The FCC maintains a list of equipment and services (Covered List)
that have been determined to “pose an unacceptable risk to the
national security
Recently, malicious state and non-state sponsored cyber attackers
have increasingly leveraged the vulnerabilities in small and home
office routers produced abroad to carry out direct attacks against
American civilians in their homes.
Vulnerabilities have nothing to do with country of manufacture. They have always been due to manufacturers' crap security practices. Security experts have been trying to call attention to this problem for 2 decades.
Manufacturers have never had to care about security because no Gov agency would ever mandate secure firmware. This includes the FCC which license their devices and the FTC who (until recently) had the direct mandate to protect consumers.
Our most recent step backward was to gut those agencies of any ability to provide consumer oversight. All they they can do now is craft protectionist policies that favor campaign donors.
The US has a bazillion devices with crap security because we set ourselves up for this.
Seems like now is as good a time as any for people who know how to do this to build their own routers with Pfsense, Opnsense, ClearOS, or one of the many other firewall/router distros out there.
You can get an old desktop or laptop that's more than good enough to be a router for basically nothing (or sometimes literally nothing) on Craigslist or Ebay. I suspect pretty much anyone who frequents this forum could probably figure out how to do it with a YouTube tutorial. Routers are pretty dumb computers, so you don't need something top of the line.
Even if you want higher speed than the ethernet port built into the computer, you can buy old dual-port 10GbE PCIe cards for less than $50 on eBay as well.
I've been running my own custom thing with NixOS for a couple years now, and it's been working great, and before that I ran ClearOS for a couple years, and before that I ran OpnSense for a couple years. They all work fine, and they're not too hard to set up. I recommend it to anyone who can figure out how to do it.
This part of the press release seems pretty crucial:
> Producers of consumer-grade routers that receive Conditional Approval from DoW or DHS can continue to receive FCC equipment authorizations.
In other words, foreign-made consumer routers are banned by default. But if you are a manufacturer, you can apply to get unbanned ("Conditional Approval").
If you (a manufacturer) apply, they want information regarding corporate location, jursidiction, and ownership. They want a bill of materials with country of origin and a justification for why any foreign-sourced components can't be domestic. They want information about who provides software and updates. And they want to hear your plan to increase US domestic manufacturing and progress toward that goal.
So, foreign-made consumer routers can still be sold, but they are going to look at them with a fine-tooth comb, and they are going to use FCC approval as leverage to try to increase domestic manufacturing.
Next they'll come for our OpenWRT-flashable equipment.
I've already done everything the article says to do years ago, but what happens when this equipment dies? Can I get a replacement, and is it flashable? I currently use "routers" as access points because it's the cheapest way to get an AP for OpenWRT.
The FCC is bypassing the public comment period by having the DOD classify this as a national security concern. This is blatant collaboration between agencies to expand their respective authorities into a new amalgamation that stretches far beyond their congressional authorization.
A little rich coming from the administration that supports a strict view of the major questions doctrine. They have no problem kneecapping the EPA. But the communications commission has the right to ban all drones (and not the FAA for example).
I'd say I'm shocked but I am not. Their next order forcing backdoors will be secret.
Does it occurs to someone that in this time of encryption backdoor and such, this is also a good starting point to another mass surveillance system ? Mandate US manufacturers to embed remote access for the use of the government, then as you've made those routers the only ones authorized on the us soil (let's not be foolish about that approval process, it will be a smoke screen) you basically have a backdoor to every citizen home.
Yes china routers are a liability, but free trade and open market ensure at least one thing that's essential : no single state has surveillance capability on its entire population
This is the same thing they did to drones. It's corruption. It doesn't even make sense from an extreme isolationist point of view, because there's no path to create domestic manufacturing.
I'm guessing the rest of this looks like drones, too: FCC approval is given only to American companies that bribe members of the administration, and they raise prices through the roof. The routers are still manufactured overseas and there's no improvement in security.
Can't wait to see the price of the first US made home router. We [USA] really need a formal designation of trusted supply chain partners. Would improve security and make a useful bargaining chip.
(reposting this comment from the other thread which discusses the same topic, I'm sorry for any trouble that may cause)
From one side, that sure... does have some point. Well, I mean, one could potentially install some kind of a backdoor on the networking hardware they produce, and if it's state-controlled, then it could potentially be a threat.
From the other side, though...
