Slashdot Mirror

← Back to Stories (view on slashdot.org)

D-Link DIR-655 Firmware 1.21 Hijacks Your Internet Connection

Posted by timothy on from the not-polite dept.

chronopunk writes "Normally when you think of firmware updates for a router you would expect security updates and bug fixes. Would you ever expect the company that makes the product to try and sell you a subscription for security software using its firmware as a salesperson? I recently ran into this myself when trying to troubleshoot my router. I noticed when trying to go to Google that my router was hijacking DNS and sent me to a website trying to sell me a software subscription. After upgrading your D-link DIR-655 router to the latest firmware you'll see that D-link does this, and calls the hijacking a 'feature.'"

12 of 428 comments (clear)

  1. Re:Why... by TheRealMindChild · · Score: 5, Interesting

    Probably not. But what are you going to do about it? After enough stink, there will likely be a class action suit. No one that has been wronged will get real resolution (maybe a coupon for a new D-link model router for their trouble!). The amount paid out by D-Link will be less than the profit they get from these things. Business as usual.

    The only solution is to burn the place down or kill a few key people, then let them all know why. But no one is going to throw their life away on a bad router purchase.

    --

    "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
  2. Re:Why... by orclevegam · · Score: 4, Interesting

    If you RTFA it is something you can disable (at least according to the D-Link rep, I don't actually own one of these). It sounds like he's ticked off because it was slipped in with the firmware upgrade, enabled by default, and if you're not technically inclined you'd probably not realize what was causing the hijacking. It is a scummy thing to do, but hardly illegal, and it's being made out to be a lot worse than it actually is. Had it been disabled by default, or perhaps included instructions on the site it directs you to on how to disable it then it wouldn't be an issue.

    --
    Curiosity was framed, Ignorance killed the cat.
  3. More reasons never to go consumer again by Chas · · Score: 5, Interesting

    After massive amounts of pain with consumer/prosumer-grade (many of the D-Link) routers in the past two years, I finally dropped real money for a real broadband router earlier this year. So far, I've had months and months of trouble-free service.

    Now I start hearing crap like this. Makes me even MORE thankful I bit the bullet.

    Also "you can turn it off!" apologists? WHY IT IS ON BY DEFAULT? Moreover, tell that to some luddite who barely understands how to boot his computer.

    --


    Chas - The one, the only.
    THANK GOD!!!
  4. Google Should Sue by Nom+du+Keyboard · · Score: 4, Interesting

    This cannot be allowed to go unpunished. Google should sue since it was their domain name that was hijacked and a clear attack on their business.

    Google should sue because they have lots of high-priced lawyers and can really make DLink regret this.

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
  5. Re:Why... by Anonymous Coward · · Score: 5, Interesting

    What's annoying with things like this (and others) is that it just gets in the way and obstructs your work.

    I choose things based on their lack of snarkiness. I don't want a Windows PC full of crapware. I'd rather just pay the manufacturer a few extra bucks to cover the loss of crapware kickbacks. I used to run an AV, but occassionally, it would bring up a message telling me I wasn't fully protected because I wasn't running their antispam (despite running Thunderbird). When my renewal came up, I chose another company, and I told them that this was one of the reasons.

  6. Re:Linksys + alternative firmware by TrekkieTechie · · Score: 5, Interesting

    Mod parent up -- I've been running DD-WRT v23 SP2 on a 54GL and have had zero problems. Current uptime is 68 days, and that's only because I had to break down my equipment to move it to another room. Actual uptime would be more like a year, without ever having to look at it or even think about it.

    Isn't it nice when things just work?

  7. Re:Why... by Ron_Fitzgerald · · Score: 4, Interesting

    I agree that the WRT54GL with Tomato firmware has better QOS than stock Linksys firmware. I have 2 VOIP lines at home with this router and the call quality is noticeably better after the firmware push.

    --
    ~ Ron Fitzgerald
  8. Re:Why... by dgatwood · · Score: 4, Interesting

    I never said I was boycotting them in perpetuity. That said, these aren't isolated problems. Three out of five Netgear switches died, three out of three Netgear FA101/FA102 cards died within a couple of years, etc. It takes three bad experiences with a company's product to earn do-not-buy status unless one of those bad experiences is really serious (the Belkin USB-serial adapter that was shorted from the factory and nearly killed my computer, for example).

    At least in this DLink case, it's just a political do-not-buy, which might go away if/when they clean up their act. Their gear seems to be electrically mostly solid. That's why this bugs me so much. They were the only one that I hadn't had a long string of horrible hardware faults from. :-)

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.

  9. Using FLOSS, without the decency to acknowledge it by ChameleonDave · · Score: 5, Interesting

    What annoys be about my D-Link DSL-504T router is that although it runs some sort of customised GNU/Linux (I did "ssh admin@10.1.1.1" and had a look inside), their documentation and website make not the slightest mention of this, let alone make the source code available.

  10. Re:That's the end of D-Link. by MrNaz · · Score: 5, Interesting

    It's been a long time since I bought from DLink anyway. Their products are expensive, inconsistent, unreliable and plain ugly. I hate how they always use non standard names for things like port forwarding, making it hard to talk people through it over the phone.

    This is a new low for DLink, and is further vindication of my strict no-DLink policy.

    --
    I hate printers.
  11. Re:Why... by theshowmecanuck · · Score: 4, Interesting

    A number of years ago in Canada, the cable companies started 'giving away' literally everyone in the country a month of viewing on any new speciality channel that came up. Then when the month was over they would start charging you for it. You had to 'opt out' at the end of the month if you didn't want it. So, you would get the trial without asking and then they would start charging you without asking. There was a HUGE outcry and the government quickly stepped in and put a stop to it, making the 'opt out or be charged' practice illegal... at least for cable companies.

    --
    -- I ignore anonymous replies to my comments and postings.
  12. Re:That's the end of D-Link. by bhtooefr · · Score: 4, Interesting

    There's also a difference between bad engineering and bad assembly.

    The US automakers have learned this one the hard way - some of their cars have amazing engineering. But, all that engineering was let down by poor assembly quality (of both the component parts and of the car itself.)