ALERT The FCC Just Banned the Sale of New Wi-Fi Router Models Made Outside US

not specifically related to red or blue though both contribute to the ruin.

Red v Blue is to keep the distracted (over worked, over stimulated, media saturated) believing they aren't working together to loot the nation before it collapses.

Amazing how "both" sides accuse the other of cheating (Russia helped Trump steal 2016 and 2024, Ukraine funneled money into Biden campaigns in 2020) but can't (won't!) pass a simple law requiring voter ID. Really boggles the mind, eh?

TaxFarm.png
 
Red v Blue is to keep the distracted (over worked, over stimulated, media saturated) believing they aren't working together to loot the nation before it collapses.

Amazing how "both" sides accuse the other of cheating (Russia helped Trump steal 2016 and 2024, Ukraine funneled money into Biden campaigns in 2020) but can't (won't!) pass a simple law requiring voter ID. Really boggles the mind, eh?

Question - I know this is political sorry for keeping this off track. I understand in the US system you need to show ID to register to vote when you turn 18, but not on voting day per se. This seems different to me so I'd like to understand it a bit more - wondering if you could afford me a US civics lesson. Could you do it the way we do? ID cards are free in my province if you can't get a license or whatever, so it doesn't make for a poll tax which is what I understand the other barrier is for US voters.


I could do a lot of research here but there's both sides of the argument around here and I suspect the conversation would be slightly less cluttered than if I ask the question on threads or x or something.
 
Could you do it the way we do? ID cards are free in my province if you can't get a license or whatever, so it doesn't make for a poll tax which is what I understand the other barrier is for US voters.

Can only speak about my state, but even a state ID (not driver's license) is a small nominal fee unless you are over 65.

State ID or DL is only proof of who you are, not that you are a citizen. Plenty of non-citizens are issued licenses, such as the many visa workers that come to this country every year. Some states will even issue a DL to someone who is here illegally.

It's all just theater, put on by the Red Team. They don't really want it any more than the Blue Team. (Care to guess why?)
 
Can only speak about my state, but even a state ID (not driver's license) is a small nominal fee unless you are over 65.

State ID or DL is only proof of who you are, not that you are a citizen. Plenty of non-citizens are issued licenses, such as the many visa workers that come to this country every year. Some states will even issue a DL to someone who is here illegally.

It's all just theater, put on by the Red Team. They don't really want it any more than the Blue Team. (Care to guess why?)
I’m sure the object is to have as few people voting as possible. Here in Oz voting is compulsory for citizens over the age of 18. You have to register with the Electoral Commission and be put on the Electoral Roll. There’s no fee to register. If you don’t register they will eventually catch up with you, and then if you don’t vote you have to explain why. Works well and we get a centrist government.
 
@chris_c: Only problem with what you're saying is that this new policy leaves all the "old routers" in place and still exposed. NO CURRENTLY INSTALLED LEGACY DEVICES ARE AFFECTED BY THIS NEW POLICY. In short, it won't stop another Volt Typhoon. Wouldn't it be better to block these sorts of attacks upstream rather than just blocking deployment of new, more secure routers at the end-user level?? I would hasten to add that the FCC's definition of a "router" makes clear they have no f*cking clue what they are talking about.
Welcome to Canada. The CRTC (FCC) imposes Canadian content (30%) on our radio and TV broadcasts and are using the Digital Services Tax to help fund our Communist Broadcasting Corporation. (the CBC). For instance, we can't watch the SuperBowl without Canadian produced/targeted ads being injected by the cable companies.
 
Welcome to Canada. The CRTC (FCC) imposes Canadian content (30%) on our radio and TV broadcasts and are using the Digital Services Tax to help fund our Communist Broadcasting Corporation. (the CBC). For instance, we can't watch the SuperBowl without Canadian produced/targeted ads being injected by the cable companies.

