Ubiquiti is all cloud based. If the government wants in to your auto-updating ubnt hardware, it's just a simple court order away. They don't need a backdoor.
That's part of the reason I've started moving away from their routers - I still have an Edgerouter but never went to the Dream Machine or USIP routers. At the moment the OPNSense appliances [1] which are made by the company that sponsors the fork (Deciso B.V.) are my pick for that. They're an EU company, and the thing runs fully open source software on a commodity embedded AMD chip.
I'm still using the access points, since I can run my own controller still, either virtualised in a container or VM, or a raspberry pi and you don't have to connect it to the cloud. I haven't found anything better, TP Link seem to have some interesting looking stuff but I worry about the security given they're based in Shenzhen...
It may be auto-updating by default, but that can be trivially disabled. Likewise, their cloud connectivity/management is optional. I'm running without issue multiple air-gapped Ubnt networks using their self-hosted controller software.
Perhaps there is some new watered down usage (like what happened to "literally" or "bricked") but that is precisely why people use the term "air-gapped" - to denote networks with PHYSICAL separation from other means of access.
(Of course, if you connect an AP, it's no longer air-gapped."
All your computers are plugged into the mains for electricity... Always, always the thing that's ubiqutious is the perfect entrance for the oppressors, since noone suspects anything about those innocent things.
Yeh but it is still closed source, no?
I guess if it is air gapped that could be fine, but we are talking mid level network gear here, so for 99% of its use, it isn't air gapped. It is enabling broader connectivity.
So you would have to trust the closed source software at some point.
