da_667FCC bans all non-us made IoT routers
dude not even Cisco makes their own shit here.
and even if you do slap that stupid fucking made in the USA badging on whatever dipshit IoT device, chips and software are still produced elsewhere. Bet me that they'll shove fuckin goahead webs http server or boa httpd on it, and it'll be just as shit as it was before.
Emelia/Emi@da_667 Not to mention being absolutely stuffed full of cgi-bin stuff running as root, calling
system() with string interpolation instead of making properly parameterized execve() calls...
fuzzyfuzzyfungus@becomethewaifu @da_667 The absolute nonsense in the web UI and similar is even worse because it is more or less hardware agnostic(or could be). Bugs in wifi firmware blobs and things exist and aren't good; but at least there's a reason why the entire industry can't just use the same wifi blob that they've been polishing carefully for two decades. Web server brokenness is almost entirely pointless wheel-reinventing.
@da_667 That's the really frustrating bit: if you are cool enough for a hardware implant perhaps where the board was stuffed matters; but so many of these devices are totally fine hardware let down by the idea that you should get firmware from your board stuffer.
Just imagine if there was an adult in the room and, instead of cutting CISA et al. to ribbons, they threw a nickel at OpenWRT-style 3rd party firmware for the relatively small number of common router SoCs.
K. Reid Wightman 
🌻 
@da_667 no way man, "we wrote our own http server. from scratch! we did it right, we swear."
Graham Sutherland / Polynomial@da_667 every iot device's firmware is like 1998 high school c++ and it is infuriating
@gsuberland its vomit-worthy, and there's no impetus to improve anything. Multiple generations of hardware can have the same vulnerability, and nobody gives a shit.
MattiP 🤡🃏🧌🚩@da_667 Also pretty well known that if you pay a less scrupulous Chinese producer they print Made in the USA or whatever on the product and they might even make the papers too. (I'm pretty sure this is how someone made his Made in USA hats) Sure, there's the hassle to get them into the country, but that's still a minor thing.
Krishean Draconis@da_667 last time i saw the guts of a cisco enterprise device it was just a bunch of virtex fpgas in a box, they don't even design the hardware anymore, let alone make it
nyanbinary@da_667 the funniest thing is: this only applies to not-yet approved models. Importing & selling that same TP-Link WR841Nv7 from, idk, 2008 is still good. Because SeCuRiTy
@da_667 like not even kidding, if this does anything at all it is restricting the market on NEW routers (the ones that may still recieve patches) & drive up prices on these specifically, reducing probability of replacement
Dave Wilburn It's OK, we can just buy patriotic 'Murican Starlink terminals made in the good ol' U S of A by our favorite patriotic pal, Elon Musk.