21:49
We tested Wi-Fi 7 routers and access points. And the results were not just which one is fastest. They exposed a bigger problem. And the branding, the firmware, the support, firmware quality, Linux client support versus Windows client support, and even the security posture. Well, they were all over the place. I wanted to know which Wi-Fi 7 router or access point was the fastest. That question turned out to require a grounded metal door, a foil lined room. Thanks, old guy from the NSA that retired and used to rent some stuff. Uh, Linux scripts that are old enough to vote. Several local AI agents acting as interns with trust issues. And a lot more like this started out as Wi-Fi 7
testing and ended a national security incident. That's level one. Come for the rambling stay for the uh security incidents and footnotes and NSA reports. Router testing is supposed to be boring. You plug a box in, you run IPF, you make a bar chart, and then everybody argues in the comments. That's how it's done, or that's how it used to be done. But Wi-Fi 7 is different. The number on the box tells you almost nothing. The feature list tells you what might happen if you hold your mouth right. Subtle differences in the Y and the five and the seven is worse than the Pyrex labeling. If you've ever experienced the
Pyrex labeling, you know that's really just terrible. I have tested Wi-Fi since 802.11n and before I have scripts, I have processes. Uh you if you've been following the channel for a while, you know that I hired Shawn to help with the benchmarking. The audience should already know that this is the kind of thing that we do. So the initial premise is familiar and credible. We have the usual suspects on the table. Unifi, Ingenious, ASUS, Netgear, Netgear, and Nighthawk stuff, TPLink, and others DIY stuff. The plan was to do normal router testing, but you know, updated for Wi-Fi 7. But Wi-Fi 7 is not just faster Wi-Fi 6E. It has 320 MHz channels, 4096 QAM, uh, MLO, multi-link operation, and a
bunch of other optional behaviors. An optional behavior is where marketing goes to party. Uh, Wi-Fi testing is hard because the environment is also a part of the product. A router tested in a normal house is not just being tested against the client that you're connecting to the router. It's being tested against the neighbors and the walls and DFS behavior, channel width changes, interference, band steering, and whatever the firmware thinks it should do today because it'll scan your area and change its behavior. So, when you test Wi-Fi 7, you're also testing your building or uh a speed test in an uncontrolled RF environment is not exactly wrong. It's just a measurement of everything in the room, including the router. And the results
can vary a little bit. They're not uh onedimensional. This room is a Faraday cage basically. And I've also got Steve's old sound chamber, which I've sort of retrofit into also a Faraday cage. So, we have a small Faraday cage and a large Faraday cage, which makes for excellent Wi-Fi testing. Actually, come to think of it, Wi-Fi, you know, FCC labs, like there's this sudden obsession by the administration to have US-based FCC certification labs. There's a lot of people that are unemployed. Anybody out there want to come build and then run an FCC certification testing lab? like that might be a fun distraction. So, the verdict from our testing, Ingenious was all around the best because you could do 3 GB and it did MLO correctly. Netgear, the RS700S is the
highest peak reverse throughput on a single 320 MHz gig 320 MHz channel width on a 6 GHz band. The ASUS BE 1800 weird and severe reverse connection bottleneck, but best P99 latency under load. Uh, all of them only add a few milliseconds to first hop latency versus the wired result. And loaded latency numbers are not really likely to matter a ton for most game traffic. Wired, of course, is still better than wireless, but we've got all this testing coming up for like that's going to be in separate reviews, but it's not really a Brandex wins. The interesting point is the best Wi-Fi 7 router depends on whether you are most interested in peak throughput or throughput symmetry. Meaning that
your downloads like the downloads were good on the ASUS, but the uploads were weirdly bottlenecked or what you want the security posture to be. There is much more than just a single winner. They're all the best at a particular thing. Uh the ingenious gets a special mention for MLO and it's probably also the most secure. The router with the weirdest throughput but also had the best latency behavior was ASUS. The router without MLO had the highest single link reverse throughput, the highest throughput overall, over 3.5 Gbit via wireless on the Nighthawk. But I've never I would never deploy the uh RS700S in my house.