This is over simplifying things and the example you've cited is not related. The Canadian content requirement funds the CBC, yes, and also the other for profit networks production of Canadian content (like Letterkenny for example). The ad targeting is a commercial (ie business) determination made by the network (CTV/Bell at the moment) to recover the rights costs paid to the NFL (so again strictly commercial and nothing to do with the CRTC per se, though I'm sure there's a regulatory environment allowing them to do so which at one point IIRC got overridden and caused a . . . problem). This Canadian content requirement is to balance the US dominance in entertainment in Canada and maintain some kind of semblance of cultural identity, though the differences are relatively small with the US (to some people they aren't small, I just mean relative to other perhaps non-western countries).

This is in my view very similar to what the US does in imposing tariffs on softwood lumber for example, though it's not entirely a congruent example though both are types of taxes designed to change or influence spending, under the guise that our (Canada's) dominance is providing an unfair market advantage.

Anyway, it's alarming to me that there isn't public reasonable dialogue about all this, it's just a lot of yelling. A shame.
 
This is over simplifying things and the example you've cited is not related. The Canadian content requirement funds the CBC, yes, and also the other for profit networks production of Canadian content (like Letterkenny for example). The ad targeting is a commercial (ie business) determination made by the network (CTV/Bell at the moment) to recover the rights costs paid to the NFL (so again strictly commercial and nothing to do with the CRTC per se, though I'm sure there's a regulatory environment allowing them to do so which at one point IIRC got overridden and caused a . . . problem). This Canadian content requirement is to balance the US dominance in entertainment in Canada and maintain some kind of semblance of cultural identity, though the differences are relatively small with the US (to some people they aren't small, I just mean relative to other perhaps non-western countries).

This is in my view very similar to what the US does in imposing tariffs on softwood lumber for example, though it's not entirely a congruent example though both are types of taxes designed to change or influence spending, under the guise that our (Canada's) dominance is providing an unfair market advantage.

Anyway, it's alarming to me that there isn't public reasonable dialogue about all this, it's just a lot of yelling. A shame.

Yeah. It was an over simplication. But parallel is very similar. Freedom of speech in Canada is at issue.

I wonder if the new BYD vehicles coming to Canada now have embedded routers. Likely. Spy EV's.
 
These are fun discussions. At least nobody on this forum goes cuckoo (other than myself maybe).
Reminds my of my days in school at the department of Computer Science at UofT (Faculty of Arts and Science). I had a prof that taught about the 8 Layer OSI Model. Not sure I can attribute his creation of the 8th layer to him but it sounded very original. His fictional layer 8 was "Religion and Politics".
 
These are fun discussions. At least nobody on this forum goes cuckoo (other than myself maybe).
Reminds my of my days in school at the department of Computer Science at UofT (Faculty of Arts and Science). I had a prof that taught about the 8 Layer OSI Model. Not sure I can attribute his creation of the 8th layer to him but it sounded very original. His fictional layer 8 was "Religion and Politics".

This waterloo grad now understands where you're coming from :-)
 
If the explanation of what a router is is so broad that it includes switches, wouldn't IP phones fall into the same category? They even have a LAN port for PCs, so they're effectively a switch.

Meaning I shouldn't sell any more Yealink phones? What should I sell then? Poly (HP) phones have been very bad since the acquisition.
 
If the explanation of what a router is is so broad that it includes switches, wouldn't IP phones fall into the same category? They even have a LAN port for PCs, so they're effectively a switch.
A router and a switch are two different things. They handle things completely different. While you can have a "Layer 3" switch which can do some routing, it's not really a router. Things like a TP-Link is a router/switch (and in some cases AP) combo. IP phones would not fall into either category.

I mean the FCC was pretty clear on this:
"For the purpose of this determination, the term 'Routers' is defined by National Institute of Science and Technology's Internal Report 8425A to include consumer-grade networking devices that are primarily intended for residential use and can be installed by the customer. Routers forward data packets, most commonly Internet Protocol (IP) packets, between networked systems."

I'm kind of interested to see how this plays out because there are some manufacturers that don't market or sell directly to consumers or consumer channels (Best Buy, Wal-Mart or other box stores or other retailers).
 