That's crazy. Maybe I'm missing something obvious, or maybe I'm just stupid, I don't know; but at this point, with almost no manufacturing in the USA, this feels like shooting yourself in the foot. Or rather, it's like shooting yourself straight up in the head if manufacturing will not be efficiently (so it can satisfy the demand) moved to the USA (which is a big challenge).
This will keep expanding until a lot of radio equipment is locked down. This is an obvious first move, but the fundamental problem is there's nothing stopping your hacked radio equipment from usefully spying on whoever is in range, to a degree that simply isn't appreciated even around here.
It's also a quasi inevitable side effect of the push to encrypt all communication back to the cloud, since now it's too easy for malicious devices to hide what they're sending back.
Back to wearing the tin foil hat in my faraday cage.
Considering this is after Loper Bright Enterprises v. Raimondo (2024), it will be interesting to see if this holds up to judicial scrutiny.
The FCC's power just got substantially nerfed, and "we've decided to slow lane all foreign-made routers" feels like that may have been beaten on the old, higher, standard. Let alone the new one that gives the FCC almost no power.
For the device manufacturers, the obvious solution is to sell them as general-purpose computers. You can already get devices that had started out as Raspberry Pi clones but evolved into excellent DIY network appliances, with multiple high-speed Ethernet and SSD ports that are great for running a NAS, proxy server, firewall, or all three, and more. Rarely do they have good WiFi, but if manufacturers start selling hardware that has been traditionally sold as a locked-down routers or access points, but include a generic Linux installation, it'll compete will well with the aforementioned hardware.
One purpose for taxes is to shape behavior. If the behavior they wish for is to have more manufacturing in the US, you increase the taxes of outsourcing it. IOW, you make it more desirable to manufacture locally.
I just bought a new router 6 months ago to support wifi 7. Hopefully manufacturers will be willing to jump through the hoops for long term support. Don't want to Flash OpenWrt.
What exactly does "produced" mean in this context? That the final assembly was done here, software was written here, PCB was assembled here, SoCs and ICs wwre manufactured here, or something else? Regardless, while consumer routers are 9 of 10 times insecure garbage, it's hard to think of any that aren't manufactured outside the US.
Prediction: there will appear new "Made in the USA" routers that differ from some Chinese model only by the label. Already the case in Russia for e.g. powerbanks.
This would be so much less of a pain if decent wifi pcie cards were available.
It's all a bunch of very expensive kind of dodgy Compex cards, used for industrial or prototype purposes. Be prepared to spend $300+ for a single 4x4 MIMO card. And then you want to go dual band right?
Thankfully the MediaTek offerings are somewhat available and much much much cheaper, but reports are that driver quality is just absymal.
Meanwhile the openwrt table of hardware for wifi 6 and wifi 7 is a bare trickle already, and inceasingly not consumer routers but SBC. Thanks for the FCC messing things up brutally already, back in 2015, with requirements to make sure users couldn't possibly do anything out of spec, requiring these systems to be locked down. They almost banned open source outright, but in practice it feels like the requirements are high enough that they practically did. https://toh.openwrt.org/?features=wifi_behttps://arstechnica.com/information-technology/2016/03/tp-li...
Frelling FCC! What dastardly deeds done against civilization! We would be so much more secure & protected, the bar would be so much higher if open source / openwrt was allowed to compete. You messed everything up already!!
I would be more impressed if they would ban all enterprise routers manufactured in China. I have had to continuously patch and meticulously mitigate severe vulnerabilities and bugs in Cisco, Dell, HPE, Extreme, Arista routers, switches, fabrics, and others. These are all manufactured in China, Taiwan, Hong Kong, Vietnam, Malaysia, Thailand, and probably elsewhere in the Greater China region... Actually I take it all back. I wish they would just ban companies from shipping bad code and sanction them for causing millions of hours of required labor to ensure their manufacturing defects do not harm businesses and their customers. Thank you for your attention to my chatter.
Yeah, it does sound like this should be focused on verifying firmware, including all future updates. If a Chinese company builds the router at a US Foxconn site, it is still the same situation.
If worried about supply chain and inside jobs, I worry more about the IoT widgets I have. They are already inside the LAN, can access the internet, etc.
Anyway, bribes aside, this is probably just a talking point and not much actually changes.
As someone who works with networking (consumer prosumer enterprise everything) the problem is far more complex than : make it open.
