Technologies

Controversy Brews: US Government Targets Banning Top Wi-Fi Router

Federal departments and agencies are joining forces in an effort to ban TP-Link routers due to concerns about national security risks.

TP-Link routers might not be available for much longer in the US, according to a Washington Post report last week. A potential ban is looking increasingly likely, as more than half a dozen federal departments and agencies back the proposal,

The news first broke in December of last year, when The Wall Street Journal reported that investigators at the Departments of Commerce, Defense and Justice had all opened probes into the company due to national security risks stemming from its ties to China. Since then, news on the TP-Link front has been relatively quiet.

Now, the proposal has gained interagency approval.

Read more: I Asked 4 Cybersecurity Experts If They Would Still Use a TP-Link Router

Why are plans to ban TP-Link routers being pushed?

«Commerce officials concluded TP-Link Systems products pose a risk because the US-based company’s products handle sensitive American data and because the officials believe it remains subject to jurisdiction or influence by the Chinese government,» the Washington Post reported.

TP-Link’s ties to the Chinese government are only allegations. The company — technically called TP-Link Systems — has strenuously denied to me in the past that it’s a Chinese company.

«As an independent US company, no foreign country or government, including China, has access to or control over the design and production of our products,» a TP-Link spokesperson told CNET.

The history of the TP-Link routers

TP-Link was founded in Shenzhen, China, in 1996 by two brothers, Jeffrey (Jianjun) Chao and Jiaxing Zhao. In October 2024, two months after members of the House Select Committee called for an investigation into TP-Link routers, the company split into two: TP-Link Technologies and TP-Link Systems.

The latter is headquartered in Irvine, California, and has approximately 500 employees in the US and 11,000 in China, according to the Washington Post report. TP-Link Systems is owned by Chao and his wife.

«TP-Link’s unusual degree of vulnerabilities and required compliance with [Chinese] law are in and of themselves disconcerting,» the lawmakers wrote in October 2024. «When combined with the [Chinese] government’s common use of [home office] routers like TP-Link to perpetrate extensive cyberattacks in the United States, it becomes significantly alarming.»

The company has become a dominant force in the US router market since the pandemic. According to the Journal report, it grew from 20% of total router sales in 2019 to around 65% this year. TP-Link disputed these numbers to CNET, and a separate analysis from the IT platform Lansweeper found that 12% of home routers currently used in the US are made by TP-Link. More than 300 internet providers issue TP-Link routers to their customers, according to the Wall Street Journal report.

Why are TP-Link routers being investigated?

Separately, the Department of Justice’s antitrust division is investigating whether TP-Link engaged in predatory pricing tactics by artificially lowering its prices to muscle out competitors.

CNET has several TP-Link models on our lists of the best Wi-Fi routers and will monitor this story closely to see if we need to reevaluate those choices.

«We do not sell products below cost. Our pricing is not only above cost but contributes a healthy profit to the business,» a TP-Link spokesperson told CNET.

The potential ban has been through an interagency review and is currently in the hands of the Department of Commerce. According to the Washington Post report, sources familiar with the details of the ban said the Trump administration’s ongoing negotiations with China have made the chances of a ban less likely in the near future.

«Any concerns the government may have about TP-Link are fully resolvable by a common-sense mix of measures like onshoring development functions, investing in cybersecurity, and being transparent,» the spokesperson said. «TP-Link will continue to work with the US Department of Commerce to ensure we understand and can respond to any concerns the government has.»

Don’t miss any of our unbiased tech content and lab-based reviews. Add CNET as a preferred Google source.

How worried should you be about your TP-Link router?

I wrote a few months ago that I wasn’t in any rush to replace my own TP-Link router, and that’s essentially how I still feel today.

When the news first broke last December, I asked four cybersecurity experts whether they would still use a TP-Link router. One gave a strong «no.» Another said there is «risk for a consumer.» And two declined to answer the question directly.

Itay Cohen was one of the authors of a 2023 report that identified a firmware implant in TP-Link routers linked to a Chinese state-sponsored hacking group. He told me in a previous interview that similar implants have been found on other router brands manufactured all over the world.

«I don’t think there’s enough public evidence to support avoiding routers from China outright,» Cohen said. «The vulnerabilities and risks associated with routers are largely systemic and apply to a wide range of brands, including those manufactured in the US.»

