Technology

67422 readers

3562 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

[email protected]

751

D-Link refuses to patch yet another security flaw, suggests users just buy new routers — D-Link told users to replace NAS last week (www.tomshardware.com)

submitted 4 months ago by [email protected] to c/[email protected]

139 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 55 points 4 months ago (2 children)

Welp never buying anything D-Link ever again

[–] [email protected] 18 points 4 months ago (4 children)

Because they won't support routers that were EOL a decade ago?

[–] [email protected] 68 points 4 months ago (1 children)

Companies should be forced to release all source code for products that are "EOL". I will never change my mind on this.

[–] [email protected] 14 points 4 months ago (2 children)

Especially for stuff like medical implants

[–] [email protected] 10 points 4 months ago

'Sorry, your eyes are no longer supported'

[–] [email protected] 4 points 4 months ago

And anything that touches on security (i.e. connected to the internet), and routers definitely count here.

[–] [email protected] 45 points 4 months ago

May 1st 2024 was a decade ago? (The article has a list and only two are old as you mention, though not quite a decade yet)

[–] [email protected] 31 points 4 months ago (1 children)

Because that bug was so egregious, it demonstrates a rare level of incompetence.

[–] [email protected] 21 points 4 months ago (2 children)

that bug was so egregious, it demonstrates a rare level of incompetence

I wish so much this was true, but it super isn't. Some of the recent Cisco security flaws are just so brain-dead stupid you wonder if they have any internal quality control at all... and, well, there was the Crowdstrike thing...

[–] [email protected] 20 points 4 months ago* (last edited 4 months ago)

Idk, this was kind of a rare combination of "write secure function; proceed to ignore secure function and rawdog strings instead" + "it can be exploited by entering a string with a semicolon". Neither of those are anything near as egregious as a use after free or buffer overflow. I get programming is hard but like, yikes. It should have been caught on both ends

[–] [email protected] 3 points 4 months ago

Some of the recent Cisco security flaws are just so brain-dead stupid you wonder if they have any internal quality control at all

At the super budget prices Cisco charges, do you really expect quality control to be included? You've got to buy a quality control subscription for that. /s

[–] [email protected] 7 points 4 months ago (1 children)

Most reached EOL in may of this year.

[–] [email protected] 2 points 4 months ago (1 children)

EOL is still EOL

[–] [email protected] 1 points 4 months ago

Then they can open source the code so someone else can fix the issue.

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

I had a couple of dlink gigabit desktop switches. Two failed so far, one has taken down the whole network, not just devices directly connected to it, and the other one fried 2 router ports when it died. I learned my lessons about buying crappy network hardware.

Edit: that happened within a few months, so these switches also have a very clear EOL.