Manufacturers can support devices for long but it costs money which the consumers / businesses aren’t willing to pay or value. Cybersecurity is a joke and the general consensus is : we will pay for things as and when there is a fire. We don’t put a price on prevention because we can’t really show it to shareholders how we profited from not being attacked since we blocked those. So we create an arbitrary certification and pass things according to it. This certification doesn’t say anything about firmware. But if we do get attacked then we can convince the shareholders to spend money on better equipment this financial year and then not bother until the next time we have a problem.
Some of these certifications focus on what the devices allow you to do (like acls and firewalls) and see if they pass these tests. But actually looking at the firmware and finding vulnerabilities is not in scope.
The escalation path is probably: have some relationship to an entity that doesn't care about you -> make sure that entity becomes your enemy -> the enemy now has an incentive to see you as an enemy -> you must now be afraid of your new enemy.
my instinct is open source is part of the answer. the market monetizes with differentiation on the open source base, support, hardware, etc. vibrant enough market = the foss is secure (always a relative term) and continues to evolve, partially paid for by the companies who are monetizing
Because of this, I'm going to plan my next network upgrade based on open source hardware like Banana Pi. My setup is based on WiFi 7 so this might not apply for a few years. From my understanding, the hardware from proprietary manufacturers is sufficiently advanced to do some advanced surveillance and spyware, whereas previous generations didn't require advanced processing to achieve fiber optic speeds. Back to the original statement, it's clear that the threat of surveillance exists.
Personally, I don't make the distinction between foreign and domestically produced routers in America. In fact, I trust foreign produced routers more because the likelihood that they can act upon their surveillance is significantly lower than the current American regime's oppressive and malicious tactics. Therefore, open source routers provides enough transparency to effectively eliminate spyware threats from all angles while being compliant.
I'm especially excited about the Banana Pi because of the transparency and potential of modular upgrades. Whenever there's a network issue, I have to consider whether the manufacturer (American or not) is doing something nefarious. With a Pi based router, I have much more peace of mind with network debugging issues.
To clarify (since the headlines of many articles about this aren't clear about it), this states that it prohibits approval of new Models, so any models that already cleared FCC certification can still be sold in the US, even if they're made overseas.
This is for newly released models that still need to get FCC certification.
Am I reading this correctly? Existing routers in houses can only get firmware updates until the end of March 2027 then they need some kind of approval? How is that more secure?
The Spirit of this law __must__ also now apply to SoCs produced by non-allied nations that feature USFCC-approved RF microelectronics, such as __ESP32__ Here's to hoping USFCC gets around to also reflecting this in the Letters of this law sooner, rather than later.
This is terrible, perhaps the worst thing this administration has done (which is an incredibly high bar.)
Because it provides a pathway to full government control of the internet.
Content that demonizes the current administration's enemies will become easier to find. Evidence of their crimes will vanish.
When they murder someone in the street, fewer people will find out about it, and those that do will be more likely to hear the government's side of the story.
Mobile networks are already owned by the billionaires, and they've shown plenty of willingness to shape traffic for their interests.
Managing this kind of information at scale is an incredible challenge, but one that LLMs are very well suited for.
Even if you are confident the current administration doesn't have the competence or longevity to exploit this (as I mostly am,) we can easily predict future admins of either party will happily make use of these capabilities.
Bad for the US, but also very bad for the world, because it will make it much easier to manufacture consent for or hide future international crimes committed by the government.
We've excused the complete loss of traditional journalism with a reliance on the Internet instead. Not anymore.
Can savvy individuals work around it, of course. But the general public will treat them like conspiracy theorists, because all they will see is content that reinforces the administration.
The technical discussions in here sound like: "silly Caligula, his horse won't be able to sign his name to cast a vote in the Senate."
will this be like "product of USA" potatoes?, where a canadian truck full of bags of potatoes backs up to a special border facility, and the bagged potatoes are put on a conveyor, dumped out, conveyed........, and then rebagged,thereby becoming american product!
Does the router ban really only pertain to consumer-grade networking devices?
> For the purpose of this determination, the term “Routers” is defined by National Institute of Science and Technology’s Internal Report 8425A to include consumer-grade networking devices that are primarily intended for residential use and can be installed by the customer. Routers forward data packets, most commonly Internet Protocol (IP) packets, between networked systems. ¹
> A “consumer-grade router” is a router intended for residential use and can be installed by the customer. Routers forward data packets, most commonly Internet Protocol (IP) packets, between networked systems. Throughout this document, the term “router” is used as a shorthand for “consumer-grade router.” ²
There doesn't seem to be a general ban for foreign-made professional routers, just for some Chinese manufacturers, right³?
