Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 1 of 14 1 2 3 4 5 6 7 8 9 10 DAVID SHONKA Acting General Counsel LAURA D. BERGER (FL Bar No. 11762) Federal Trade Commission 901 Market Street, Suite 570 San Francisco, CA 94103 P: (202) 326-2471/F: (415) 848-5184 lberger@ftc.gov; KEVIN H. MORIARTY (DC Bar No. 975904) CATHLIN TULLY (NY Bar) Federal Trade Commission 600 Pennsylvania Ave N.W. Washington, DC 20580 P: (202) 326-3644/F: (202) 326-3062 kmoriarty@ftc.gov; ctully@ftc.gov 11 12 Attorneys for Plaintiff Federal Trade Commission 13 UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA SAN FRANCISCO DIVISION 14 15 16 17 18 19 20 21 22 23 24 ____________________________________ FEDERAL TRADE COMMISSION, ) ) Plaintiff, ) ) v. ) ) D-LINK CORPORATION ) ) and ) ) D-LINK SYSTEMS, INC., ) corporations, ) ) Defendants. ) ___________________________________ ) Case No. ______________________ COMPLAINT FOR PERMANENT INJUNCTION AND OTHER EQUITABLE RELIEF 25 26 27 28 1. Plaintiff, the Federal Trade Commission (“FTC”), for its Complaint, brings this action under Section 13(b) of the Federal Trade Commission Act (“FTC Act”), 15 U.S.C. COMPLAINT REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED PAGE 1 Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 2 of 14 1 § 53(b), to obtain permanent injunctive relief and other equitable relief against Defendants for 2 engaging in unfair or deceptive acts or practices in violation of Section 5(a) of the FTC Act, 15 3 U.S.C. § 45(a), in connection with Defendants’ failure to take reasonable steps to secure the 4 routers and Internet-protocol cameras they designed for, marketed, and sold to United States 5 consumers. 6 7 8 9 10 JURISDICTION AND VENUE 2. This Court has subject matter jurisdiction pursuant to 28 U.S.C. §§ 1331, 1337(a), and 1345, and 15 U.S.C. §§ 45(a) and 53(b). 3. Venue in the Northern District of California is proper under 28 U.S.C. § 1391(b) and (c) and 15 U.S.C. § 53(b). 11 12 PLAINTIFF 4. The FTC is an independent agency of the United States Government created by 13 statute. 15 U.S.C. §§ 41-58. The FTC enforces Section 5(a) of the FTC Act, 15 U.S.C. § 45(a), 14 which prohibits unfair or deceptive acts or practices in or affecting commerce. 15 5. The FTC is authorized to initiate federal district court proceedings, by its own 16 attorneys, to enjoin violations of the FTC Act and to secure such other equitable relief as may be 17 appropriate in each case. 15 U.S.C. §§ 53(b), 56(a)(2)(A). 18 19 DEFENDANTS 6. Defendant D-Link Corporation (“D-Link”) is a Taiwanese corporation with its 20 principal office or place of business at No. 289, Xinhu 3rd Rd., Neihu District, Taipei City, 21 Taiwan 114. D-Link transacts or has transacted business in this district and throughout the 22 United States. At all times material to this Complaint, acting alone or in concert with others, D- 23 Link purposefully directed its activities to the United States by designing, developing, marketing, 24 and manufacturing routers, Internet-protocol (“IP”) cameras, and related software and services, 25 intended for use by consumers throughout the United States. 26 27 28 7. Defendant D-Link Systems, Inc., (“DLS”) is a California corporation with its principal office or place of business at 17595 Mt. Herrmann St., Fountain Valley, California COMPLAINT REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED PAGE 2 Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 3 of 14 1 92708. DLS transacts or has transacted business in this district and throughout the United States. 2 At all times material to this Complaint, acting alone or in concert with others, DLS has 3 advertised, marketed, distributed, or sold routers, IP cameras, and related software and services, 4 intended for use by consumers throughout the United States. The Chairman of DLS’s Board of 5 Directors has served as D-Link’s Chief Executive Officer and the two entities have coordinated 6 closely regarding the security of Defendants’ routers and IP cameras. 7 8 8. The FTC’s claims against D-Link and DLS arise from or relate to Defendants’ acts or practices aimed at or taking place in the United States. 9 10 COMMERCE 9. At all times material to this Complaint, Defendants have maintained a substantial 11 course of trade in or affecting commerce, as “commerce” is defined in Section 4 of the FTC Act, 12 15 U.S.C. § 44. 