Menu
What's new
By:
Filters Better Search

FTC suing D-LINK for lax IP camera, router security

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Wutikorn said:
The reponse is interesting. FTC now has to publicly show if D-Link products are vulnerable to such problems.
Click to expand...

5 minutes of Googling should support at least some of the FTC's allegation as to DLink failing to take appropriate measures to ensure proper security. I remember of at least two occasions where a security hole was found, and the initial fix provided by DLink did NOT resolve the issue, requiring a second security update from them (one was related to a HNAP hole, the other was related to the Joel backdoor).
 
What I would like to know is who dropped the dime on D-Link to the FTC. Someone had the long knives out, especially with the announcement timed to CES.

I also think the mention of the closing of a similar FTC action against ASUS in the FTC announcement is interesting. Didn't even hear about that one.
 
thiggins said:
What I would like to know is who dropped the dime on D-Link to the FTC.
Click to expand...

Wouldn't it be funny if company A complained about B, then B complained about C, and ultimately the FTC would progressively hit them all with "stop sucking and start securing your shirt".

thiggins said:
I also think the mention of the closing of a similar FTC action against ASUS in the FTC announcement is interesting. Didn't even hear about that one.
Click to expand...

Odd, the announcement was discussed a fair amount on SNBforums at the time. Asus have to go through mandatory security audit for the next 20 (!) years, in addition to other requirements.
 
This is bad news for me as I have one D-Link IP Camera in my house. I didn't know that its app uses HTTP for password transmission, but I don't use common password for it anyway. However, I hope FTC go through security audits with all manufacturers so that most products will be more secure.
 
thiggins said:
What I would like to know is who dropped the dime on D-Link to the FTC.
Click to expand...

From a business perspective - I don't think any one of D-Link's competitors would have tipped things off - as they would have been at risk for the same things... It's a fair warning for all the consumer oriented players... fix stuff or get busy in the woodshed...
 
sfx2000 said:
I don't think any one of D-Link's competitors would have tipped things off - as they would have been at risk for the same things...
Click to expand...

Plenty of folks who live in glass houses, so I still wouldn't rule that out.
 
Nice writeup on the FTC vs DLink...

http://blog.erratasec.com/2017/01/notes-about-ftc-action-against-d-link.html

The suit is not "product liability", but "unfair and deceptive" business practices for promising "security". In addition, they interpret "security" different from the cybersecurity community.

This needs to be stressed because right now in our industry, there is a big discussion of product liability, insisting that everything attached to the Internet needs to be secured. People will therefore assume the FTC action is based on "liability".

Instead, all six counts are based upon the fact that D-Link offers its products for securing networks, and claims they are secure. Because they have backdoor passwords, clear-text passwords, command-injection bugs, and public private-keys, the FTC feels the claims of security to be untrue.​
 
You must log in or register to reply here.

Similar threads

torstein
Avoid Consumer Routers
2
Replies
39
Views
7K
netware5
netware5
D
  • Locked
Ars: D-Link agrees to settle FTC charges
2
Replies
28
Views
9K
thiggins
thiggins
sfx2000
D-Link taken to FTC woodshed over Privacy and Security issues..
Replies
3
Views
2K
RMerlin
RMerlin
thiggins
D-Link CES 2017 Announcements
Replies
0
Views
3K
thiggins
thiggins
thiggins
D-Link Announces Apple HomeKit Compatible 180-Degree Camera
Replies
3
Views
4K
e38BimmerFN
e38BimmerFN
Similar threads
Thread starter Title Forum Replies Date
sfx2000 Security - D-Link VPN devices recommended to remove/replace.. General Network Security 0
O US lawmakers urge probe of WiFi router maker TP-Link over fears of Chinese cyber attacks General Network Security 14
D News [Ars] Critical takeover vulnerabilities in EOL'd D-Link NASes are being exploited General Network Security 2
PR3MIUM News Mirai DDoS malware variant expands targets with 13 router exploits [D-Link, TP-Link Archer, Yealink, Zyxel...] General Network Security 10

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 898 (members: 31, guests: 867)
Top