I heard a version of that from every cybersecurity expert I spoke with. TP-Link has security flaws, but so do all routers, and I couldn’t point to any that showed collaboration with the Chinese government specifically.

«We’ve analyzed an astonishing amount of TP-Link firmware. We find stuff, but we find stuff in everything,» said Thomas Pace, CEO of cybersecurity firm NetRise and former security contractor for the Department of Energy.

That said, it’s entirely possible that the government is aware of vulnerabilities that the public is not.

For now, I’m still comfortable using a TP-Link router knowing I follow some basic best practices for network security, but my risk tolerance may be higher than it is for others.

How to protect your network if you have a TP-Link router

If you’re one of the millions of Americans who uses a TP-Link router, the news of a potential ban might be unnerving.

A Microsoft report from last year found that TP-Link routers have been used in «password spray attacks» since August 2023, which typically occur when the router is using a default password.

Here’s what you can do to protect yourself right now:

Update your login credentials. A shocking amount of router attacks occur because the user never changed the default login credentials set by the router manufacturer. Most routers have an app that lets you update your login credentials, but you can also type your router’s IP address into a URL. These credentials are different from your Wi-Fi name and password, which should also be changed every six months or so. As always with passwords, avoid common words and character combinations, longer passwords are better and don’t reuse passwords from other accounts.

Use a VPN. If you’re worried about prying eyes from the Chinese government or anyone else, the single best thing you can do to ensure your connection remains private is to use a quality VPN. Privacy-minded folks should look for advanced features like obfuscation, Tor over VPN and a double VPN, which uses a second VPN server for an added layer of encryption. You can even install a VPN on your router directly so that all your traffic is encrypted automatically.

Turn on the firewall and Wi-Fi encryption. These are typically on by default, but now is a good time to make sure they’re activated. This will make it harder for hackers to access the data sent between your router and the devices that connect to it. You can also find these settings by logging into your router from its app or website.

Consider buying a new router. I always recommend buying your own router instead of renting one from your internet service provider. This is mostly a cost-saving measure, but if your ISP uses TP-Link equipment, now might be a good time to switch to another brand. The main thing to look for is WPA3 certification — the most up-to-date security protocol for routers.

Update your firmware. TP-Link’s spokesperson told me last year that customers should regularly check for firmware updates to keep their router secure. «To do this, customers with TP-Link Cloud accounts may simply click the ‘Check for Updates’ button in their product’s firmware menu,» the spokesperson said. «All other customers can find the latest firmware on their product’s Downloads page on TP-Link.com.»

Technologies

Google races to put Gemini at the center of Android before Apple’s AI reboot

Google is using its latest Android rollout to position Gemini as the AI layer across phones, Chrome, laptops and cars.

Google is using its latest Android rollout to make Gemini less of a chatbot and more of an operating layer across the phone, browser, car and laptop, just weeks before Apple is expected to show its own Gemini-powered Apple Intelligence reboot at WWDC.
Ahead of its Google I/O developer conference next week, the company previewed a number of Android updates, including AI-powered app automation, a smarter version of Chrome on Android, new tools for creators, a redesigned Android Auto experience, and a sweeping set of new security features.
Alphabet is counting on Gemini to help Google compete directly with OpenAI and Anthropic in the market for artificial intelligence models and services, while also serving as the AI backbone across its expansive portfolio of products, including Android. Meanwhile, Gemini is powering part of Apple’s new AI strategy, giving Google a role in the iPhone maker’s reset even as it races to prove its own version of personal AI on the phone is further along.
Sameer Samat, who oversees Google’s Android ecosystem, told CNBC that Google is rebuilding parts of Android around Gemini Intelligence to help users complete everyday tasks more easily.
“We’re transitioning from an operating system to an intelligence system,” he said.
As part of Tuesday’s announcements. Google said Gemini Intelligence will be able to move across apps, understand what’s on the screen and complete tasks that would normally require a user to jump between multiple services. That means Android is moving beyond the traditional assistant model, where users ask a question and get an answer, and acting more like an agent.
For instance, Google says Gemini can pull relevant information from Gmail, build shopping carts and book reservations. Samat gave the example of asking Gemini to look at the guest list for a barbecue, build a menu, add ingredients to an Instacart list and return for approval before checkout.
A big concern surrounding agentic AI involves software taking action on a user’s behalf without permissions. Samat said Gemini will come back to the user before completing a transaction, adding, “the human is always in the loop.”
Four months after announcing its Gemini deal with Google, Apple is under pressure to show a more capable version of Apple Intelligence, which has been a relative laggard on the market. Apple has long framed privacy, hardware integration and control of the user experience as its advantages.
Google’s Android push is designed to show it can bring AI deeper into the device experience while still giving users control over what Gemini can see, where it can act and when it needs confirmation.
The app automation features will roll out in waves, starting with the latest Samsung Galaxy and Google Pixel phones this summer, before expanding across more Android devices, including watches, cars, glasses and laptops later this year.
The company is also redesigning Android Auto around Gemini, turning the car into another major surface for its assistant. Android Auto is in more than 250 million cars, and Google says the new release includes its biggest maps update in a decade and Gemini-powered help with tasks like ordering dinner while driving.
Alphabet’s AI strategy has been embraced by Wall Street, which has pushed the company’s stock price up more than 140% in the past year, compared to Apple’s roughly 40% gain. Investors now want to see how Gemini can become more central to the products people use every day.
WATCH: Alphabet briefly tops Nvidia after report of $200 billion Anthropic cloud deal

