D-Link
{{Short description|Taiwanese multinational networking equipment manufacturing corporation}}
{{More citations needed|date=November 2014}}
{{EngvarB|date=August 2016}}
{{Use dmy dates|date=September 2020}}
{{Infobox company
| name = D-Link Systems, Inc.
| logo = D-Link Logo Blue strap.svg
| logo_size =
| image = D-Link Corporation profile.jpg
| image_caption = D-Link Headquarters
| former_name = Datex Systems, Inc. (1986-1992)
| type = Public
| traded_as = {{TSE|2332}}
| foundation = {{Start date and age|1986}}
| location_city = Taipei
| location_country = Taiwan
| area_served = Worldwide
| industry = Networking hardware
Telecoms equipments
| products = {{ubl|Routers|DSL/cable gateways|Cable modems|Wireless adapter|Home automation devices|Switches|Wireless access points|Wireless repeaters|Mobile hotspot|Network attached storage|Surveillance IP cameras }}
| key_people = Victor Kuo (Chairman)
| revenue =
| revenue_year =
| num_employees =
| num_employees_year =
| homepage = {{Official URL}}
}}
D-Link Systems, Inc. (formerly Datex Systems, Inc.) is a Taiwanese multinational manufacturer of networking hardware and telecoms equipments. It was founded in 1986 and headquartered in Taipei, Taiwan.{{r|Datex_OriginStory}}
History
Datex Systems was founded in 1986 in Taipei, Taiwan.
In 1992, the company changed its name to D-Link.
D-Link went public and became the first networking company on the Taiwan Stock Exchange in 1994. It is now also publicly traded on the New York Stock Exchange.
In 1988, D-Link released the industry's first peer-to-peer LANSmart Network Operating System,{{r|Maxwell_1990}}{{rp|pages=[{{ GBurl | id = FK9cQfDtQZkC | pg = PT173 }} 167-168]}} able to run concurrently with early networking systems such as Novell's NetWare and TCP/IP, which most small network operating systems could not do at the time.
In 2007, it was the leading networking company in the small to medium business (SMB) segment worldwide, with a 21.9% market share.Compiled from In-Stat Q1 2007 Wireless LAN Equipment Market Share Report In March 2008, it became the market leader in Wi-Fi product shipments worldwide, with 33% of the total market.In-Stat Q4/07 WLAN Market Share Report In 2007, the company was featured in the "Info Tech 100" list of the world's best IT companies. It was also ranked as the ninth best IT company in the world for shareholder returns by BusinessWeek.{{r|Bloomberg_2007}} In the same year, D-Link released one of the first Wi{{Non breaking hyphen}}Fi{{nbsp}}Certified{{nbsp}}802.11n draft 2.0 Wi-Fi routers (DIR-655),{{r|Higgins_2007}} which subsequently became one of the most successful draft 802.11n routers.{{r|Higgins_2009}}
In May 2013, D-Link released its flagship draft 802.11ac Wireless AC1750 Dual-Band Router (DIR-868L), which at that point had attained the fastest-ever wireless throughput as tested by blogger Tim Higgins.{{r|Higgins_2013}}
In April 2019, D-Link was named Gartner Peer Insights Customers’ Choice for Wired and Wireless LAN Access Infrastructure.Best Wired and Wireless LAN Access Infrastructure of 2019 as reviewed by customers. [https://www.gartner.com/reviews/customers-choice/wired-wireless-lan-access-infrastructure/Apr-2019]. Gartner Peer Insights Customers’ Choice - Apr 2019
In June 2020, D-Link joined the Taiwan Steel Group.{{Clarify|date=January 2024}}
In 2021, D-Link announced that it had become the agent for international information security brand Cyberbit in Taiwan, and it launched the new EAGLE PRO AI series transforming home Wi-Fi experiences.
In 2022, D-Link obtained the TRUSTe Privacy seal, certification of ISO/IEC 27001:2013 and BS 10012. It also obtained the GHG Part 1 certification of ISO 14064-1 2018. Moreover, D-Link established the "D-Link Group Scholarship" with National Taiwan University of Science and Technology to encourage foreign students to study in Taiwan.