Like I just no. That's kind of sort of related to the router ban security story that landed over the last couple of months while I was working on this. AP reported that the US banned imports of new foreign made routers on a national security and cyber security contingency worrying about those things with restrictions applying to new device models while previously purchased models can still be used. They get a little bit of an extension, a reprieve, the AP also reported that manufacturers can apply for conditional approval. That's weird. For TPLink specifically, the Washington Post reported that multiple US agencies backed uh Commerce Department and uh let's see it was Commerce Department and somebody else but their proposal to
ban future sales of TPLink network devices over national security concerns. While TPLink disputed that its products pose such risks and argued that a U it is basically a US company. Tom's Hardware later reported that TPLink was seeking conditional FCC approval after, you know, the broader imported router restriction uh and was arguing that if it had separated um the software aspect from its Chinese-based parent, the government started asking whether some routers should be even on the shelf in the first place as companies were sort of complaining about this and looking at it. And so I decided to look at the firmware and the security posture of all of this so that I could, you
know, know what's going on. The national security debate is a little complicated. I don't want to get into that too much in this video, but we can test these things directly. Are they maintained? Are they maintained like critical network infrastructure or like disposable appliances with antennas? Does that even matter what brand it is? And some of the answers that I found were not comforting. So I decided to do another video on that on the Linux channel. And it's probably already up by now or up nowish. Also want to share a bit about the process here because it hasn't been just, you know, dump Shawn on this and stay up for 20 hours straight doing a bunch of testing and
then you uncover something and then you do some more tests and you, you know, the other weird side of the quest here has turned out to be AI. AI in, you know, like Dr. Anthem's 1865 wonder cure all sense where the bottle promises to cure gout, sadness, blindness, and poor quarterly earnings. Meanwhile, we all know that the secret ingredient there was cocaine all along. A lot of corporate AI right now feels like that. Your boss bought a bottle, nobody read the label, and now everyone's workflow is worse. But what Sean and I did here, what we ended up doing was different. We used local agents to rubber duck our process. And the rubber ducks talk back in this case. That's a
programming term. Programmers will know what I mean. For things that were skull crushingly boring parts of the testing, test weight. Check the result. Compare to the other result. Notice when something is missing. Fix the script. Run it again. Maybe run it again just for good measure. Don't hallucinate a conclusion because the spreadsheet looks tired kind of stuff. like you have a result file and you can look at the result file and you can compare stuff in the result file here AI was sort of useful for this project not magic not a product demo boring shop tool type useful so I'm breaking that out into its own video so I can explain more about how that work because I think there's a
version of AI assisted work here that isn't snake oil and it's really interesting and it's a separate conversation but I think it really only works when you build the harness yourself and that's our turnstone project on GitHub and we're basically keeping the rubber duck on a leash in other local AI Quinn 3.6 mostly running on our Turnstone project which is running in turn on our quad R9700 that was instrumental to us to keep a complete list of all the tests so we could quickly process what we had done and it's all decomposed into testable scripts and steps. The scripts run you get output you get the result you parse it you flag the anomaly and most importantly you don't improvise beyond the guard rails. It was also useful in
spot-checking and sanity checking results and cross-checking results and doing the usual thing that one does when one works through these problems. It turns out, see what I did there? Turnstone turns. Yeah, never mind. Uh maybe a great antidote to corporate AI nonsense is actually experiencing it this way. This is part of the reason why I'm so excited about this kind of thing. Sean and I used agents inside of a harness and we ran it locally and we saved cloud tokens and that's pretty exciting, but that's probably going to be a different video to talk about that. That'll that'll be on the Linux channel. Uh so for now I've just got a
preview of the security results for our TP link. Uh it's brutal. Uh it's the BE800 and our Netgear RS700. Also brutal. Uh, I mean, Negear is like, okay, TPLink is based on OpenWRT, but they don't really embrace the full OpenWRS. TPLink, if you're listening, embrace the full OpenWRS. may seem counterintuitive to your executive team, but having solid hardware that is open and auditable is going to put you far ahead of your competitors in this world that we find ourselves in where things are automatically uh auditable and you have things like Mythos maybe that's helping with security and blah. You see, if you go to OpenWRT's website and you look for the TPLink BE800, um, what you get is not in line with the GPL
stuff that TPLink offers on their website. There's a little bit of a disconnect there. I think TPLink doesn't want people to be able to clone their product, but it's based on OpenWRT, and OpenWRT is pretty good in and of itself." Now, OpenWRT also has some, you know, like if we were to do a security audit, that would be another different separate conversation. So, again, I don't want to, this is just kind of a meta video on the state of Wi-Fi 7 and and the insanity because Wi-Fi 7 is not the same as Wi-Fi 7 is not the same as Wi-Fi 7 certified. And a lot has gone into this. And thank you to our supporters and everybody that has gone into that. But look for our other coverage. Check out the reviews on the
forum. Engage below. engage on the forum. This is all about community and what do you have at home and this kind of thing because I'm really worried about like there is actually a real security aspect of your home router. Consider that the government is moving us toward requiring an ID to get on the internet. That's going to drive up the value of criminals co-opting your home network. And that is going to be a subject for a future video because we need to talk about that. And that may be even, you know, better motivation to DIY and just build your own router. Use these things as access points behind your router for better auditability. I don't know. But that's enough rambling
for this one. I'm one of those level one texts. This is what we do. If you're new, if you're first time hearing me ramble, sorry. Andor congratulations. Uh, you can find me in the level one forums. I'm signing out and I'll see you there.
