Skip the navigation

Asus simplifies router configuration to protect external hard drives

The company is updating unsecure default settings that left files accessible over the Internet

By Mikael Ricknäs
January 13, 2014 10:38 AM ET

IDG News Service - Asus is distributing a firmware update that will change the default security settings on its broadband routers after files on thousands of external hard drives were found easily accessible over the Internet.

The problem was reported last week and stems from how Asus' routers are configured. Access to an external hard drive that's been attached to a router's USB port via FTP can be activated manually or by using a wizard, but both leave the router open by default.

As a result, the files of users in Europe and the U.S. were found accessible via the Internet, according to industry experts and tests conducted by PC World Norway and TechWorld Sweden.

After being questioned about the problem, Asus developed a firmware update to fix the issue, which is now being distributed via its website and directly from the router user interface.

"The update changes the default security setting from unlimited to limited access rights when setting up a FTP server. This change will ensure that the end user doesn't leave their FTP server unprotected by mistake and also make it easier to understand the implications of the different security options," the company said in a statement.

There is now a warning that it's possible to access files via FTP without entering a password when a user has chosen the limitless access setting, according to Asus.

The update has already been released for the RT-AC68U router, and will this week also become available for the RT-AC56U, RT-AC66U, RT-N66U and RT-N16 routers. Remaining routers will be updated next week, Asus said.

Send news tips and comments to mikael_ricknas@idg.com

Reprinted with permission from IDG.net. Story copyright 2014 International Data Group. All rights reserved.
Our Commenting Policies