D-Link and FTC Settlement (Score 2)

https://www.ftc.gov/news-event... As part of the proposed settlement, D-Link is required to implement a comprehensive software security program, including specific steps to ensure that its Internet-connected cameras and routers are secure. This includes implementing security planning, threat modeling, testing for vulnerabilities before releasing products, ongoing monitoring to address security flaws, and automatic firmware updates, as well as accepting vulnerability reports from security researchers. In addition, D-Link is required for 10 years to obtain biennial, independent, third-party assessments of its software security program. The assessor must keep all documents it relies on for its assessment for five years and provide them to the Commission upon request. The settlement also requires the assessor to identify specific evidence for its findings—and not rely solely on the assertions of D-Link’s management. Finally, the order gives the FTC authority to approve the third-party assessor D-Link chooses. I guess D-Link put on over on the FTC and everyone else...pathetic as usual...I think I will get a Synology AC2600 to replace my D-Link, at least I know they patch their NAS gear on a regular basis :)