Three weeks ago the FCC banned all new foreign-made consumer routers from being sold in the United States. National security. Protecting Americans. Securing the supply chain. Very serious stuff.
Yesterday Netgear got an exemption.
Netgear. The company that manufactures its routers in Indonesia, Vietnam, and Thailand. The company that has announced zero plans to move manufacturing to the United States. The company whose stock jumped 17% on the news because Wall Street immediately understood what the rest of us already knew.
This was never about security.
Let's Review the Timeline
March 23, 2026: The FCC adds all foreign-made consumer routers to its Covered List, effectively banning new models from being imported or sold. The stated reason is that foreign-made routers pose "unacceptable risks to the national security of the United States." Every router manufacturer on earth is affected. No exceptions.
April 14, 2026: Netgear receives "conditional approval" exempting its entire consumer lineup (Nighthawk routers, Orbi mesh systems, cable gateways, cable modems) through October 2027. One other company, Adtran, gets a similar exemption. Everyone else is still banned.
Twenty-two days. That's how long the "no exceptions" policy lasted. For context, that's less time than it takes most people to return a router to Best Buy.
The "Security" That Isn't
The FCC's own justification for the ban cited the Volt Typhoon, Salt Typhoon, and Flax Typhoon cyberattacks. Chinese state-sponsored hackers exploited vulnerabilities in consumer routers to compromise American infrastructure. That part is real and it's serious.
But here's the thing. The routers exploited in Volt Typhoon were end-of-life Cisco and Netgear devices. Read that again. Netgear routers were specifically named in the attacks that justified the ban. And Netgear is the first company exempted from the ban.
That's like banning all cars after a drunk driving accident and then handing the keys back to the guy who crashed.
The Department of Defense reviewed Netgear's application and determined their products "do not pose risks to US national security." The FCC's order doesn't elaborate on why. Nobody has explained how a router manufactured in Vietnam yesterday poses a national security threat but a Netgear router manufactured in Vietnam today doesn't. Because there is no explanation. Because it doesn't make sense. Because it was never about where the router was built.
Follow the Money. We Did.
Netgear's stock jumped 17% in after-hours trading the moment the exemption was announced. Investors didn't need a cybersecurity degree to read this situation. They needed a calculator.
With TP-Link effectively banned (the world's largest consumer router manufacturer, headquartered in Irvine, California but manufacturing in China), Netgear just inherited a massive chunk of the US consumer router market. Engadget called it a "de facto monopoly." That's not editorializing. That's math.
Meanwhile every other manufacturer (Asus, TP-Link, Linksys, Google Nest) is either locked out or scrambling to apply for the same conditional approval that Netgear apparently got by being "a US founded and headquartered company." Which is a nice way of saying "we have a US mailing address and our actual factories are in Southeast Asia." Just like everyone else.
If you grew up in the '80s watching the same companies that lobbied for deregulation turn around and use regulation to crush their competitors, none of this surprises you. It's the same playbook. Different decade. Same results.
What Nobody Is Talking About
Here's what drives me nuts. The entire conversation is about where routers are manufactured. Nobody is talking about what's actually running on them.
Every Netgear router runs proprietary, closed-source firmware. You can't see the code. You can't audit it. You can't verify what it's doing with your network traffic. You're trusting that a publicly traded corporation with fiduciary duties to shareholders is prioritizing your security over their bottom line. If you've worked in tech for more than 15 minutes, you know how that bet usually goes.
The FCC is treating this like a supply chain problem. It's not. It's a transparency problem. A router built in Ohio with closed-source firmware is exactly as unverifiable as a router built in Shenzhen with closed-source firmware. You can't prove either one is secure because you can't see either one's code.
The country of origin tells you where a router was assembled. The source code tells you what it's actually doing. Only one of those matters for security.
Open Source Doesn't Need an Exemption
While the FCC is playing favorites with which closed-source black boxes get to be sold in America, an entirely different approach to network security has been quietly running in homes, businesses, and government networks for over a decade.
OPNsense is a free, open source firewall platform. Every line of code is publicly auditable. The community that maintains it includes security researchers, network engineers, and thousands of contributors worldwide. It runs on commodity hardware like Protectli Vaults, purpose-built mini PCs with coreboot open-source firmware replacing the Intel BIOS.
Think about what that means in the context of this ban:
| Security Factor | Netgear (Exempted) | OPNsense on Protectli |
|---|---|---|
| Firmware source code | Closed. Proprietary. Trust us. | Open. Auditable. Verify us. |
| BIOS/UEFI firmware | Intel ME enabled (closed binary blob) | Coreboot with Intel ME disabled |
| Security audit | Internal only. Results not published. | Community-audited. CVEs publicly tracked. |
| Intrusion detection | Basic or none | Suricata IDS/IPS with 200,000+ signatures |
| Network segmentation | Limited guest network | Full VLAN support (8+ isolated networks) |
| Update transparency | Automatic. You don't know what changed. | Changelogs published. You choose when to update. |
| Affected by FCC ban? | Exempted (for now) | Not applicable. It's software. |
OPNsense doesn't need a conditional approval from the FCC because it's not a consumer router. It's a professional firewall platform that you install on hardware you own. The FCC ban is about controlling which boxes get sold at Best Buy. Open source firewall platforms exist in a completely different category where the user has full control and full visibility into exactly what their network equipment is doing.
That's not a workaround. That's a fundamentally better security model. One that doesn't depend on which company got a phone call from Washington this week.
The Part Where I Get Personal
I've spent years helping people deploy OPNsense and pfSense firewalls. Hundreds of deployments. I've been on the phone with people who bought a $300 Protectli Vault, couldn't get it to work, and were ready to send it back and go buy another Netgear Nighthawk.
I get it. OPNsense has a learning curve. The GUI looks like it was designed by engineers for engineers (because it was). Configuring VLANs, setting up Suricata rules, getting DNS filtering dialed in? It's not plug-and-play. It takes 25-35 hours of learning if you're doing it yourself. Most people don't have that time and honestly most people shouldn't have to.
That's why I started Open Source Security. We do the configuration. You get the security. Professional-grade OPNsense on Protectli hardware, fully configured, validated in our Security Performance Lab, and delivered ready to plug in. Every configuration is published publicly on our Forgejo instance. We don't ask you to trust us. We give you the tools to verify us.
The FCC isn't going to fix your home network security. Netgear isn't going to fix it. The answer has always been the same and it hasn't changed: open source software on hardware you own, configured by people who know what they're doing.
Or configure it yourself. OPNsense is free. The documentation is thorough. The community is massive. Either way, stop waiting for Washington to protect you. We've been latchkey kids since the '80s. We know how to fend for ourselves.
What Happens Next
The Netgear exemption lasts until October 2027. Between now and then, expect every major router manufacturer to apply for the same conditional approval. Some will get it. Some won't. The ones that don't will either exit the US market or start manufacturing domestically at higher costs that get passed directly to you.
Consumer router prices are going up. Competition is going down. And the 200+ million vulnerable routers already in American homes, the ones that were actually exploited in the cyberattacks that justified this whole mess, will continue running unpatched firmware in living rooms across the country.
The FCC banned the future to protect you from the present. The present is still on fire. And Netgear just got handed a fire truck that doesn't have any water in it.
Stay skeptical. Stay patched. Own your hardware. Read the code.