jahed.dev

Hidden Networks in TP-Link Routers

I was debugging my WiFi settings this week when I noticed something strange. WiFi Analyzer was showing two hidden networks coming from my router, one for each frequency: 2.4GHz and 5GHz. Networks which I haven't configured and didn't appear in my router's admin interface. WTF?

A quick search revealed a forum thread from 2019 where people had the exact same problem, and over the past 2 years, their forums have been littered with related issues across multiple models. Turns out, TP-Link thinks it's a great idea to have hidden pre-configured always-on networks on all of their routers. Just in case someone wanted to use their "OneMesh" product.

This is of course a terrible idea. Not only are these networks a security risk and a waste of energy, they also add to the existing WiFi spam plaguing cities. Having it enabled by default is just ridiculous, not providing an option to disable it is ludicrous! Sure, having multiple SSIDs under a single access point isn't as bad as having multiple access points, but there's still an unnecessary overhead and risk being introduced.

TP-Link has since been very slowly rolling out firmware updates to fix this, starting with "beta" updates specifically for anyone who sees it as a problem and bothers to browse their forums. Unfortunately, my router model has yet to receive one and without a timeline, I'm pretty much just waiting indefinitely. Third party firmware like OpenWrt aren't supported on this model either. I even tried reverse engineering the backups, looking for a workaround that doesn't exist.

This problem is exactly why critical software should fall under right to repair. I use plenty of TP-Link products. It's been a reliable brand, and the router is close to perfect for my needs. But in this case, clearly TP-Link is unwilling or does not have the resources to provide a proper solution for all of their past, present and future models. Firmware should be open source so that we can fix these issues ourselves.

Asus routers are a good example. They have some sort of open source system in place, allowing alternatives like Asuswrt-Merlin to fix a wide range of issues, provide more frequent security updates and add more cutting-edge features; greatly improving their product offering -- at no cost to Asus themselves!

I had to move away from Asus last year as they didn't provide a good hardware solution for 4G. That's right, my street doesn't have fibre, despite being in the tech startup heart of London. So here I am with a TP-Link router, spamming unwanted waves. Do I really have to drop another £100 on a new router, just because TP-Link can't offer a boolean flag? What a waste of good hardware.

I've considered building my own router in the past. If I did so before, I could've added 4G to it. Maybe now is a good chance to look into it again.

Thanks for reading.