FTC Sues D-Link Over Security Flaws in Routers, IP Cameras

Today's topics include the FTC's complaint that unsecured D-Link routers and surveillance cameras leave consumers at risk, the introduction of Microsoft's cloud-based connected vehicle platform, Google's plans to integrate its digital assistant technology with Android TVs and the ransomware that infects smart TVs and exposed the security flaws in internet of things devices.

The U.S. Federal Trade Commission filed a legal complaint against networking equipment vendor D-Link on Jan. 5, alleging that the company has failed to implement adequate security measures in its products, leaving consumers at risk. D-Link denies the allegations.

In a 31-page legal complaint, the FTC outlined multiple alleged failings in D-Link's security. According to the complaint, D-Link, "…failed to take reasonable steps to protect their routers and IP cameras from widely known and reasonably foreseeable risks of unauthorized access..."

Among the issues alleged by the FTC complaint are hard-coded user credentials, which are embedded passwords in devices that users cannot easily change, that could enable an attacker unauthorized access. In an email sent to eWEEK, D-Link stated that it denies the allegations outlined in the complaint and is taking steps to defend the action.

On Jan. 5, Microsoft unveiled the "Connected Vehicle Platform" during the Consumer Electronics Show in Las Vegas. The platform allows carmakers to seamlessly integrate the vehicles with digital lives of their customers and deliver a set of 'experiences that are safe, productive and fun,' said Sanjay Ravi, managing director of Microsoft's Worldwide Discrete Manufacturing division, in an introductory video.

Those experiences, as with many of the Microsoft's latest innovations, will be powered by the company's Azure Cloud software and services ecosystem. Connected Vehicle Platform encompasses a set of Azure technologies that can work together to enable new intelligent services.

For example, not only can the system alert a driver of an issue affecting a car's performance, it can also schedule an appointment with a service center based on the availability of both the driver and the center's automotive technicians using Cortana.

Google this week announced plans to bring its voice-activated Google Assistant to Android televisions in coming months in keeping with the company's commitment to integrating the digital assistant technology in virtually all of its products over the next few years.

The integration will allow owners of Android powered TVs such as the Sony Bravia, Sharp Aquos and Xiaomi Mi to do things like search for TV shows, browse channels and play content from places like Netflix and YouTube using voice commands.

When Google makes Assistant available on set top streaming devices like the Nvidia Shield, owners of Android TVs will be able to do things such as controlling the smart lighting system in their homes via voice commands.

Programmer Darren Cauthon learned the hard way that the makers of smart TVs—devices that are connected to the Internet and can run apps—may not be making the smartest decisions when it comes to security.

Over the holidays, a member of the programmer’s family downloaded an app for watching free movies to the TV. Minutes later, the television showed a notice claiming to be from the FBI, demanding $500. In all other ways, the device was unresponsive.

A screenshot appeared to indicate that the smart TV, an LG model, had been infected by a ransomware. The incident underscores the dangers that malware can pose to Internet connected devices. It took three days for LG to respond to Cauthon's Twitter posts about the incident by providing the manual reset procedure that allowed him to retake control of his TV.

Top White Papers and Webcasts