13 14 DEFENDANTS’ BUSINESS PRACTICES 10. D-Link is a hardware device manufacturer that designs, develops, markets, and 15 manufactures networking devices, including devices with core functions that relate to security, 16 such as consumer routers and IP cameras. D-Link designs, develops, and manufactures these 17 products, their marketing materials, and related software and services for distribution or sale to 18 United States consumers through its subsidiary, DLS. 19 20 21 When releasing new software for such 22 routers and IP cameras, D-Link uses a digital signature issued in its name, known as a “private 23 key,” to sign the software, in order to assure entities, such as browsers and operating systems, 24 that the software comes from an authentic or “trusted” source and is not malware. 25 11. DLS is a subsidiary of D-Link and is nearly 98% owned by D-Link and its 26 holding company, D-Link Holding Company, Ltd. DLS provides marketing and after-sale 27 services integral to D-Link’s operations, including by marketing and acting as the sole 28 COMPLAINT REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED PAGE 3 Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 4 of 14 1 distributor of Defendants’ routers and IP cameras throughout the United States. 2 3 Among other services, DLS acts as the primary point-of-contact for 4 problems that United States consumers have with Defendants’ routers, IP cameras, or related 5 software and services; 6 7 DLS also assists in notifying 8 United States consumers about the availability of security updates through means such as 9 DLS’s websites. 10 12. Defendants have provided software applications that enable users to access their 11 routers and IP cameras from a mobile device (“mobile apps”), including a free “mydlink Lite” 12 mobile app. Defendants designed the mydlink Lite app to require the user to enter a user name 13 and password (“login credentials”) the first occasion that a user employs the app on a particular 14 mobile device. After that first occasion, the app stores the user’s login credentials on that 15 mobile device, keeping the user logged into the mobile app on that device. 16 17 DEFENDANTS’ ROUTERS 13. Defendants’ routers, like other routers, operate to forward data packets along a 18 network. In addition to routing network traffic, they typically play a key role in securing 19 consumers’ home networks, functioning as a hardware firewall for the local network, and 20 acting as the first line of defense in protecting consumer devices on the local network, such as 21 computers, smartphones, IP cameras, and other connected appliances, against malicious 22 incoming traffic from the Internet. 23 24 DEFENDANTS’ IP CAMERAS 14. Defendants’ IP cameras, akin to many such IP cameras, play a key security role 25 for consumers, by enabling consumers to monitor private areas of their homes or businesses, to 26 detect any events that may place the property or its occupants at risk. In many instances, 27 Defendants offer them as a means to monitor the security of a home while consumers are away, 28 COMPLAINT REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED PAGE 4 Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 5 of 14 1 or to monitor activities within the household, including the activities of young children, while a 2 consumer is at home. Consumers seeking to monitor the security of their homes or the safety 3 of young children may access live video and audio feeds (“live feeds”) from their cameras over 4 the Internet, using a mobile device or other computer. 5 6 DEFENDANTS’ SECURITY FAILURES 15. Defendants have failed to take reasonable steps to protect their routers and IP 7 cameras from widely known and reasonably foreseeable risks of unauthorized access, including 8 by failing to protect against flaws which the Open Web Application Security Project has ranked 9 among the most critical and widespread web application vulnerabilities since at least 2007. 10 Among other things: 11 a. Defendants repeatedly have failed to take reasonable software testing and 12 remediation measures to protect their routers and IP cameras against well- 13 known and easily preventable software security flaws, such as “hard-coded” 14 user credentials and other backdoors, and command injection flaws, which 15 would allow remote attackers to gain control of consumers’ devices; 16 b. Defendant D-Link has failed to take reasonable steps to maintain the 17 confidentiality of the private key that Defendant D-Link used to sign 18 Defendants’ software, including by failing to adequately restrict, monitor, and 19 oversee handling of the key, resulting in the exposure of the private key on a 20 public website for approximately six months; and 21 c. Defendants have failed to use free software, available since at least 2008, to 22 secure users’ mobile app login credentials, and instead have stored those 23 credentials in clear, readable text on a user’s mobile device. 