FTC Takes D-Link To Court Citing Lax Product Security, Privacy Perils

Reader coondoggie writes: The Federal Trade Commission has filed a complaint against network equipment vendor D-Link saying inadequate security in the company's wireless routers and Internet cameras left consumers open to hackers and privacy violations. The FTC, in a complaint filed in the Northern District of California charged that "D-Link failed to take reasonable steps to secure its routers and Internet Protocol (IP) cameras, potentially compromising sensitive consumer information, including live video and audio feeds from D-Link IP cameras." For its part, D-Link Systems said it "is aware of the complaint filed by the FTC." According to the FTC's complaint, D-Link promoted the security of its routers on the company's website, which included materials headlined "Easy to secure" and "Advance network security." But despite the claims made by D-Link, the FTC alleged, the company failed to take steps to address well-known and easily preventable security flaws such as "hard-coded" login credentials integrated into D-Link camera software -- such as the username âoeguestâ and the password âoeguestâ -- that could allow unauthorized access to the cameras' live feed, etc.

D-Link doesn't learn or doesn't care (or both)

[Ritz_Just_Ritz]

They have a history of sluggish or non-existent responses to vulnerabilities going back for many years. About 10 years ago they also had that high profile incident where they were randomly abusing NTP servers belonging to other organizations and they shrugged it off for a long time until there was a big public stink. I don't know why anyone buys that crap or trusts them with any of their data.