Slashdot Mirror

← Back to Stories (view on slashdot.org)

TP-LINK Loses Control of Two Device Configuration Domains (helpnetsecurity.com)

Posted by msmash on from the security-woes dept.

Reader Orome1 writes: Security researcher Amitay Dan warns that tplinklogin.net, a domain through which TP-LINK router owners can configure their devices, is no longer owned by the company, and that this fact could be misused by malware peddlers. TP-LINK has confirmed that they no longer own the domain in question, and will not be trying to buy it from the unknown seller for now. Instead, they intend to change the domain in the manuals to a newer one that's already in use.ComputerWorld has more details.

86 comments

  1. Who gives a shit? by Anonymous Coward · · Score: -1

    How does TP-LINK affect me or anyone I know? Nobody uses this. It doesn't matter to anyone and certainly isn't news. I'll get insulted and modded down, but nobody will be able to justify why this matters to anyone.

    1. Re:Who gives a shit? by Dunbal · · Score: 5, Informative

      I use TP-LINK network bridges. There are other people in the world besides yourself.

      --
      Seven puppies were harmed during the making of this post.
    2. Re:Who gives a shit? by ledow · · Score: 1

      Because this is commodity hardware that's available in almost any IT-related shop, even the dumbest:

      http://www.pcworld.co.uk/gbuk/...

      Lots of people have bought that router, and they could now all be compromised. Besides that, this is an IT site. If it was Cisco, you'd be up in arms.

    3. Re:Who gives a shit? by Maritz · · Score: 0

      See where you went wrong there is, you thought anyone would give a fuck what you think. I racked one for a customer today because he's a cheap bastard. So they get used. And this is a gigantic bollock to drop as a tech company, hence, newsworthy.

      --
      I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
    4. Re:Who gives a shit? by Anonymous Coward · · Score: 1

      Why does a router need "a domain through which to configure it"? Don't you just connect to a 192.168 address with a browser?

    5. Re: Who gives a shit? by slazzy · · Score: 1

      Tp link dispite being a noname router manufacturer to many actually makes great equipment for about 1/2 the price of other brands often performing better. Don't beleive me? Check out reviews anywhere. Not sure the domain control thing matters as most people just use the lan address.

      --
      Website Just Down For Me? Find out
    6. Re:Who gives a shit? by __aaclcg7560 · · Score: 4, Funny

      There are other people in the world besides yourself.

      You mean out in the big blue room with the bright light? This is Slashdot. We don't mention those people.

      .

    7. Re:Who gives a shit? by mysidia · · Score: 3, Insightful

      That was what you did PRE-CLOUD. Now all the vendors want you to go through their website.

      That way, later, when they discontinue the product --- they can require you purchase an upgrade, next time you want to make changes.... Or even better, they can bill you a monthly fee, and turn your network off if you forget to renew the license; e.g. Meraki.

    8. Re:Who gives a shit? by aglider · · Score: 1

      Not everyone is like you! Here it's how it can happen!

      --
      Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
    9. Re: Who gives a shit? by Anonymous Coward · · Score: 0

      "Who gives a shit?"

      Well, that is what the "TP" is for silly! It's for yer bunghole after you insert these products where they belong.

    10. Re:Who gives a shit? by Anonymous Coward · · Score: 1

      And they can upgrade the firmware of your router to add a backdoor when needed...

    11. Re:Who gives a shit? by jittles · · Score: 2

      I use TP-LINK network bridges. There are other people in the world besides yourself.

      Well maybe you should reconsider since, apparently, the company must not be solvent enough to afford a $10 per year domain registration.

    12. Re:Who gives a shit? by __aaclcg7560 · · Score: 1

      Why does a router need "a domain through which to configure it"?

      Corporate networks typically have domain servers.

      Don't you just connect to a 192.168 address with a browser?

      Most corporate networks are set to 10.0.0.0 for addresses. When I did a PC refresh project at a Fortune 500 company, the engineers wanted to keep their old workstation but the IT department wouldn't open more ports and/or provide switches. The engineers brought old routers from home to use the switch portion but didn't turn off the DCHP server for the router. Nearby workstations picked up the 192.168.0.0 addresses, unable to access the corporate network, and users complained to help desk. Took the IT department all morning to track down the half-dozen rogue routers.

    13. Re:Who gives a shit? by Anonymous Coward · · Score: 0

      I use them by the ton. I haven't bought a non TP-LINK router in over 5 years.

    14. Re: Who gives a shit? by corychristison · · Score: 1

      I use one of their wireless routers.

