Skip to main content

Asus settles FTC lawsuit over flawed router file security

asus ftc settlement asusgate router
Image used with permission by copyright holder
Two years after thousands of Asus router owners were revealed to be so totally and utterly compromised that users’ files were available online to the world to peruse, Asus is settling with the FTC.

Asus is going to “establish and maintain a comprehensive security program subject to independent audits for the next 20 years” as part of the settlement, according to an FTC statement.

Recommended Videos

Security on Asus routers was so bad in 2014 that hackers felt sorry for the company’s customers, and left messages on thousands of computers warning them about the exploit.

Please enable Javascript to view this content

“This is an automated message being sent out to everyone effected,” the message read. “Your Asus router (and your documents) can be accessed by anyone in the world with an Internet connection.”

And that wasn’t the only problem. To list just a few things:

  • Hackers could access and change the router’s configuration page without much effort.
  • Every device had the same login credentials, by default: username “admin” and password “admin,” and little was done to get users to change these.
  • In many cases accessing all files shared on a network was as simple as typing the external IP into a browser. Nothing was encrypted.

The FTC’s statement about this case makes it clear that every company making products accessible over the Internet will be held responsible for securing those products.

“The Internet of Things is growing by leaps and bounds, with millions of consumers connecting smart devices to their home networks,” said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection. “Routers play a key role in securing those home networks, so it’s critical that companies like Asus put reasonable security in place to protect consumers and their personal information.”

The FTC seems to be going out of its way to talk about Internet of Things security lately. In January, it issued a report stating that connected devices should limit how long they store information as a security precaution. Mentioning these concerns again as part of this settlement means the government agency is watching companies closely, and will hold them accountable for any bugs.

Justin Pot
Former Digital Trends Contributor
Justin's always had a passion for trying out new software, asking questions, and explaining things – tech journalism is the…
A zero-day Google Chrome security flaw requires you to update now
Google Chrome opened on a laptop.

Google released an update to its Chrome browser for Windows and Mac users, and the internet giant strongly recommends that users apply the update as soon as possible. The update contains 14 security fixes -- including a zero-day security flaw -- that if left unchecked would leave the system vulnerable to attacks. Google categorized these fixes as critical, high, and medium importance.

Windows and Mac users who also surf the internet with the Chrome browser will want to make sure that they're on version 91.0.4472.101. To make sure that you're on the latest build of Chrome, launch your browser and then click on the three dots stacked vertically at the top right. Navigate to Settings, and then click About Chrome. From there, you'll be able to view the Chrome version number, and you can update the browser if it wasn't automatically updated in the background.

Read more
How to buy a Wi-Fi router
wireless router buying guide version 1404090000 header image

Wireless routers are everywhere. Nearly every house, apartment, business, and sketchy van parked down by the river has one. A functional wireless router allows you to easily connect your computer to a broadband internet service so you can share data files and stream media between mobile/Wi-Fi devices.

Although you could opt for a wired router, we suggest a wireless model so you can avoid stringing Ethernet cable around your home. Besides, a wireless router is the best way to access the internet using your smartphone or tablet. And if you ever discover you absolutely must have a wired connection, the router will have a built-in switch to handle it. While you're at it, check out the best routers currently on the market, along with our guide on how to secure your wireless network.
Choosing the right Wi-Fi standard
Digital Trends Wi-Fi router guide

Read more
Give your router new superpowers by installing DD-WRT
report advises governments to avoid encryption backdoors internet router

Frustrated by the software limitations of your router? Replacing it with the Linux-powered DD-WRT firmware can be a big upgrade. Maybe you want to use an old router as a second access point for your home network or as a Wi-Fi extender. Maybe you want more precise control over how your bandwidth is used so you can prioritize bandwidth for your gaming sessions, or perhaps you hate the firmware that came with your router and prefer something with more features.

Whatever you want your router to do, the odds are that DD-WRT can do it. Installing DD-WRT can be complicated, but the most common method includes using the "upgrade firmware" functionality built into your router's default firmware.

Read more