24 THOUSANDS OF CONSUMERS AT RISK 25 16. As a result of Defendants’ failures, thousands of Defendants’ routers and 26 cameras have been vulnerable to attacks that subject consumers’ sensitive personal 27 information and local networks to a significant risk of unauthorized access. In fact, the press 28 COMPLAINT REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED PAGE 5 Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 6 of 14 1 has reported that Defendants’ routers and cameras have been vulnerable to a range of such 2 attacks and have been compromised by attackers, including by being made part of large scale 3 networks of computers infected by malicious software, known as “botnets.” 4 17. The risk that attackers would exploit these vulnerabilities to harm consumers was 5 significant. In many instances, remote attackers could take simple steps, using widely available 6 tools, to locate and exploit Defendants’ devices, which were widely known to be vulnerable. For 7 example, remote attackers could search for vulnerable devices over the Internet and obtain their 8 IP addresses using readily available tools, such as a popular search engine that can locate devices 9 running particular software versions or operating in particular locations. Alternatively, attackers 10 could use readily accessible scanning tools to identify vulnerable devices operating in particular 11 areas or on particular networks. In many instances, an attacker could then take simple steps to 12 exploit vulnerabilities in Defendants’ routers and IP cameras, impacting not only consumers who 13 purchased these devices, but also other consumers, who access the Internet in public or private 14 locations served by the routers or who visit locations under the IP cameras’ surveillance. 15 18. By creating these vulnerabilities, Defendants put consumers at significant risk of 16 harm in a variety of ways. An attacker could compromise a consumer’s router, thereby obtaining 17 unauthorized access to consumers’ sensitive personal information. For example, using a 18 compromised router, an attacker could re-direct consumers seeking a legitimate financial site to a 19 spoofed website, where they would unwittingly provide the attacker with sensitive financial 20 account information. Alternatively, using a compromised router, an attacker could obtain 21 consumers’ tax returns or other files stored on the router’s attached storage device or could use 22 the router to attack other devices on the local network, such as computers, smartphones, IP 23 cameras, or connected appliances. Similarly, by exploiting the vulnerabilities described in 24 Paragraph 15, an attacker could compromise a consumer’s IP camera, thereby monitoring 25 consumers’ whereabouts to target them for theft or other criminal activity or to observe and 26 record over the Internet their personal activities and conversations or those of their young 27 children. In many instances, attackers could carry out such exploits covertly, such that 28 COMPLAINT REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED PAGE 6 Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 7 of 14 1 consumers would have no reason to know that an attack was ongoing. Finally, during the time 2 Defendant D-Link’s private key was available on a public website, consumers seeking to 3 download legitimate software from Defendants were at significant risk of downloading malware, 4 signed by malicious actors using D-Link’s private key. 5 6 7 DEFENDANTS’ SECURITY STATEMENTS 19. Defendants have disseminated or caused to be disseminated to consumers statements regarding the security of their products, including their routers and IP cameras. 8 9 SECURITY EVENT RESPONSE POLICY 20. From approximately December 2013 until early September 2015, after highly- 10 publicized security flaws were found to affect many of its products, Defendant DLS posted a 11 Security Event Response Policy on its product support webpage, 12 http://support.dlink.com/securityadvisories.aspx, in the general form of Exhibit 1. Within 13 its Security Event Response Policy, under a bolded heading “D-Link’s commitment to Product 14 Security,” Defendant DLS stated: 15 D-Link prohibits at all times, including during product development by D-Link or its 16 affiliates, any intentional product features or behaviors which allow unauthorized access 17 to the device or network, including but not limited to undocumented account 18 credentials, covert communication channels, ‘backdoors’ or undocumented traffic 19 diversion. All such features and behaviors are considered serious and will be given the 20 highest priority. 