Linked by Thom Holwerda on Sun 9th Apr 2006 12:49 UTC, submitted by rycamor
Legal FreeBSD developer Poul-Henning Kamp (PHK) happens to run a tier-1 NTP server, intended only for use by ISPs' main servers in Denmark, and specifically not intended for individual client connections, not to mention client connections from anywhere else in the world. He offers this service pro bono to ISPs. Unfortunately, D-Link has decided to abuse the open nature of the NTP protocol and has actually hard-coded PHK's server hostname in the firmware of several of their home network products. Since contacting D-Link yielded no results, PHK went public.
Permalink for comment 113107
To read all comments associated with this story, please click here.
What a surprise
by moleskine on Sun 9th Apr 2006 14:51 UTC
Member since:

I once had five D-Link products. One dropped dead in three weeks, another after eight weeks and another after 14 months. I still have two, but never again.

While I don't know how D-Link really work, I did have to waste a lot of time messing with firmware while trying to get their broken products to work. I formed the impression that D-Link either buy-in or ship unchecked code cooked up in SE Asia. So it would be very easy for a developer out there to rip stuff off and feel fairly confident that D-Link would never bother to check. They certainly didn't check whether one of their ADSL modems would work under the UK telephone system. Perhaps no one told the developers on the other side of the world that it would need to.

So I am not surprised at this news. But I am a little surprised that instead of playing nice and doing something about it, D-Link are choosing to play big bully. You can bet that if Microsoft or IBM were doing the complaining instead of a single guy then D-Link would drop their pants and bend over sooner than you could say "Never buy a D-Link product".

Reply Score: 5