= Examples of D-Link products =
File:D-Link DIR-895L.jpg|AC5300 MU-MIMO Ultra Wi-Fi Router
File:D-Link DWA-192.jpg|AC1900 Wi-Fi USB 3.0 Adapter
File:D-Link DSP-W215.jpg|mydlink Home Smart Plug
File:D-Link DCS-5010L.jpg|mydlink Home Monitor 360
Controversies
= Backdoors =
D-Link systematically includes backdoors in their equipment that compromise its users security.[https://www.bleepingcomputer.com/news/security/over-92-000-exposed-d-link-nas-devices-have-a-backdoor-account/ Over 92,000 exposed D-Link NAS devices have a backdoor account] One of the prominent examples is xmlset_roodkcableoj28840ybtide, which contains the substring roodkcab, which is the word backdoor written backwards.{{cite web | url=https://www.pcworld.com/article/448924/dlink-issues-fixes-for-firmware-backdoor-in-routers.html | title=D-Link issues fixes for firmware backdoor in routers }}
In January 2013, version v1.13 for the DIR-100 revA was reported to include a backdoor in the firmware. By passing a specific user agent in an HTTP request to the router, normal authentication is bypassed. It was reported that this backdoor had been present for some time.{{Cite web |last=Yegulalp |first=Serdar |title=D-Link's backdoor: What else is in there? |url=http://www.infoworld.com/article/2612757/hacking/d-link-s-backdoor--what-else-is-in-there-.html |access-date=1 April 2016 |issn=0199-6649 |magazine=InfoWorld|date=14 October 2013 }} This backdoor however was closed soon after with a security patch issued by the company.{{Cite web |last=Krebs |first=Brian |author-link=Brian Krebs |title=Important Security Update for D-Link Routers |url=https://krebsonsecurity.com/2013/12/important-security-update-for-d-link-routers/ |access-date=17 September 2020 |website=Krebs on Security |date=2 December 2013 |language=en-US}}
In 2024-06-17 information about CVE-2024-6045 backdoor was disclosed.https://securityonline.info/d-link-routers-exposed-critical-backdoor-vulnerability-discovered-cve-2024-6045/ {{Bare URL inline|date=August 2024}}
= Vulnerabilities =
In January 2010, it was reported that HNAP vulnerabilities had been found on some D-Link routers. D-Link was also criticized for their response which was deemed confusing as to which models were affected and downplayed the seriousness of the risk.{{Cite web |date=18 January 2010 |title=Which Routers Are Vulnerable to the D-Link HNAP Exploit? |url=http://www.sourcesec.com/2010/01/ |url-status=dead |archive-url=https://web.archive.org/web/20131226002253/http://www.sourcesec.com/2010/01/ |archive-date=26 December 2013 |website=Source Sec Tech Engine}} However the company issued fixes for these router vulnerabilities soon after.{{Cite magazine |date=15 January 2010 |title=D-Link Issues Fixes for Router Vulnerabilities |url=https://www.pcworld.com/article/186996/article.html |magazine=PCWorld |language=en |issn=0737-8939 |access-date=17 September 2020}}
Computerworld reported in January 2015 that ZynOS, a firmware used by some D-Link routers (as well as ZTE, TP-Link, and others), are vulnerable to DNS hijacking by an unauthenticated remote attacker, specifically when remote management is enabled.{{Cite magazine |last=Constantin |first=Lucian |title=DNS hijacking flaw affects D-Link DSL router, possibly other devices |url=http://www.computerworld.com/article/2876292/dns-hijacking-flaw-affects-d-link-dsl-router-possibly-other-devices.html |magazine=Computerworld |issn=0010-4841 |access-date=1 April 2016}} Affected models had already been phased out by the time the vulnerability was discovered and the company also issued a firmware patch for affected devices for those still using older hardware.{{Cite web |last=Jackson |first=Mark |date=31 January 2015 |title=UPDATE D-Link Broadband Routers Vulnerable to DNS Hijack Attack |url=https://www.ispreview.co.uk/index.php/2015/01/d-link-broadband-routers-vulnerable-new-dns-hijack-attack.html |access-date=17 September 2020 |website=ISPreview UK |language=en}}
Later in 2015, it was reported that D-Link leaked the private keys used to sign firmware updates for the DCS-5020L security camera and a variety of other D-Link products. The key expired in September 2015, but had been published online for seven months.{{Cite web |title=In blunder threatening Windows users, D-Link publishes code-signing key |url=https://arstechnica.com/security/2015/09/in-blunder-threatening-windows-users-d-link-publishes-code-signing-key/ |access-date=1 April 2016 |website=Ars Technica|date=18 September 2015 }} The initial investigation did not produce any evidence that the certificates were abused.{{Cite web |title=D-Link Accidentally Leaks Private Code-Signing Keys |url=https://threatpost.com/d-link-accidentally-leaks-private-code-signing-keys/114727/ |access-date=17 September 2020 |website=threatpost.com |date=18 September 2015 |language=en}}