Oh, and what does "produced by foreign countries" even mean? I couldn't find any definition. Is this meant to be the country of final assembly? Would importing a Chinese router and the flashing the firmware in the USA be sufficient to be exempt? Where is the line drawn usually?
To me, this is a deeply dangerous situation for the state & for the population, where it is nearly impossible for consumers and businesses to purchase gear that they can secure. Where we are at the mercy of what is on the market, and no actual securing of our own can occur.
The FCC claimed in 2015 they were not trying to forbid open source systems, but the additional compliance demands they have made unsupportable unsecurable devices the default state: the FCC mandated companies make sure the users dont have freedom, make sure the wifi performance is locked down, and the most obvious path to that end is to just lock out the user entirely. Open source isn't outlawed, but the FCC turned a good working amazing open source movement into something that is incredibly rare and hard to do. The FCC assurances (https://www.eff.org/deeplinks/2015/11/free-router-software-n...) have not proven true (https://news.ycombinator.com/item?id=11122966): everything has gotten worse for security & availability (https://news.ycombinator.com/item?id=11122966).
If you actually read the notice, it exempts models that have been approved. So this just seems to require approvals by DOH or DHS ,": Routers^ produced in a foreign country, except routers which have been granted a Conditional Approval by DoW or DHS." I take this to mean it is just adding security approvals for this type of thing to DOw and DHS. It is not a ban of all future models. It's just saying explicitly that instead of having to review models already in the market and determine that they should be removed because of nation state or other security concerns they are reviewing them before they go to market. Would be nice if people actually read it instead of hyperventilating.
What the fuck?! I did not sign up to live in some third world shithole where I can't get first-world networking equipment. I do not want some piece of shit closed-source proprietary netgear ameritrash. FUCK! Give me back my god damn chinese routers!
Chinese citizens have more computing freedom than American citizens at this point. What the fuck happened to the land of the free?
FCC updates covered list to include foreign-made consumer routers
(fcc.gov)456 points by moonka 22 hours ago | 389 comments
Comments
Manufacturers have never had to care about security because no Gov agency would ever mandate secure firmware. This includes the FCC which license their devices and the FTC who (until recently) had the direct mandate to protect consumers.
Our most recent step backward was to gut those agencies of any ability to provide consumer oversight. All they they can do now is craft protectionist policies that favor campaign donors.
The US has a bazillion devices with crap security because we set ourselves up for this.
You can get an old desktop or laptop that's more than good enough to be a router for basically nothing (or sometimes literally nothing) on Craigslist or Ebay. I suspect pretty much anyone who frequents this forum could probably figure out how to do it with a YouTube tutorial. Routers are pretty dumb computers, so you don't need something top of the line.
Even if you want higher speed than the ethernet port built into the computer, you can buy old dual-port 10GbE PCIe cards for less than $50 on eBay as well.
I've been running my own custom thing with NixOS for a couple years now, and it's been working great, and before that I ran ClearOS for a couple years, and before that I ran OpnSense for a couple years. They all work fine, and they're not too hard to set up. I recommend it to anyone who can figure out how to do it.
> Producers of consumer-grade routers that receive Conditional Approval from DoW or DHS can continue to receive FCC equipment authorizations.
In other words, foreign-made consumer routers are banned by default. But if you are a manufacturer, you can apply to get unbanned ("Conditional Approval").
In the FAQ (https://www.fcc.gov/faqs-recent-updates-fcc-covered-list-reg...), they even include guidance on how to apply: https://www.fcc.gov/sites/default/files/Guidance-for-Conditi...
If you (a manufacturer) apply, they want information regarding corporate location, jursidiction, and ownership. They want a bill of materials with country of origin and a justification for why any foreign-sourced components can't be domestic. They want information about who provides software and updates. And they want to hear your plan to increase US domestic manufacturing and progress toward that goal.
So, foreign-made consumer routers can still be sold, but they are going to look at them with a fine-tooth comb, and they are going to use FCC approval as leverage to try to increase domestic manufacturing.