      I think I paid $30 for it over 3 years ago when my $120 Netgear router crapped out.

      I chose this one specifically because I could install DD-WRT on it. While I would have prefered Tomato Firmware, I needed something cheap and fast at the time.

      No issues with it since I installed DD-WRT on it. Someone maintains an up to date firmware for this specific device (I don't have the model number with me), with regular updates every 2-3 months.

    15. Re:Who gives a shit? by Calydor · · Score: 1

      I'm curious.

      If your router's settings are fubar and won't let you go online, how do you connect to the cloud to change the router's settings so you can go online?

      --
      -=This sig has nothing to do with my comment. Move along now=-
    16. Re: Who gives a shit? by Rufty · · Score: 1

      TP-Link stuff is generally pretty OK, but with OpenWRT (for the models and versions which are capable) is very nice.

      --
      Red to red, black to black. Switch it on, but stand well back.
    17. Re:Who gives a shit? by neilo_1701D · · Score: 2

      I use TP-LINK network bridges. There are other people in the world besides yourself.

      Well maybe you should reconsider since, apparently, the company must not be solvent enough to afford a $10 per year domain registration.

      Much like Google couldn't afford $12 last year...

    18. Re:Who gives a shit? by Niddix · · Score: 1

      You don't have to go to the web to configure the router. Its a hard coded DNS entry that points to the router address. Netgear does it as well. This could be an issue if you've changed the DNS you are using from the router to something else. But I'd bet if you've done that, you are managing the router through the IP address and not this tplinklogin.net.

    19. Re:Who gives a shit? by tripleevenfall · · Score: 1

      Well, I for one think this is important. How else can the government ensure we are safe from terror, tax evasion, and political subversion if they aren't allowed to install backdoors in our network hardware?

    20. Re:Who gives a shit? by war4peace · · Score: 1

      Phone, 3G.

      --
      ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
    21. Re:Who gives a shit? by Anonymous Coward · · Score: 0

      It redirects based on the settings of the router. Even if you're not online, if you're able to get to the wireless login page, kind of like the captive portal logins that show up before you log into the internet.

    22. Re:Who gives a shit? by bws111 · · Score: 1

      It has nothing to do with 'the CLOUD' or any such nonsense. The internal name server in the router resolves that name to ITSELF.

    23. Re:Who gives a shit? by Anonymous Coward · · Score: 0

      If they don't have dedicated switches, they probably aren't very good engineers. They are like 10 bucks for a 5 port switch and no network issues.

    24. Re:Who gives a shit? by SmokeBogey · · Score: 1

      Presumably because home users are afraid of the scary computer language address they'd have to type in, so they used those domains. I would be OK with that if the domain always resolved locally via the router, but why the fuck would I ever want to go on the internet to configure my LAN?

    25. Re:Who gives a shit? by jittles · · Score: 1

      I use TP-LINK network bridges. There are other people in the world besides yourself.

      Well maybe you should reconsider since, apparently, the company must not be solvent enough to afford a $10 per year domain registration.

      Much like Google couldn't afford $12 last year...

      If I recall correctly, that was actually due to a software bug in Google's own domain registration service that allowed him to register the google domain. If I recall correctly, the software reverted the registration almost immediately, too.

    26. Re:Who gives a shit? by bws111 · · Score: 1

      It IS always resolved locally via the router. The issue is NOT for people with these routers, it is for anyone else who goes to that domain.

    27. Re:Who gives a shit? by __aaclcg7560 · · Score: 1

      If they don't have dedicated switches, they probably aren't very good engineers. They are like 10 bucks for a 5 port switch and no network issues.

      These engineers were trained computer scientists. From my experience with computer scientists, they don't know squat about hardware. They just pulled hardware out of their junk boxes, put it into service and whined to help desk when the network goes FUBAR.

    28. Re:Who gives a shit? by bws111 · · Score: 4, Insightful

      The router resolves that domain to the 192.168 address of the router. It has nothing to do with 'the evilz CLOUD'. Only on /. does idiocy like this get modded 'insightful'.

    29. Re: Who gives a shit? by Anonymous Coward · · Score: 0

      While I would have preferred Tomato Firmware, I needed something cheap and fast at the time.

      Better Tomato Firmware than the Asparagus Firmware, anytime data leaves the port there is a real pungent smell.

    30. Re:Who gives a shit? by TheRaven64 · · Score: 1

      It's only resolved by the router if it's the only router on the network. If you're configuring a new AP on an existing network then you will already have DNS set up and so the external thing will resolve.