Also in 2015, D-Link was criticized for more HNAP vulnerabilities,{{Cite web |title=Hacking the D-Link DIR-890L |url=http://www.devttys0.com/2015/04/hacking-the-d-link-dir-890l/}} and worse, introducing new vulnerabilities in their "fixed" firmware updates.{{r|WTF_2014}}
On 5 January 2017, the Federal Trade Commission sued D-Link for failing to take reasonable steps to secure their routers and IP cameras, as D-Link marketing was misleading customers into believing their products were secure. The complaint also says security gaps could allow hackers to watch and record people on their D-Link cameras without their knowledge, target them for theft, or record private conversations.{{Cite web |url=https://www.consumer.ftc.gov/blog/ftc-sues-d-link-over-router-and-camera-security-flaws |title=FTC sues D-Link over router and camera security flaws {{!}} Consumer Information |access-date=7 January 2017 |archive-date=7 January 2017 |archive-url=https://web.archive.org/web/20170107170851/https://www.consumer.ftc.gov/blog/ftc-sues-d-link-over-router-and-camera-security-flaws |url-status=dead }} D-Link has denied these accusations and has enlisted Cause of Action Institute to file a motion against the FTC for their "baseless" charges.{{Cite news |date=31 January 2017 |title=Cause of Action Institute Files Motion to Dismiss FTC's Baseless Data Security Charges Against D-Link Systems Inc. - Cause of Action Institute |language=en-US |work=Cause of Action Institute |url=http://causeofaction.org/cause-action-institute-files-motion-dismiss-ftcs-baseless-data-security-charges-d-link-systems-inc/ |access-date=12 February 2017}} On 2 July 2019, the case was settled with D-Link not found to be liable for any of the alleged violations.{{Cite web |title=proposed settlement, D-Link is required |url=https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf}} D-Link agreed to continue to make security enhancements in its software security program and software development, with biennial, independent, third-party assessments, approved by the FTC.{{Cite web |title=D-Link Agrees to Make Security Enhancements to Settle FTC Litigation |date=2 July 2019 |url=https://www.ftc.gov/news-events/press-releases/2019/07/d-link-agrees-make-security-enhancements-settle-ftc-litigation}}
On 18 January 2021 Sven Krewitt, researcher at Risk Based Security, discovered multiple pre-authentication vulnerabilities in D-Link's DAP-2020 Wireless N Access Point product.{{Cite web |last=Krewitt |first=Sven |date=January 18, 2021 |title=RBS-2021-002-D-Link DAP-2020 |url=https://www.riskbasedsecurity.com/research/rbs-2021-002-d-link-dap-2020/ |url-status=live |archive-url=https://web.archive.org/web/20210307204206/https://www.riskbasedsecurity.com/research/rbs-2021-002-d-link-dap-2020/ |archive-date=7 March 2021 |access-date=September 2, 2020 |website=Risk Based Security}} D-Link confirmed these vulnerabilities in a support announcement and provided a patch to hot-fix the product's firmware.{{Cite web |title=D-Link Technical Support |url=https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10201 |access-date=2021-09-02 |website=supportannouncement.us.dlink.com}}
In April 2024, D-Link acknowledged a security vulnerability that affected all hardware revisions of four models of network attached storage devices. Because the products have reached their end of service life date, the company stated in a release that the products are no longer supported and that a fix would not be offered.{{cite web | url = https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 | title = DNS-320L / DNS-325 / DNS-327 / DNS-340L and All D-Link NAS Storage :: All Models and All Revison :: End of Service Life :: CVE-2024-3273 : Vulnerabilities Reported by VulDB/Netsecfish | work = D-Link | date = 8 April 2024 | accessdate = 8 April 2024}}
= Server misuse =
