Linked by Thom Holwerda on Sun 9th Apr 2006 12:49 UTC, submitted by rycamor
Legal FreeBSD developer Poul-Henning Kamp (PHK) happens to run a tier-1 NTP server, intended only for use by ISPs' main servers in Denmark, and specifically not intended for individual client connections, not to mention client connections from anywhere else in the world. He offers this service pro bono to ISPs. Unfortunately, D-Link has decided to abuse the open nature of the NTP protocol and has actually hard-coded PHK's server hostname in the firmware of several of their home network products. Since contacting D-Link yielded no results, PHK went public.
Permalink for comment 113117
To read all comments associated with this story, please click here.
kadymae
Member since:
2005-08-02

Alas, asking customers to upgrade firmware probably isn't going to solve the problem.

If a product of mine is running okay I rarely upgrade the firmware.

1) fear of a bug in the upgrade borking up my machine. (Like that Apple firmware update which disabled RAM in many computers.)

2) what is the upgrade for? (I have a Plextor CD burner which can duplicate any CD. At the urging of the [hack! spit!] RIAA, Plextor has put out a firmware update -- which disables this feature. And left this to consumers to find out, the hard way.)

So, if I saw that my router's manufacturer had put out a firmware update, I would think thrice about installing it, and then go comb the web to make sure it didn't do something like permanently disable the ports we get "the bit torrent channel" on.

---

OTOH, this bit of jerkishness by dLink means I won't be throwing money their way any time soon.

Reply Score: 5