1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News FTC slaps Asus with 20 years of security monitoring

Discussion in 'Article Discussion' started by Gareth Halfacree, 24 Feb 2016.

  1. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    12,834
    Likes Received:
    2,043
  2. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,407
    Likes Received:
    334
    Is it just me that thinks this ruling seems rather severe, that's not to say i disagree with it just that it seems more likely to get them to sort things out than X amount in fines, maybe our regulators could learn something from this.
     
  3. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    12,834
    Likes Received:
    2,043
    They only have to have biennial audits, which won't cost 'em much. If Asus actually cared about security, they'd be having annual independent audits *anyway* - then perhaps they wouldn't have shipped such insecure products in the first place.
     
  4. Flibblebot

    Flibblebot Smile with me

    Joined:
    19 Apr 2005
    Posts:
    4,655
    Likes Received:
    151
    Bad use of words when talking about security loopholes? :D

    (It's probably just me. I did start reading the article and wondered how someone could attach 12,900 USB storage devices to their router...:lol: Yeah, it's been a long day.)

    Asus' appalling security notwithstanding, does anybody actually believe the claims made in adverts. Perhaps Asus could start taking tips from the beauty industry: "79% of 53 users said they hadn't been hacked"?
     
  5. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,407
    Likes Received:
    334
    I was thinking more in terms of forcing them to do the right thing rather than expecting financial cost to be a motivating factor for doing the right thing, that and financial costs inevitably get passed onto the consumer IMO.
     
  6. Guest-16

    Guest-16 Guest

    Agree. It should be mandatory for anything that deals with internet access; OS', routers, IoT etc!
     
  7. nakchak

    nakchak New Member

    Joined:
    20 Mar 2005
    Posts:
    36
    Likes Received:
    1
    Problem is that one that would be totally unenforceable, two would offer no more than a CE mark does on products, i.e. its a badge on convenience and doesn't actually mean the product has been tested. three all it takes is one compromised knock off device attached to a network to offer an attack vector/entry point. Seeing as internationally nothing but token efforts can be done about counterfeiting there is no chance legislation would work.

    The real solution is to flip the problem around and make it very much a caveat emptor where you the user needs to consider security and be suspicious of anything you attach to your network. Rough rule of thumb if it just works out the box with no config then it wide open and needs locking down, view convenience with suspicion and the world would be a safer place.
     
  8. Corky42

    Corky42 Where's walle?

    Joined:
    30 Oct 2012
    Posts:
    9,407
    Likes Received:
    334
    Bit difficult to be suspicious of anything you attach to your network if you don't know what security flaws maybe present in the (often) proprietary software that's running on that device.
     
  9. ModSquid

    ModSquid Member

    Joined:
    16 Apr 2011
    Posts:
    486
    Likes Received:
    13
    Surprise. Shoddy Asus products hit the headlines.
     

Share This Page