FTC Sues D-Link for Poorly Secured Routers, Cameras The FTC has announced it has filed a lawsuit against hardware vendor D-Link, claiming the company consistently failed to take reasonable steps to protect its routers and internet-linked security cameras from hackers. According to the FTC announcement, an FTC inquiry found that while D-Link PR material consistently claimed the highest security standards, little to nothing was done by the company to eliminate a number of "well-known and easily preventable security flaws," such as:

• "Hard-coded" login credentials integrated into D-Link camera software -- such as the username “guest” and the password “guest” -- that could allow unauthorized access to the cameras’ live feed. • A software flaw known as “command injection” that could enable remote attackers to take control of consumers’ routers by sending them unauthorized commands over the Internet. • The mishandling of a private key code used to sign into D-Link software, such that it was openly available on a public website for six months; and • Leaving users' login credentials for D-Link’s mobile app unsecured in clear, readable text on their mobile devices, even though there is free software available to secure the information. "Hackers are increasingly targeting consumer routers and IP cameras -- and the consequences for consumers can include device compromise and exposure of their sensitive personal information,” said Jessica Rich, director of the FTC’s Bureau of Consumer Protection. “When manufacturers tell consumers that their equipment is secure, it’s critical that they take the necessary steps to make sure that’s true." The FTC's announcement comes on the heels of a settlement with Asus earlier this year regarding that company's similarly-lax security standards. The full The FTC's announcement comes on the heels of a settlement with Asus earlier this year regarding that company's similarly-lax security standards. The full FTC announcement has additional detail. There's also some additional conversation ongoing in our security forum







News Jump Europe's Top Court: Net Neutrality Rules Bar Zero Rating; ViacomCBS To Rebrand CBS All Access As Paramount+; + more news Verizon To Buy Reseller TracFone For $7B; 5G Not The Competitive Threat To Cable Many Thought It Would Be; + more news MS.Wants Records From AT&T On $300M Project; Google Fiber Outages In Austin, Houston, Other Texan Cities; + more news States With The Biggest Decreases In Speed; AT&T Hopes You'll Forget Its Fight Against Accurate Maps; + more news AT&T's CEO Has A Familiar $olution To US Broadband Woes; EarthLink Files Suit Against Charter; + more news 5G Doesn't Live Up To Hype, AT&T's 5G Slower Than Its 4G; Cord-Cutting Now In 37% of Broadband Households; + more news FCC Cited False Broadband Data Despite Warnings; ZTE, Huawei Replacement Cost Is $1.87B, But Only $1B Allocated; + more Cogeco Rejects Altice USA's Atlantic Broadband Bid; AT&T Is Astroturfing The FCC In Support Of Trump Attack; + more news Big CBRS Auction Winners: Verizon, Windstream, Dish, Cablecos; Altice USA makes play for Atlantic Broadband; + more news Verizon, SpaceX, CenturyLink, Charter Among RDOF Bidders; Streaming 1st Choice For 50% Of Viewers: What Now? + more news ---------------------- this week last week most discussed

Most recommended from 16 comments

FactChecker

Premium Member

join:2008-06-03 1 edit 7 recommendations FactChecker Premium Member Consumer Electronics Accountability Until the consumer electronics industry is held accountable for device hacking, this will get worse with cheap and insecure IoT. existenz

join:2014-02-12 2 recommendations existenz Member Will anti-virus companies managing routers become the future? www.pcmag.com/news/35084 ··· i-router quote: The Arris Surfboard SBG7580-AC is the first device to come embedded with the McAfee Secure Home Platform. It's protection that's nearly identical to the McAfee security software you might have installed on your desktop or laptop, except it extends to every device on your home network. If your baby monitor is hijacked by a botnet, for instance, the router will sense the suspicious traffic and suspend its Internet access.

Might be somewhat better for non-upgradable IoT devices and clueless consumers. Might be somewhat better for non-upgradable IoT devices and clueless consumers.