FCC updates covered list to include foreign-made consumer routers

buzer

> all consumer-grade routers produced in foreign countries Are there even consumer-grade routers that are produced in the USA...?

weightedreply

Will this impact the Mono Gateway[0]? [0] https://mono.si/

WarOnPrivacy

The FCC maintains a list of equipment and services (Covered List) that have been determined to “pose an unacceptable risk to the national security Recently, malicious state and non-state sponsored cyber attackers have increasingly leveraged the vulnerabilities in small and home office routers produced abroad to carry out direct attacks against American civilians in their homes. Vulnerabilities have nothing to do with country of manufacture. They have always been due to manufacturers' crap security practices. Security experts have been trying to call attention to this problem for 2 decades. Manufacturers have never had to care about security because no Gov agency would ever mandate secure firmware. This includes the FCC which license their devices and the FTC who (until recently) had the direct mandate to protect consumers. Our most recent step backward was to gut those agencies of any ability to provide consumer oversight. All they they can do now is craft protectionist policies that favor campaign donors. The US has a bazillion devices with crap security because we set ourselves up for this.

Someone1234

Considering this is after Loper Bright Enterprises v. Raimondo (2024), it will be interesting to see if this holds up to judicial scrutiny. The FCC's power just got substantially nerfed, and "we've decided to slow lane all foreign-made routers" feels like that may have been beaten on the old, higher, standard. Let alone the new one that gives the FCC almost no power.

WarOnPrivacy

If we wanted secure products, we wouldn't ban devices. We'd mandate they open their firmware to audits.

jscheel

And exactly how many consumer routers are not foreign made?

sam345

If you actually read the notice, it exempts models that have been approved. So this just seems to require approvals by DOH or DHS ,": Routers^ produced in a foreign country, except routers which have been granted a Conditional Approval by DoW or DHS." I take this to mean it is just adding security approvals for this type of thing to DOw and DHS. It is not a ban of all future models. It's just saying explicitly that instead of having to review models already in the market and determine that they should be removed because of nation state or other security concerns they are reviewing them before they go to market. Would be nice if people actually read it instead of hyperventilating.

bibimsz

I'd gladly buy an American-made router if one existed!

adrianmonk

This part of the press release seems pretty crucial: > Producers of consumer-grade routers that receive Conditional Approval from DoW or DHS can continue to receive FCC equipment authorizations. In other words, foreign-made consumer routers are banned by default. But if you are a manufacturer, you can apply to get unbanned ("Conditional Approval"). In the FAQ ( https://www.fcc.gov/faqs-recent-updates-fcc-covered-list-reg... ), they even include guidance on how to apply: https://www.fcc.gov/sites/default/files/Guidance-for-Conditi... If you (a manufacturer) apply, they want information regarding corporate location, jursidiction, and ownership. They want a bill of materials with country of origin and a justification for why any foreign-sourced components can't be domestic. They want information about who provides software and updates. And they want to hear your plan to increase US domestic manufacturing and progress toward that goal. So, foreign-made consumer routers can still be sold, but they are going to look at them with a fine-tooth comb, and they are going to use FCC approval as leverage to try to increase domestic manufacturing.

raphman

Does the router ban really only pertain to consumer-grade networking devices? > For the purpose of this determination, the term “Routers” is defined by National Institute of Science and Technology’s Internal Report 8425A to include consumer-grade networking devices that are primarily intended for residential use and can be installed by the customer. Routers forward data packets, most commonly Internet Protocol (IP) packets, between networked systems. ¹ > A “consumer-grade router” is a router intended for residential use and can be installed by the customer. Routers forward data packets, most commonly Internet Protocol (IP) packets, between networked systems. Throughout this document, the term “router” is used as a shorthand for “consumer-grade router.” ² There doesn't seem to be a general ban for foreign-made professional routers, just for some Chinese manufacturers, right³? Oh, and what does "produced by foreign countries" even mean? I couldn't find any definition. Is this meant to be the country of final assembly? Would importing a Chinese router and the flashing the firmware in the USA be sufficient to be exempt? Where is the line drawn usually? ¹) https://www.fcc.gov/sites/default/files/NSD-Routers0326.pdf ²) https://nvlpubs.nist.gov/nistpubs/ir/2024/NIST.IR.8425A.pdf ³) https://www.fcc.gov/supplychain/coveredlist

Schnitz

So router prices in the US will go up a lot, great!

anonym29

What the fuck?! I did not sign up to live in some third world shithole where I can't get first-world networking equipment. I do not want some piece of shit closed-source proprietary netgear ameritrash. FUCK! Give me back my god damn chinese routers! Chinese citizens have more computing freedom than American citizens at this point. What the fuck happened to the land of the free?

mrsssnake

What is a router? Really, do they have a definition?

kittikitti

Because of this, I'm going to plan my next network upgrade based on open source hardware like Banana Pi. My setup is based on WiFi 7 so this might not apply for a few years. From my understanding, the hardware from proprietary manufacturers is sufficiently advanced to do some advanced surveillance and spyware, whereas previous generations didn't require advanced processing to achieve fiber optic speeds. Back to the original statement, it's clear that the threat of surveillance exists. Personally, I don't make the distinction between foreign and domestically produced routers in America. In fact, I trust foreign produced routers more because the likelihood that they can act upon their surveillance is significantly lower than the current American regime's oppressive and malicious tactics. Therefore, open source routers provides enough transparency to effectively eliminate spyware threats from all angles while being compliant. I'm especially excited about the Banana Pi because of the transparency and potential of modular upgrades. Whenever there's a network issue, I have to consider whether the manufacturer (American or not) is doing something nefarious. With a Pi based router, I have much more peace of mind with network debugging issues.

freedomben

So... What are the options now for American consumers? What brands are left and available?

analog31

Ask HN: Is there a list of preferred routers for security?

kemotep

Does anyone even have a list of US produced routers? Like does installing OpenWRT or OPNSense or VyOS matter? I can’t think of a complete start to finish, OS to mosfets, computer that is 100% manufactured in the United States.

razorbeamz

I'm sure people will get right on buying American-made routers.

giantg2

Are there consumer grade routers made in the US?

tim-tday

Aren’t all routers manufactured in foreign countries? Cisco are assembled in China as far as I know.