FTC Forces Asus To Improve Router Security

An anonymous reader writes: The FTC is actively trying to make sure that companies secure the software and devices that they provide to consumers, and a settlement with Taiwan-based hardware maker ASUSTeK Computer is one step towards that goal. The complaint was raised after well-meaning hackers exploited a weakness on Asus routers and left note on victims' drives notifying them of the matter. Later, a researcher discovered an exploit campaign that abused vulnerabilities to change vulnerable routers' DNS servers. According to the settlement, the company will have to establish and maintain a comprehensive security program subject to independent audits for the next 20 years.

Re:Overreach much?

[gstoddart]

We don't want caveat emptor for this shit, we want companies who are accountable for the security of the products they make.

Do you want to live in a world where security boils down to "too bad, suckers"?

This bullshit of caveat emptor is why we have such shit security on the web in the first place.

More companies need to get their knuckles rapped and have penalties when they do an incompetent job at securing such stuff.