I've already done everything the article says to do years ago, but what happens when this equipment dies? Can I get a replacement, and is it flashable? I currently use "routers" as access points because it's the cheapest way to get an AP for OpenWRT.
A little rich coming from the administration that supports a strict view of the major questions doctrine. They have no problem kneecapping the EPA. But the communications commission has the right to ban all drones (and not the FAA for example).
I'd say I'm shocked but I am not. Their next order forcing backdoors will be secret.
Yes china routers are a liability, but free trade and open market ensure at least one thing that's essential : no single state has surveillance capability on its entire population
I'm guessing the rest of this looks like drones, too: FCC approval is given only to American companies that bribe members of the administration, and they raise prices through the roof. The routers are still manufactured overseas and there's no improvement in security.
From one side, that sure... does have some point. Well, I mean, one could potentially install some kind of a backdoor on the networking hardware they produce, and if it's state-controlled, then it could potentially be a threat.
From the other side, though...
That's crazy. Maybe I'm missing something obvious, or maybe I'm just stupid, I don't know; but at this point, with almost no manufacturing in the USA, this feels like shooting yourself in the foot. Or rather, it's like shooting yourself straight up in the head if manufacturing will not be efficiently (so it can satisfy the demand) moved to the USA (which is a big challenge).
It's also a quasi inevitable side effect of the push to encrypt all communication back to the cloud, since now it's too easy for malicious devices to hide what they're sending back.
Back to wearing the tin foil hat in my faraday cage.
The FCC's power just got substantially nerfed, and "we've decided to slow lane all foreign-made routers" feels like that may have been beaten on the old, higher, standard. Let alone the new one that gives the FCC almost no power.
Are there even consumer-grade routers that are produced in the USA...?
Effectively banning all consumer routers.
Previous example: https://news.ycombinator.com/item?id=37392676
One purpose for taxes is to shape behavior. If the behavior they wish for is to have more manufacturing in the US, you increase the taxes of outsourcing it. IOW, you make it more desirable to manufacture locally.
Numerous papers showing the ability to easily map indoors areas with WiFi (including occupancy) it’s a liability.
There will be excuses “tariffs” etc but I heard a few have gotten calls from three letter agencies coyly telling you to improve your systems.
It’s a chance to refresh the product line! (of course at the worst time when mem prices are bleed you dry high)
It's all a bunch of very expensive kind of dodgy Compex cards, used for industrial or prototype purposes. Be prepared to spend $300+ for a single 4x4 MIMO card. And then you want to go dual band right?
Thankfully the MediaTek offerings are somewhat available and much much much cheaper, but reports are that driver quality is just absymal.
Meanwhile the openwrt table of hardware for wifi 6 and wifi 7 is a bare trickle already, and inceasingly not consumer routers but SBC. Thanks for the FCC messing things up brutally already, back in 2015, with requirements to make sure users couldn't possibly do anything out of spec, requiring these systems to be locked down. They almost banned open source outright, but in practice it feels like the requirements are high enough that they practically did. https://toh.openwrt.org/?features=wifi_be https://arstechnica.com/information-technology/2016/03/tp-li...
Frelling FCC! What dastardly deeds done against civilization! We would be so much more secure & protected, the bar would be so much higher if open source / openwrt was allowed to compete. You messed everything up already!!
If worried about supply chain and inside jobs, I worry more about the IoT widgets I have. They are already inside the LAN, can access the internet, etc.
Anyway, bribes aside, this is probably just a talking point and not much actually changes.
Manufacturers can support devices for long but it costs money which the consumers / businesses aren’t willing to pay or value. Cybersecurity is a joke and the general consensus is : we will pay for things as and when there is a fire. We don’t put a price on prevention because we can’t really show it to shareholders how we profited from not being attacked since we blocked those. So we create an arbitrary certification and pass things according to it. This certification doesn’t say anything about firmware. But if we do get attacked then we can convince the shareholders to spend money on better equipment this financial year and then not bother until the next time we have a problem.
Some of these certifications focus on what the devices allow you to do (like acls and firewalls) and see if they pass these tests. But actually looking at the firmware and finding vulnerabilities is not in scope.
This is kind of a boneheaded way of handling whatever issues they're claiming.
Thats what this is all about: government level blackmail.
I switched away from Omada to Ubiquiti, because of TP Link’s problems.
I can’t think of a complete start to finish, OS to mosfets, computer that is 100% manufactured in the United States.
