The FCC Just Validated What Homelabbers Have Known for Years

The FCC this week designated all consumer routers manufactured outside the US as a national security risk, banning new foreign-made models from sale. The rule catches not just TP-Link but Eero, NetGear, and Google Nest too, since they all manufacture overseas. The move has a concrete backstory. Three Chinese nation-state groups, Volt Typhoon, Flax Typhoon, and Salt Typhoon, used compromised SOHO routers to build botnets targeting US critical infrastructure over several years. The FBI and DOJ shut down one of these botnets in 2024. The FCC's National Security Determination names all three operations explicitly as justification for the ban. I've been running OPNsense on a fanless mini-PC as my home router since 2022. It runs on an Intel N5105 with dual NICs, 8GB RAM, and a 250GB NVMe drive. The hardware cost about $200. The software is open source and BSD-licensed. There is no cloud account in the chain, no manufacturer firmware to trust or distrust, and no update process I didn't initia