Verifying reality: Best infosec long reads 5/30/26
TP-Link is fighting for its life, Quantum's threat to RSA encryption could be soon, How Russia's GPS spoofing could destroy us all, How cops and the courts relied on a stalker's digital evidence, The safety and security risks of AI distillation
Happy Saturday to all!
Full access to Metacurity's curated infosec long reads is available to paid subscribers. Our goal is simple: make it financially viable to keep investing the time and expertise required to find, vet, and contextualize the most important security journalism each week. Free readers will still get highlights, but subscribers will get the complete, deeply curated set.
Please help support Metacurity achieve our goal by upgrading your subscription to gain full access to this issue and all content published on Metacurity, including the archives.
May 30: This week's infosec long reads explore a question at the heart of cybersecurity: what happens when the systems we trust can no longer be taken at face value?
From concerns about Chinese networking gear and AI models to quantum threats to encryption, Russian GPS spoofing, and a stalking case built on disputed digital evidence, each story examines the growing challenge of verifying what's real in an increasingly manipulated world.
TP-Link’s American Dream
The Wire China's Noah Berman offers an in-depth look at TP-Link's effort to reinvent itself as an American company while battling mounting, and experts say invalid, concerns in Washington that Chinese-made networking equipment could create long-term national security risks.
Over the past five years, [TP-Link founder Jeffrey] Chao, 57, has split TP-Link from its corporate sister in Shenzhen, which is run by his older brother Cliff. TP-Link moved its headquarters to Irvine, California, in 2024 and restructured so that its parent firm is a Delaware LLC. TP-Link has also hired hundreds of people in the United States, though it still employed more than 10,000 workers in China as of last year. Jeffrey himself is seeking U.S. citizenship.
The moves have been controversial in Washington. Multiple federal agencies, including the Department of Commerce, have investigated TP-Link, according to people familiar with the matter.
The state of Texas is suing the company over concerns about its ties to China, while Florida has subpoenaed it for similar reasons. In March, the Federal Communications Commission banned the import of future models of all foreign-made consumer routers, citing national security risks.
The measure imperils TP-Link’s future in the United States, where analysts estimate that it controls the largest share of the market. The company has a smaller share of the business and government market segments, which were not covered by the FCC’s ban.
“Although the language in the [FCC’s] determination is country-agnostic, the evidence clearly shows which foreign country has dominated the consumer-grade router market to date and poses an unacceptable risk to U.S. critical infrastructure security,” Senator Jim Risch (R-ID), who chairs the Senate Foreign Relations Committee and has called for a ban on U.S. sales of TP-Link products, told The Wire China.
TP-Link is adamant that its routers do not pose any national security risks. In an emailed reply to questions, a company spokesperson said that “virtually all consumer-grade routers are made outside the United States … the entire router industry will be impacted by the FCC’s announcement.” The company did not make Jeffrey Chao available for an interview.
The FCC rule illustrates how the Trump administration is still targeting firms with China links on national security grounds, even as it takes a softer approach to the country than many hawks had hoped. It also shows how corporate restructurings can prove insufficient to dispel worries about Beijing’s control over companies founded in China.
“The Chinese government is not interested in releasing control of their diaspora just because they incorporated a Delaware LLC,” says Dakota Cary, a consultant at cybersecurity firm SentinelOne. “I don’t think it does anything to allay concerns.”
For TP-Link, the scrutiny amounts to the most significant test in its 30-year history: can it overcome Washington’s fears about Chinese technology, or has its American makeover been all for naught?