21 22 PROMOTIONAL CLAIMS 21. Defendants highlight their routers’ security features in a wide range of materials 23 available on Defendant DLS’s website, including user manuals and promotional brochures, 24 which describe these features alongside language that specifically references the device’s 25 “security”. Such materials include, but are not limited to, brochures in the general form of 26 Exhibits 2-5, which state: 27 28 COMPLAINT REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED PAGE 7 Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 8 of 14 1 a. Under a bolded, italicized, all-capitalized heading, “EASY TO SECURE,” that 2 the router: 3 supports the latest wireless security features to help prevent unauthorized 4 access, be it from over a wireless network or from the Internet. Support for 5 WPATM and WPA2TM standards ensure that you will be able to use the best 6 possible encryption, regardless of your client devices. In addition [the router] 7 utilizes dual active firewalls (SPI and NAT) to prevent potential attacks from 8 across the Internet. 9 Delivering great wireless performance, network security and coverage [the 10 router] is ideal for upgrading your existing wireless network. (See PX 2). 11 12 b. Under a bolded, italicized, all-capitalized heading, “ADVANCED NETWORK SECURITY,” that the router: 13 ensures a secure Wi-Fi network through the use of WPA/WPA2 wireless 14 encryption. Simply press the WPS button to quickly establish a secure 15 connection to new devices. The [router] also utilizes dual-active firewalls 16 (SPI and NAT) to prevent potential attacks and intrusions from across the 17 Internet. (See PX 3). 18 c. Under a bolded heading, “Advanced Network Security,” that the router: 19 supports the latest wireless security features to help prevent unauthorized 20 access, be it from over a wireless network or from the Internet. Support for 21 WPATM and WPA2TM standards ensure that you will be able to use the best 22 possible encryption method. In addition, this [router] utilizes Stateful Packet 23 Inspection Firewalls (SPI) to help prevent potential attacks from across the 24 Internet. (See PX 4). 25 d. Under a heading “128-bit Security Encryption,” that the router: 26 protects your network with 128-bit AES data security encryption – the same 27 technology used in E-commerce or online banking. Create your own network 28 COMPLAINT REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED PAGE 8 Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 9 of 14 1 name and password or put it at the tip of your fingers with ‘Push Button 2 Security’ standard on every Amplifi device. With hassle-free plug and play 3 installation, and advanced Wi-Fi protected setup, the [router] is not only one 4 of the fastest routers available, its [sic] also one of the safest. (See PX 5). 5 22. Defendants highlight the security of their IP cameras in a wide range of 6 materials available on Defendant DLS’s website, including user manuals and promotional 7 brochures, which describe these features alongside language that specifically references the 8 device’s “security”. Such materials include, but are not limited to, brochures in the general 9 form of Exhibit 6, which display the word “SECURITY” in large, capital letters, in a vividly- 10 colored footer across the bottom of each page. (See PX 6). In addition, Defendants have 11 designed their IP camera packaging, including in the general form of Exhibit 7, to display 12 security-related terms. Such terms include the words “secure connection,” next to a lock icon, 13 among the product features listed on the side of the box (see PX 7). 14 15 INTERACTIVE SECURITY FEATURES 23. Defendants’ routers offer numerous security features that Defendants present 16 alongside instructions that specifically reference the device’s “security”. In particular, in many 17 instances, to begin using the router, users must access a graphical user interface (hereinafter, 18 “Defendants’ router GUI”), in the general form of Exhibits 8 and 9, which includes 19 instructions, such as: 20 a. “To secure your new networking device, please set and verify a password 21 below” (see PX 8); and 22 b. “It is highly recommended that you create a password to keep your router 23 24 secure.” (See PX 9). 