[0] https://mono.si/
Personally, I don't make the distinction between foreign and domestically produced routers in America. In fact, I trust foreign produced routers more because the likelihood that they can act upon their surveillance is significantly lower than the current American regime's oppressive and malicious tactics. Therefore, open source routers provides enough transparency to effectively eliminate spyware threats from all angles while being compliant.
I'm especially excited about the Banana Pi because of the transparency and potential of modular upgrades. Whenever there's a network issue, I have to consider whether the manufacturer (American or not) is doing something nefarious. With a Pi based router, I have much more peace of mind with network debugging issues.
This is for newly released models that still need to get FCC certification.
> Firmware updates for existing covered devices are allowed, but only through March 1, 2027.
Good luck enforcing that with libre firmware without being sued with some amendment until oblivion and the FCC -the irony- gets sued like crazy.
[cue https://youtu.be/EnIm71jRb_o]
Because it provides a pathway to full government control of the internet.
Content that demonizes the current administration's enemies will become easier to find. Evidence of their crimes will vanish.
When they murder someone in the street, fewer people will find out about it, and those that do will be more likely to hear the government's side of the story.
Mobile networks are already owned by the billionaires, and they've shown plenty of willingness to shape traffic for their interests.
Managing this kind of information at scale is an incredible challenge, but one that LLMs are very well suited for.
Even if you are confident the current administration doesn't have the competence or longevity to exploit this (as I mostly am,) we can easily predict future admins of either party will happily make use of these capabilities.
Bad for the US, but also very bad for the world, because it will make it much easier to manufacture consent for or hide future international crimes committed by the government.
We've excused the complete loss of traditional journalism with a reliance on the Internet instead. Not anymore.
Can savvy individuals work around it, of course. But the general public will treat them like conspiracy theorists, because all they will see is content that reinforces the administration.
The technical discussions in here sound like: "silly Caligula, his horse won't be able to sign his name to cast a vote in the Senate."
Really, do they have a definition?
> For the purpose of this determination, the term “Routers” is defined by National Institute of Science and Technology’s Internal Report 8425A to include consumer-grade networking devices that are primarily intended for residential use and can be installed by the customer. Routers forward data packets, most commonly Internet Protocol (IP) packets, between networked systems. ¹
> A “consumer-grade router” is a router intended for residential use and can be installed by the customer. Routers forward data packets, most commonly Internet Protocol (IP) packets, between networked systems. Throughout this document, the term “router” is used as a shorthand for “consumer-grade router.” ²
There doesn't seem to be a general ban for foreign-made professional routers, just for some Chinese manufacturers, right³?
Oh, and what does "produced by foreign countries" even mean? I couldn't find any definition. Is this meant to be the country of final assembly? Would importing a Chinese router and the flashing the firmware in the USA be sufficient to be exempt? Where is the line drawn usually?
¹) https://www.fcc.gov/sites/default/files/NSD-Routers0326.pdf
²) https://nvlpubs.nist.gov/nistpubs/ir/2024/NIST.IR.8425A.pdf
³) https://www.fcc.gov/supplychain/coveredlist
But largely thanks to FCC demands, the list of router hardware that can run open source operating systems such as OpenWRT has dwindled to a trickle. There's very precious few wifi 7 / BE systems available, and only a few wifi 6! it's ghastly. https://toh.openwrt.org/?features=wifi_be https://toh.openwrt.org/?features=wifi_ax
To me, this is a deeply dangerous situation for the state & for the population, where it is nearly impossible for consumers and businesses to purchase gear that they can secure. Where we are at the mercy of what is on the market, and no actual securing of our own can occur.
The FCC claimed in 2015 they were not trying to forbid open source systems, but the additional compliance demands they have made unsupportable unsecurable devices the default state: the FCC mandated companies make sure the users dont have freedom, make sure the wifi performance is locked down, and the most obvious path to that end is to just lock out the user entirely. Open source isn't outlawed, but the FCC turned a good working amazing open source movement into something that is incredibly rare and hard to do. The FCC assurances (https://www.eff.org/deeplinks/2015/11/free-router-software-n...) have not proven true (https://news.ycombinator.com/item?id=11122966): everything has gotten worse for security & availability (https://news.ycombinator.com/item?id=11122966).
Is this just another mass surveillance operation?
Chinese citizens have more computing freedom than American citizens at this point. What the fuck happened to the land of the free?