alt.hn

5/2/2026 at 7:08:57 AM

NSA Warned Everyone to Reboot Their Routers

 https://www.staysafeonline.org/articles/the-nsa-just-warned-everyone-to-reboot-their-routers-what-to-do-right-now

by saikatsg

5/2/2026 at 3:54:20 PM

I wonder what the prevalence of these IoT devices is doing to internet security. Your router firewall might prevent incoming connections, but these stupid devices are always dialing out to god knows where. Can that be used to compromise security?

I recently installed deep packet inspection in my firewall and it’s quite illuminating to see all of what’s going on. Why are devices in my home connecting to India?

by rayiner

5/2/2026 at 4:51:29 PM

I made a separate wifi network for the smart trash, they can't see each other and aren't allowed any ingress or egress. I then add individual firewall rules on a needed basis.

by hollow-moe

5/2/2026 at 6:58:18 PM

This is the way. Mine’s called Io(shi)T.

by nemosaltat

5/2/2026 at 11:15:44 AM

Similar vibes to a single, older, creepy gentleman telling a group of young school children at the park not to talk to strangers.

by goolz

5/2/2026 at 10:55:15 AM

so NSA installed a backdoor to each router and now needs you to restart it to open the backdoor?

by Surac

5/2/2026 at 11:11:13 AM

No, the old one wasn't good tested and it hang the router. They will send a new one OTA on the next reboot.

by hulitu

5/2/2026 at 1:02:44 PM

TP-link routers. Entirely unsurprising.

by cmehdy

5/2/2026 at 9:26:50 AM

In this day and age, and we still lack formally-proven, FOSS/FOSHW, minimal consumer edge routers and WiFi APs.

by burnt-resistor

5/2/2026 at 2:51:47 PM

OpenWRT One? Not sure about AP's though.

by unfitted2545

5/3/2026 at 5:01:42 AM

There's no meaningful, usable formally-proven FOSS OS. Being FOSS isn't enough.

by burnt-resistor

5/2/2026 at 5:46:36 PM

Personally I just gave up trying to maintain OpenWRT/whatever on the embedded ARM dumpster fire, and went back to using a generic Linux distro (NixOS) on amd64 machines for both router and APs (with appropriate minipcie wifi cards).

by mindslight

5/3/2026 at 5:03:39 AM

An alternative is OPNsense, a minimal FreeBSD and Deciso supports an enterprise distribution-quality of it affordable by mere mortals.

by burnt-resistor

5/2/2026 at 11:15:12 AM

This is by design. Those who control the past (network traffic), control the future (network traffic).

by hulitu

5/2/2026 at 10:21:20 AM

"Replace outdated routers" yeah good luck with that, they're all banned.

by nubinetwork

5/2/2026 at 12:48:07 PM

What happens if an American orders a router from Aliexpress? In the past the US generally ignored low volume end user imports..

by ohnei

5/2/2026 at 1:45:43 PM

> "Replace outdated routers" yeah good luck with that, they're all banned.

Where on earth are routers banned?

by rcbdev

5/2/2026 at 1:57:58 PM

America. They're turning the country into a post-technological theocracy.

by ErroneousBosh

5/2/2026 at 11:45:18 AM

Reminder, HN, you all live in the real world. Chinese state sponsored cyber threat actors use orb networks that are primarily made via strung together off the shelf routers. The literal companies that build and maintain these ORB networks also resell this capability to Russian military intelligence and cyber threat actors.

by Craighead

5/2/2026 at 3:21:20 PM

Was unfamiliar with orb networks. This [1] is a damn clever attack vector.

[1] https://cloud.google.com/blog/topics/threat-intelligence/chi...

by rglover

5/2/2026 at 5:40:10 PM

They just made up a fancy term for the age old proxy... Basically lifting the longstanding criticism of their "attribution" into their realm of bespoke nouns as if it's something exceptional.

(I also found it extra annoying as my current working expansion of ORB is O-Ring Boss)

by mindslight

5/2/2026 at 12:04:17 PM

I am interested in hearing more about the US state sponsored cyber threat actors

by blitzar

5/2/2026 at 1:34:47 PM

Fast16, stuxnet, apt-c-40

by Craighead