24. Defendants’ IP cameras offer numerous security features that Defendants 25 present alongside language that specifically references the device’s “security”. In particular, to 26 begin using the camera, in many instances, users must access a GUI (hereinafter “Defendants’ 27 IP camera GUI”), in the general form of Exhibits 10 and 11, which include language, such as: 28 COMPLAINT REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED PAGE 9 Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 10 of 14 1 a. instructions to “Set up an Admin ID and Password” or “enter a password” in 2 order “to secure your camera” (see PX 10); and 3 b. security-related banners, including, but not limited to, the words “SECURICAM 4 Network,” alongside a lock icon, across the top of the GUI (see PX 11). 5 D-LINK DIRECTS ITS PRACTICES TO U.S. CONSUMERS 6 25. 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 VIOLATIONS OF THE FTC ACT 26. Section 5(a) of the FTC Act, 15 U.S.C. § 45(a), prohibits “unfair or deceptive acts or practices in or affecting commerce.” 27 28 COMPLAINT PAGE 10 REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 11 of 14 1 27. Acts or practices are unfair under Section 5 of the FTC Act if they cause or are 2 likely to cause substantial injury to consumers that consumers cannot reasonably avoid 3 themselves and that is not outweighed by countervailing benefits to consumers or competition. 15 4 U.S.C. § 45(n). 5 COUNT I 6 Unfairness 7 28. In numerous instances, Defendants have failed to take reasonable steps to secure 8 the software for their routers and IP cameras, which Defendants offered to consumers, 9 respectively, for the purpose of protecting their local networks and accessing sensitive personal 10 information. 11 29. Defendants’ practices caused, or are likely to cause, substantial injury to 12 consumers in the United States that is not outweighed by countervailing benefits to consumers or 13 competition and is not reasonably avoidable by consumers. 14 30. Therefore, Defendants’ acts and practices as described in Paragraphs 15-18 of this 15 Complaint constitute unfair acts or practices in or affecting commerce, in violation of Section 5 16 of the FTC Act, 15 U.S.C. §§ 45(a) and 45(n). 17 COUNT II 18 Security Event Response Policy Misrepresentation 19 31. Through the means described in Paragraph 20, Defendant DLS has represented, 20 directly or indirectly, expressly or by implication, that Defendants took reasonable steps to 21 secure their products from unauthorized access. 22 23 24 32. In truth and in fact, as described in Paragraphs 15-18, Defendants did not take reasonable steps to secure their products from unauthorized access. 33. Therefore, the making of the representation set forth in Paragraph 31 of this 25 Complaint constitutes a deceptive act or practice, in or affecting commerce in violation of 26 Section 5(a) of the FTC Act, 15 U.S.C. § 45(a). 27 28 COUNT III COMPLAINT PAGE 11 REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 12 of 14 1 2 Router Promotional Misrepresentations 34. Through the means described in Paragraph 21, Defendants have represented, 3 directly or indirectly, expressly or by implication, that the routers described by these claims were 4 secure from unauthorized access. 5 6 7 35. In truth and in fact, as described in Paragraphs 15-18, Defendants’ routers were not secure from unauthorized access and control. 36. Therefore, the making of the representation set forth in Paragraph 34 of this 8 Complaint constitutes a deceptive act or practice, in or affecting commerce in violation of 9 Section 5(a) of the FTC Act, 15 U.S.C. § 45(a). 10 COUNT IV 11 12 IP Camera Promotional Misrepresentations 37. Through the means described in Paragraph 22, Defendants have represented, 13 directly or indirectly, expressly or by implication, that the IP cameras described by these claims 14 were secure from unauthorized access and control. 15 16 17 38. In truth and in fact, as described in Paragraphs 15-18, Defendants’ IP cameras were not secure from unauthorized access and control. 39. Therefore, the making of the representation set forth in Paragraph 37 of this 18 Complaint constitutes a deceptive act or practice, in or affecting commerce in violation of 19 Section 5(a) of the FTC Act, 15 U.S.C. § 45(a). 20 COUNT V 21 22 Router GUI Misrepresentations 40. Through the means described in Paragraph 23, Defendants have represented, 23 directly or indirectly, expressly or by implication, that the routers described by these claims were 24 secure from unauthorized access. 25 26 41. In truth and in fact, as described in Paragraphs 15-18, Defendants’ routers were not secure from unauthorized access and control. 