In 2006, D-Link was accused of NTP vandalism, when it was found that its routers were sending time requests to a small NTP server in Denmark, incurring thousands of dollars of costs to its operator. D-Link initially refused to accept responsibility.{{Cite news |last=Leyden |first=John |date=2006-04-13 |title=D-Link accused of 'killing' time servers {{!}} Time to stop freeloading |language=en-gb |work=The Register |url=https://www.theregister.com/2006/04/13/d-link_time_row_escelates/ |url-status=live |access-date=2022-08-09 |archive-url=https://web.archive.org/web/20200922150807/https://www.theregister.com/2006/04/13/d-link_time_row_escelates/ |archive-date=2020-09-22 |quote=D-Link, for its part, is hiding behind its lawyers. Instead of acknowledging it might have made an error, and operators say D-Link's attorneys have accused them of "extortion" or else demanded that disgruntled punters submit to Californian law. |df=dmy-all}} Later, D-link products were found also to be abusing other time servers, including some operated by the US military and NASA.{{Cite news |last=Ward |first=Mark |date=2006-04-13 |title=Net clocks suffering data deluge |language=en-gb |work=BBC News |url=http://news.bbc.co.uk/1/hi/technology/4906138.stm |url-status=live |access-date=2022-08-09 |archive-url=https://web.archive.org/web/20220427003405/http://news.bbc.co.uk/1/hi/technology/4906138.stm |archive-date=2022-04-27 |quote=This has revealed that D-Link hardware is also causing problems for 50 other net time servers. The list includes some run by the US military, Nasa, US research organisations and government groups around the world. |df=dmy-all}} However, no malicious intent was discovered, and eventually D-Link and the sites owner Poul-Henning Kamp were able to agree to an amicable settlement regarding access to Kamp's GPS.Dix.dk NTP Time Server site, with existing products gaining authorized access to Kamp's server.{{Cite news |last=Leyden |first=John |date=2006-05-11 |title=D-Link settles dispute with 'time geek' {{!}} Time to kiss and make up |language=en-gb |work=The Register |url=https://www.theregister.com/2006/05/11/d-link_time_dispute_settlement/ |url-status=live |access-date=2022-08-09 |archive-url=https://web.archive.org/web/20220407030045/https://www.theregister.com/2006/05/11/d-link_time_dispute_settlement/ |archive-date=2022-04-07 |quote=Networking manufacturer D-Link has settled a dispute with a Danish administrator Poul-Henning Kamp over the way its kit queries internet time servers. |df=dmy-all}}
= GPL violation =
On 6 September 2006, the gpl-violations.org project prevailed in court litigation against D-Link Germany GmbH regarding D-Link's inappropriate and copyright infringing use of parts of the Linux kernel.[http://gpl-violations.org/news/20060922-dlink-judgement_frankfurt.html GPL-Violations.org project prevails in court case on GPL violation by D-Link] {{webarchive |url=https://web.archive.org/web/20141007073104/http://gpl-violations.org/news/20060922-dlink-judgement_frankfurt.html |date=7 October 2014 }} D-Link Germany GmbH was ordered to pay plaintiff's costs.[https://www.jbb.de/judgment_dc_frankfurt_gpl.pdf Docket Number 2-6 0 224/06 DISTRICT COURT OF FRANKFURT AM MAIN] {{webarchive | url=https://web.archive.org/web/20061206101757/http://www.jbb.de/judgment_dc_frankfurt_gpl.pdf | date = 6 December 2006}} Following the judgement, D-Link agreed to a cease and desist request, ending distribution of the product, and paying legal costs.{{Cite web |title=German court raps D-Link over GPL violation |url=https://www.itnews.com.au/news/german-court-raps-d-link-over-gpl-violation-60373 |access-date=17 September 2020 |website=iTnews}}
See also
References
=Notes=
{{Reflist|group=notes}}
=Citations=
{{Reflist|3|refs=
{{Cite magazine |last=Maxwell |first=Kimberly |date=1990-05-29 |title=LANsmart Operating System |url={{ GBurl|id = FK9cQfDtQZkC|pg = PT173 }} |magazine=PC Magazine |language=en-us |publisher=Ziff Davis |volume=9 |issue=10 |pages=167–168 |issn=0888-8507 |oclc=642393284 |access-date=2022-08-06 |via=Google Books |df=dmy-all}}
{{Cite magazine |last1=Ante |first1=Spencer E. |last2=Ewing |first2=Jack |last3=Greene |first3=Jay |last4=Burrows |first4=Peter |last5=Hof |first5=Robert D. |date=2007-07-02 |title=The Info Tech 100 |url=https://www.bloomberg.com/news/articles/2007-07-01/the-info-tech-100 |url-status=live |magazine=BusinessWeek |issn=0007-7135 |archive-url=https://web.archive.org/web/20220718160258/https://www.bloomberg.com/news/articles/2007-07-01/the-info-tech-100 |archive-date=2022-07-18 |url-access=subscription |df=dmy-all}}
}}
External links
{{Commons category}}
- {{Official website}}
{{Electronics industry in Taiwan}}
Category:Electronics companies established in 1986
Category:Computer companies established in 1986
Category:Taiwanese companies established in 1986
Category:Computer companies of Taiwan
Category:Computer hardware companies
Category:Manufacturing companies based in Taipei
Category:1994 initial public offerings
Category:Companies listed on the Taiwan Stock Exchange
Category:Electronics companies of Taiwan
Category:Multinational companies headquartered in Taiwan