@chris_c: Only problem with what you're saying is that this new policy leaves all the "old routers" in place and still exposed. NO CURRENTLY INSTALLED LEGACY DEVICES ARE AFFECTED BY THIS NEW POLICY. In short, it won't stop another Volt Typhoon. Wouldn't it be better to block these sorts of attacks upstream rather than just blocking deployment of new, more secure routers at the end-user level??[....]
The problem with banning existing installed old routers is: the internet suddenly stops working at homes and offices. Not a practical solution!

Blocking attacks from sophisticated, nation-state actors, like Volt Typhoon, requires a proactive "defend-forward" strategy, focusing on securing edge devices, implementing Zero Trust architecture, and eliminating "living-off-the-land" (LOTL) techniques.

Volt Typhoon primarily targets critical infrastructure by compromising SOHO routers, VPNs, and firewalls to blend in with legitimate network traffic.

Here is how to block such attacks upstream:

1. Secure Edge Devices and Perimeters

Prioritize patching internet-facing devices (firewalls, routers, VPNs) from targeted vendors, e.g. Cisco, Fortinet, Ivanti, and Netgear.

Disable remote management interfaces on routers and firewalls. Do not expose admin interfaces to the internet.

Identify and replace network technology (routers switches APs etc) that is no longer supported by manufacturers.

If hardware cannot be immediately patched, use virtual patching (e.g., WAF or IPS) to block access to vulnerabilities.

2. Implement Zero Trust and Network Segmentation with VLANs etc

Isolate Operational Technology (OT) and SCADA systems from general business networks using firewalls and demilitarized zones (DMZs).

Assume breach, even from trusted suppliers, and continuously validate all access requests.

Restrict the ability of edge devices to communicate with internal, sensitive servers.

3. Mitigate "Living-off-the-Land" (LOTL) Techniques

Volt Typhoon avoids malware, using built-in system tools (PowerShell, WMI) to stay hidden.

Log and alert on suspicious command-line activity, such as unusual PowerShell scripts or unauthorized use of admin tools.

Allow only approved, trusted (whitelisted) apps and scripts to run on systems.

Turn off unused services such as Telnet, FTP, or HTTP.

4. Beef up Credential Security

Enforce phishing-resistant multi-factor authentication (e.g., FIDO2 keys) for all remote access and admin accounts.

Regularly audit and deactivate unused accounts.

5. Detect and Count first access attemts.

Look for large, unexpected data transfers originating from routers or edge devices, especially those moving to external, non-standard IP address destinations.

Configure Endpoint Detection and Response (EDR) tools, such as Microsoft Defender for Endpoint, to "block mode" to automatically mitigate malicious artifacts.

Monitor for traffic signatrues associated with the "KV-botnet," which uses stolen SOHO routers to hide traffic.

6. Supply Chain and Third-Party Risk Management

Require vendors to provide hardware and software that is secure by design, reducing the need for post-sale hardening.

Use Software Bill Of Materials - including all open source software libraries it uses - to identify if your apps and networking gear are affected by newly disclosed vulnerabilities in third-party software.
 
Glad I'm running enterprise gear and not consumer grade. TP-Link Omada equipment works the charm. Super easy to manage and maintain. :) No sign of open back doors or phoning home to wherever but boy is it getting hammered from bad actors trying to break in. And since my cloud systems are running APIBan and VOIPBL with whitelisted IPs only, there is no issue for me with IncrediblePBX, FusionPBX or FS PBX systems.
 
SOHO routers are a perfect Man In The Middle.
Compromise them, and you gain access to any user data you want.
A current hack where Russia's APT28 military intelligence exploits TP-Link and Mikrotik routers to steal users' Microsoft Office 365 login security tokens.

This new FCC ban is forcing router vendors to be transparent on their supply chains and beef up their security.
 
Last edited:
@chris_c_: Not sure how you reach your conclusion that the "FCC ban is forcing router vendors to be transparent on their supply chains and beef up their security." Every existing home router is exempted from the new FCC mandate including all of the TP-Link and MicroTik routers which were compromised. So, if anything, this gives home users a false sense of security and not much else.
 

Members online

No members online now.

Forum statistics

Threads
26,733
Messages
174,699
Members
20,292
Latest member
Sunnysideup
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Back
Top