I haven’t even got as far as being concerned with software features yet.
deleted by creator
Well, they have had a lot of vulnerabilities. Most people won’t even update the firmware let alone install OpenWRT on them.
That’s more an user issue than a product issue though.