      --
      I am TheRaven on Soylent News
    31. Re:Who gives a shit? by Hall · · Score: 1

      Because a sequence of random numbers, 'dots', and so on are too complicated for most users. Everything they type in the address bar has to start with "dubbayu, dubbayu, dubbayu" anyway, doesn't it ?

    32. Re: Who gives a shit? by Anonymous Coward · · Score: 0

      Put it all in "the cloud". Whst could go wrong?

    33. Re:Who gives a shit? by Dunbal · · Score: 1

      I won't. They happen to fix my wifi coverage problem nicely and are on my side of the network, so good luck to anyone who wants to "hack" in. I won't invite them to my house anymore.

      --
      Seven puppies were harmed during the making of this post.
    34. Re: Who gives a shit? by Anonymous Coward · · Score: 0

      Took all morning? Really?

      I work for a very small company and the one time someone tried something similar (bringing in an old router from home because they "needed more ports" in a particular office) it took seconds for my network monitoring to alert me to an unauthorised device on the network and even less time for the switch port to automatically disable because of an unrecognised MAC on the port. I would hope a fortune 500 would do things better than have such an open network in this day and age.

    35. Re: Who gives a shit? by __aaclcg7560 · · Score: 1

      Took all morning? Really?

      The single IT tech had to search multiple floors in a office building to find the half-dozen rogue routers hidden behind multiple workstations underneath the desks.

      I would hope a fortune 500 would do things better than have such an open network in this day and age.

      This particular company had an open network where anything plugged in could get on the network. I've worked at other Fortune 500 companies that required a help desk ticket to open a port on the switch. If you have a rogue wireless access point at Cisco, security will immediately show up to confiscate the AP and investigate you for criminal intent.

    36. Re:Who gives a shit? by Anonymous Coward · · Score: 0

      Not if you are behind a firewall that blocks the connection. Then flash away to OpenWRT or DD-WRT. To get around "blocked" flashing, pop the cover and connect to the async port. You can use Ethernet to pull in the files. Or just X-, Y-, or Z-modem (slow but workable) to copy in.

      So to base poster of thread question is correct, "Who gives...?"

    37. Re:Who gives a shit? by Anonymous Coward · · Score: 0

      How does TP-LINK affect me or anyone I know?

      The reason why nobody will be able to explain this to you in a way you can understand is that you are - demonstrably - simply too stupid.

    38. Re:Who gives a shit? by Anonymous Coward · · Score: 0

      " From my experience with computer scientists, they don't know squat about hardware."

      This was a huge reason i switched away from a CompSci degree, i like hardware too much. I was SHOCKED when i ended up doing a ton of upgrades and repairs for my classmates. They had the worst, low-power, el-cheapo machines.

    39. Re: Who gives a shit? by davester666 · · Score: 1

      dns was one of the first things we put in the cloud.

      --
      Sleep your way to a whiter smile...date a dentist!
    40. Re:Who gives a shit? by Anonymous Coward · · Score: 0

      But this new way allows NSA Cybersecurity to reconfigure the router when necessary.

    41. Re:Who gives a shit? by Anonymous Coward · · Score: 0

      Or they can be like Cisco where they require you to have a support contract just to get access to the firmware updates. If you don't pay for the support contract, you can't get the new firmware, which means if there is a vulnerability in your version, you're screwed.

    42. Re:Who gives a shit? by Anonymous Coward · · Score: 0

      It would get modded insightful elsewhere, except most other sites don't have "insightful" as a moderation option.

      Actually it is depressing to see it modded insightful, this is supposed to be a community of geeks and nerds who should have some awareness of this shit, not surprising though, /. isn't what it once was.

    43. Re:Who gives a shit? by mysidia · · Score: 1

      Network vendors are doing this. So I get the update that this is not what TP-LINK is doing here. That does not invalidate my point though..... Be VERY careful about other vendors requiring you to use an external link to configure local equipment or making Calls out to home.

      I would check really thoroughly, and if there's not a way to turn it off, return the product to merchant before the return period runs out.

    44. Re:Who gives a shit? by mysidia · · Score: 1

      If your router's settings are fubar and won't let you go online, how do you connect to the cloud to change the router's settings so you can go online?

      You call customer support. Usually they have a 'factory reset' button which will revert the device to grabbing its configuration from DHCP, so it can get back online.

      They may have one of those 'diagnostic acoustic interfaces', where you do a button sequence, then hold your phone up to the device, and new settings are loaded onto it.

