Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

FTC Slaps Asus with 20-Year Audit for Shoddy Router Security

Security fail

Asus has settled charges with the FTC alleging that Critical Security flaws in its routers and cloud services put the home networks of hundreds of thousands of consumers at risk. As part of the settlement agreement, Asus will establish and maintain a comprehensive security program subject to independent audits for the next two decades.

"The Internet of Things is growing by leaps and bounds, with millions of consumers connecting smart devices to their home networks," said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection. "Routers play a key role in securing those home networks, so it’s critical that companies like ASUS put reasonable security in place to protect consumers and their personal information."

Asus drew the FTC's ire by marketing its routers as having numerous security features that it claimed could "protect computers from any unauthorized access, hacking, and virus attacks," yet failed to live up to the claims. One of the FTC's complaints is that Asus didn't dole out patches quick enough, nor did it sufficiently alert users of its routers of the threats involved when running dated firmware. Even worse, the FTC says that in many cases, the Software update tool for Asus' routers often told consumers that they were running the latest firmware, when in fact newer software with critical software updates as available.

The FTC also chastised Asus for allowing customers to retain the same default login credentials on every router with username "admin" and password "admin," and it took issue with a vulnerability in its AiCloud service that allowed hackers to bypass the login screen and gain compete access to a consumer's connected storage device without any credentials.

Follow Paul on Google+, Twitter, and Facebook



From maximumpc


This post first appeared on Blog Not Found, please read the originial post: here

Share the post

FTC Slaps Asus with 20-Year Audit for Shoddy Router Security

×

Subscribe to Blog Not Found

Get updates delivered right to your inbox!

Thank you for your subscription

×