Technologies

Waymo recalls 3,800 robotaxis after glitch allowed some vehicles to ‘drive into standing water’

Waymo issued a voluntary recall of about 3,800 of its robotaxis to fix software issues that could allow them to drive into flooded roadways.

Waymo is recalling about 3,800 robotaxis in the U.S. to fix software issues that could allow them to “drive onto a flooded roadway,” according to a letter on the National Highway Traffic Safety Administration’s website.
The voluntary recall is for Waymo vehicles that use the company’s fifth and sixth generation automated driving systems (or ADS), the U.S. auto safety regulator said in the letter posted Tuesday.
Waymo autonomous vehicles in Austin, Texas, were seen on camera driving onto a flooded street and stalling, requiring other drivers to navigate around them. It’s the latest example of a safety-related issue for the Alphabet-owned AV unit that’s rapidly bolstering its fleet of vehicles and entering new U.S. markets.
Waymo has drawn criticism for its vehicles failing to yield to school buses in Austin, and for the performance of its vehicles during widespread power outages in San Francisco in December, when robotaxis halted in traffic, causing gridlock.
The company said in a statement on Tuesday that it’s “identified an area of improvement regarding untraversable flooded lanes specific to higher-speed roadways,” and opted to file a “voluntary software recall” with the NHTSA.
“Waymo provides over half a million trips every week in some of the most challenging driving environments across the U.S., and safety is our primary priority,” the company said.
Waymo added that it’s working on “additional software safeguards” and has put “mitigations” in place, limiting where its robotaxis operate during extreme weather, so that they avoid “areas where flash flooding might occur” in periods of intense rain.
WATCH: Waymo launches new autonomous system in Chinese-made vehicle

Technologies

Qualcomm tumbles 13% as semiconductor stocks retreat from historic AI-fueled surge

Semiconductor equities reversed sharply after a broad AI-driven advance, with Qualcomm suffering its worst day since 2020 amid inflation concerns and rising oil prices.

Semiconductor stocks fell sharply on Tuesday, reversing course after an extensive rally that had expanded the artificial intelligence investment theme well past Nvidia and driven the industry to unprecedented levels.

Qualcomm plunged 13% and was on track for its steepest single-day decline since 2020. Intel shed 8%, while On Semiconductor and Skyworks Solutions each lost more than 6%. The iShares Semiconductor ETF, which benchmarks the overall sector, fell 5%.

The sell-off came after a key gauge of consumer prices came in above forecasts, and as conflict in Iran pushed crude oil higher—prompting investors to shift away from riskier assets.

The preceding advance had widened the AI opportunity set beyond longtime industry leader Nvidia, which for much of the past several years had largely carried the market to new peaks on its own.

Explosive appetite for central processing units, along with the graphics processing units that power large language models, has sent chipmakers to all-time highs.

Market participants are wagering that the shift from AI model training to autonomous agents will lift demand for additional AI hardware. Among the beneficiaries are memory chip producers, which are raising prices as supply remains tight.

Micron Technology slid 6%, and Sandisk cratered 8%. Sandisk’s stock has surged more than six times over since January.