      They may direct you to send it back, receive a replacement, Or get the software CD out, or plug a USB cable into the device which loads software on your PC to re-configure the WAN interface settings.

      They may also direct you through a "technical support console" which requires connecting with telnet and then entering the response to a challenge code support will provide you.

      Some of them may have a stripped-down webui available on the local LAN after factory reset, which will provide just enough configuration to connect to the cloud.

    45. Re: Who gives a shit? by Anonymous Coward · · Score: 0

      Yeah, shortly afterwards you know what happened?

      Eternal September, that's what happened. I blame you!

    46. Re:Who gives a shit? by mysidia · · Score: 1

      you can't get the new firmware, which means if there is a vulnerability in your version, you're screwed.

      Cisco has a Free security updates policy for their equipment. You don't need a support contract --- you just will not be able to download it directly without calling in TAC on the phone.

      As long as the model is not end of life, you can call in TAC support for a free security update, and you'll get the version with security bugs patched.

      You will not get other upgrades, bugfixes, or enhancements. They'll provide you the code based on your current version with only the security patches applied to it.

    47. Re:Who gives a shit? by Anonymous Coward · · Score: 0

      It has everything to do with the cloud, because it's cloud thinking. Keeping your configuration or files or services on somebody else's computer is the core concept of what cloud infrastructure is.

  2. Hey PopeRatzo, check this out! by Anonymous Coward · · Score: -1

    NIGGERS

    HILLARY 2016!

  3. Summary makes it sound worse than it is by Anonymous Coward · · Score: 5, Informative

    The CW article says the router intercepts that domain name and redirects to an internally hosted web page.

    1. Re:Summary makes it sound worse than it is by Anonymous Coward · · Score: 0

      Indeed; the new owner of the domain will be disappointed.

    2. Re:Summary makes it sound worse than it is by wbr1 · · Score: 2
      Yes. May do this, netgear uses routerlogin.net. I am old school and always use the IP.

      But, imagine Joe User. Let us say that there are 150,000,000 Joe user routers out there. Let us say Joe User needs to access his router 1.5 times per year. Let us say that after accounting for everything, .5% of the time Joe user remembers the bad tplink address, but no longer uses a tplink router. That is 750,000 chances to redirect Joe User to a password phishing page, or.. download this critical TP-Link update!

      These numbers are conjecture, but plausible. If you were a black hat, wouldn't you want a shot at even half those numbers?

      --
      Silence is a state of mime.
    3. Re:Summary makes it sound worse than it is by Anonymous Coward · · Score: 0

      That's not TP-Link's fault.

      That's like saying Circuit City went out of business, someone else buys up the domain name and setups a fake web presence that's really a password phising page or worse.

      Joe User has shopped at Circuit City online for years, and .5% of the time Joe User types in CircuitCity.com rather than NewEgg, BestBuy, etc... OMG! The W0RLD ENDS!

      No. The end user is a moron. Even more so if they go to the site of a product they don't even have anymore.

    4. Re:Summary makes it sound worse than it is by Anonymous Coward · · Score: 0

      I am old school and always use the IP.

      That is NOT old school.

      That is n00b.

      Yah, I knew Postel, and was part of the switchover from SRI host tables to DNS. Reliance on IPs is stupid 1990s cisco nonsense, don't put that idiocy on us oldtimers.

    5. Re:Summary makes it sound worse than it is by Anonymous Coward · · Score: 0

      That's all well and great that the device intercepts the dns request and redirects. However is it really a good thing when a device hijacks requests for a domain? In this case it's not that bad but generally speaking it seems a poor practice for reasons I will let you speculate on ;)

    6. Re:Summary makes it sound worse than it is by Anonymous Coward · · Score: 0

      There is already a solution on Windows 7 and later for this that doesn't use hard-coded IP addresses or hoping that the router you want intercepts the DNS request. You can directly access the router's announced management URL if you use the "Devices and Printers" or the "Network Map" in the Control Panel.

    7. Re:Summary makes it sound worse than it is by WallyL · · Score: 1

      I confess, I've used lots of home routers over the years, and have set up friends' and neighbors' routers, and I've never heard of using a domain name that the router intercepts. I've always just used IP addresses. If 192.168.1.1 or 192.168.0.0 wasn't it, I just googled the defaults for that router.

    8. Re:Summary makes it sound worse than it is by wbr1 · · Score: 1

      Unfortunately, I cannot FTP to the SRI server from here. I have to telnet to another network, FTP the file from there, then ymodem it back across this link.

