China isn't the major threat for consumer routers; it's crappy firmware. Millions of networks have been compromised from non-state actor attacks on crappy consumer routers. You wanna protect America? Impose a software building code on critical network infrastructure (which should include consumer routers and modems). But they aren't gonna do that, because they're just trying to score cheap political points and put pressure on China for trade concessions.
Seemingly every year there is yet another Cisco vulnerability because of hard coded passwords. One as recently as July 2025. The entire network industry seems to YOLO the code running the world.