      --
      Silence is a state of mime.
  4. Just like using Facebook by Anonymous Coward · · Score: 0

    When you use products like this, you get eat you deserve. When you use Facebook, you put yourself at risk. This is no different...

    1. Re: Just like using Facebook by Anonymous Coward · · Score: 0

      Yes, having the equivalent of DDNS is exactly like signing up for Facebook.

      Fuck off, you idiot.

  5. REMEMBER THIS ONE? by Anonymous Coward · · Score: 0

    All your bases are belong to us!

    Fucking chinease just don't know jack about nothing security.

  6. right to use hardware and change the software by Anonymous Coward · · Score: 0

    Think about such issues the next time a device manufacturer wants restrict what you can do with the hardware you purchased. Such as examining and changing behavior, including security issues like this.

    Shipping devices using patched-up software stacks put together god knows where... leaving customers exposed and vulnerable.

  7. Don't buy shit that calls home! by denis-The-menace · · Score: 1

    If it needs to call home to function, this shit will happen.

    Cisco does this shit too.
    Sure they still own the DNS address but it sets YOU up for a DNS-based attack, a oops-we-bricked-your-shit, or Spooks need access to your network.

    --
    Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
    1. Re:Don't buy shit that calls home! by Anonymous Coward · · Score: 0

      I don't think it calls home at all. It just "intercepts" that DNS request and is handled by it's internal site (internal to the router)

  8. Jeeessus, TP-Link, who makes your decisions? by Anonymous Coward · · Score: 0

    Can you give less of a fuck about security than that? Granted, TP-Link isn't particularly known for great or backdoor-less firmware, but still, such a public failure to secure your products should put a real dent in your sales.

    1. Re:Jeeessus, TP-Link, who makes your decisions? by LVSlushdat · · Score: 1

      I don't care.. As long as I can put Tomato/DDWrt/OpenWRT on a router, getting rid of the universally crappy f/w that comes with these commodity routers, I'll use em... My customers are cheap, but they keep food on my table...

      --
      THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
    2. Re:Jeeessus, TP-Link, who makes your decisions? by bill_mcgonigle · · Score: 1

      TP-Link is not known for smart decisions. They were the first to interpret the new FCC regs as a big F-U to the open source community:

      http://arstechnica.com/informa...

      It's a shame - I have one of their devices serving my guest network pretty much flawlessly (using openwrt, of course). Never again.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  9. Keep it simple by Anonymous Coward · · Score: 0

    Why not use local IP address to access configuration page? I think typing 192.168.0.1 is simpler, faster and error-proof than typing tplinklogin.net

    1. Re:Keep it simple by laurencetux · · Score: 1

      most geeks that are within 2 gens of The Elders have typed that so many times its not even conscious behavior.

      However script kiddies won't have this habit

      random geek test for you

      1 The next 2 lines of the following are?
      He died at the console,
      Of hunger and thirst.

      2 what is this a reference to?

      3 the main difference between a 56K modem handshake and a 33.6 handshake is what sound pattern??

      4 what is the difference between a PS/2 connection and an S-Video connection??

      5 how is a 568A connection wired? (and what happens if you wire the other end as 568B?)

      6 why are the colors setup like that?

      7 what size were the windows 95 floppy disks? (bonus question how many??)

      if you can answer those questions without Google then you don't need the hack that now fails

    2. Re:Keep it simple by Qzukk · · Score: 1

      These days, routers seem determined to pick random IP addresses to try and force you to use their configuration tools. My home router is .1.254. Thankfully route still works to tell me where the router is.

      Chrome used to do a pretty fancy thing where it would autocomplete your router's IP address (and say that this is your router's address). It doesn't seem to do that anymore.

      --
      If I have been able to see further than others, it is because I bought a pair of binoculars.
    3. Re:Keep it simple by Anonymous Coward · · Score: 0

      It is a security feature to help prevent bruting the password or CSRF attacks from using common IP addresses like .0.1 or .1.1 by the router.

  10. That's sad by Anonymous Coward · · Score: 0

    the $5 a year was too much to maintain the security of its customers.

    very sad

  11. And thus we see... by Anonymous Coward · · Score: 0

    ... that domain management is a little more involved than just registering it.

    Had they used something like myrouter.tplink.com, they'd've still been in full control.

    Bottom line: You do have to sit down and think, and come up with a strategy for this sort of thing. Something you can stick with for a couple decades. And to do it properly, you need to actually have some DNS clue. Why this is entirely too hard for manufacturers of networking equipment is a mystery to me.

  12. You didn't actually read that article. by Anonymous Coward · · Score: 1

    You didn't actually read the article, it wasn't that they didn't pay for their domain, it was that there was a bug in their own registrar software that allowed someone else to register their domain even though the domain was already registered.

    1. Re: You didn't actually read that article. by Anonymous Coward · · Score: 0

      From the TFGoogleA:

      "Googleâ(TM)s not the first to run into weird domain problems. In 2003, Microsoft failed to renew its Hotmail.co.uk web address, and someone else bought it. While in Googleâ(TM)s case it was bought from Google itself and quickly canceled, Microsoft had to ask the buyer to return it to them."

  13. Did somebody notice? by Anonymous Coward · · Score: 0

    Why are the experts from Help Net Security just copy-pasting text from other sources and then spamming slashdot? Two-thirds of that article is copy-paste.

  14. OpenWRT on DIR-645 by xarragon · · Score: 2

    I couldn't agree more. Just replaced my old WRT54GL router with a dirt-cheap D-Link DIR-645 that was on clearance sale. Just checked that it could run OpenWRT before I bought it. Works like a dream with my USB 3G dongle, have had it for 3 months now. The original firmware would not even support modems, forcing you up to more expensive models despite the hardware being more than capable.
    You can easily flash back the original firmware if you need to return it for warranty purposes. Most routers run U-Boot these days, it has never been easier to get a top-notch router for pennies. This is why we need the freedom to tinker!

  15. Are you fucking kidding me? by ilsaloving · · Score: 1

    They screwed up in a breathtaking way by losing their domain, and they arn't even going to fix it, putting countless people at risk of unknown bad actors?

    I've never used these autoconfig domains myself, and I recently stopped using a TP-Link router I had because I just happened to buy an Asus instead. But with this news, I will *never* buy another TP-Link router again.

    Decent network security is hard enough to maintain as it is, without having this sort of gross incompetence happen on top of it. Between this and the fact that TP-Link announcing that they will no longer permit 3rd party firmware on their devices, TP-Link is now a non-starter for me.

  16. Because $15/year is worth more than... by Gondola · · Score: 1

    ...the security of thousands of customers. Way to go, TP-Link.

    1. Re:Because $15/year is worth more than... by Anonymous Coward · · Score: 0

      It'll cost more than $15 to fix it and get the name back. Also, this won't really affect their customers. If you are using a TP-Link router, it will intercept the query and automatically redirect it, it really doesn't matter who owns the domain. There is only a risk for those who aren't using a TP-Link router, have turned off the DNS functionality of the router, or have flashed a custom firmware. The last two of those should know enough to know better than to use that url, and the first shouldn't be using it at all.

    2. Re:Because $15/year is worth more than... by msauve · · Score: 1

      You're a naif if you think the domain squatter who bought the expired domain will give it back for nothing.

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    3. Re:Because $15/year is worth more than... by Gondola · · Score: 1

      You're a poor reader if that's how you interpreted my statement.

      It's a company's responsibility to renew their domains *before* they expire.

  17. DON'T USE PUBLIC DOMAINS FOR INTERNAL RESOURCES by Anonymous Coward · · Score: 0

    Why the fuck can't people get this through their heads? It's bad enough that nearly every "IT person" is too fucking stupid/lazy to use a domain that will never resolve to a public server for the internal network. It's EVEN FUCKING WORSE that the networking equipment manufacturers are using PUBLIC DOMAINS BY DEFAULT. Seriously, WHAT THE FUCK?

    Networking 101: DO NOT USE PUBLIC DOMAINS FOR INTERNAL NETWORK RESOURCES

  18. Why do companies do this? by Anonymous Coward · · Score: 0

    Lots of companies do this stupid ritual of registering lots of domains for different projects and then when renewal comes along the company forgets about it and it lapses and then it causes them to run around screaming and shouting at people saying "Why did you not renew" What don't these firms just have one main domain like tp-link.com and then use sub-domains for each project and that why they don't have to worry about hundreds of silly registered domain names.

  19. Isn't there a trademark issue? by BitterOak · · Score: 1

    If the new owner of the domain puts anything up at tplinklogin.net, especially a fake login/phishing page, couldn't they be sued by TP-Link for trademark infringement?

    --
    If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
  20. Please protect me by peawormsworth · · Score: 1

    I just want a router that I buy and goes in my home, but protects me from going to all the bad sites, disturbing content that offends me and can be turned off if a terrorists break into my home and try to use it to access hate material. Do they sell that?