27 28 COMPLAINT PAGE 12 REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 13 of 14 1 42. Therefore, the making of the representation set forth in Paragraph 40 of this 2 Complaint constitutes a deceptive act or practice, in or affecting commerce in violation of 3 Section 5(a) of the FTC Act, 15 U.S.C. § 45(a). 4 COUNT VI 5 IP Camera GUI Misrepresentations 6 43. Through the means described in Paragraph 24, Defendants have represented, 7 directly or indirectly, expressly or by implication, that the IP cameras described by these claims 8 were secure from unauthorized access and control. 9 10 11 44. In truth and in fact, as described in Paragraphs 15-18, Defendants’ IP cameras were not secure from unauthorized access and control. 45. Therefore, the making of the representation set forth in Paragraph 43 of this 12 Complaint constitutes a deceptive act or practice, in or affecting commerce in violation of 13 Section 5(a) of the FTC Act, 15 U.S.C. § 45(a). 14 15 CONSUMER INJURY 46. Consumers are likely to suffer substantial injury as a result of Defendants’ 16 violations of the FTC Act. Absent injunctive relief by this Court, Defendants are likely to injure 17 consumers and harm the public interest. 18 19 THIS COURT’S POWER TO GRANT RELIEF 47. Section 13(b) of the FTC Act, 15 U.S.C. § 53(b), empowers this Court to grant 20 injunctive and such other relief as the Court may deem appropriate to halt and redress violations 21 of any provision of law enforced by the FTC. 22 23 24 PRAYER FOR RELIEF Wherefore, Plaintiff FTC, pursuant to Section 13(b) of the FTC Act, 15 U.S.C. § 53(b), and the Court’s own equitable powers, requests that the Court: 25 A. 26 Defendants; and Enter a permanent injunction to prevent future violations of the FTC Act by 27 28 COMPLAINT PAGE 13 REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED Case 3:17-cv-00039 Document 1 Filed 01/05/17 Page 14 of 14 1 2 B. Award Plaintiff the costs of bringing this action, as well as such other and additional relief as the Court may determine to be just and proper. 3 4 5 Respectfully submitted, 6 DAVID SHONKA Acting General Counsel 7 8 Dated: January 5, 2017 9 10 11 /s/ Cathlin Tully________________ LAURA D. BERGER KEVIN H. MORIARTY CATHLIN TULLY Attorneys for Plaintiff FEDERAL TRADE COMMISSION 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 COMPLAINT PAGE 14 REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED Case 3:17-cv-00039 Document 1-1 Filed 01/05/17 Page 1 of 31 D-Link Technical Support Case 3:17-cv-00039 Document 1-1 Filed 01/05/17 Page 2 of 31 I http://support.dlink.com/SecurityAdvisOOes.aspx UHllll..iLr AI C MIYI mauue~ moown~ I Go MAY Close )( 19 captures 11Nov 13-8 Sep 15 I Search by product, keyword, model. I Q. D-Link Security Advisories Building Hetworl European Union Contact : Mary Harrison E-Mail: mary.harrison@dlink.com Canad a Contact: Please Submit by Web Web Contact : Link All Others Regions : Contact: Dmitri Detwyler E-mail : Dmitri_ Detwyler@dlink.com.tw Additio nal Public Relat ions : press@dlink.com D-Link's Commitment to Product Security D-Link prohibits at all times, including during product development by D-Link or its affiliates, any intentional product features or behaviors which allow unauthorized access to the device or network, including but not limited to undocumented account credentials, covert communication channels, "backdoors• or undocumented traffic diversion. All such features and behaviors are considered serious and will be given the highest priority. D-Link reserves the right to change or update this document without notice at any time. All of the information, instructions and recommendations in this document are offered on a strictly "as is" basis. This material is offered without any warranty: expressed or implied. D-Link shall not be liable for any direct, indirect, incidental or consequential damages that may result from anything that is contained in this document or action that is a result thereof. It is up to the reader to determine the suitability of any directions or information in this document D·Liftk https://web archive org/web/20150908041250/http:l/support dlink com/SecurityAdvisories aspx[l 1119/20 15 12:05:29 PM] Terms of Use Privacy Contact Us Case 3:17-cv-00039 Document 1-1 Filed 01/05/17 Page 4 of 31 PX2 3CC WIRELESS N 300 ROUTER Powerful Wireless N 300 technology outperforms Wireless G1 Parental controls to supervise Built-in QoS engine enhances Intern et activity Internet expe rience UPGRADE YOUR NETWORK The D-link Wireless N 300 Router (DIR-615) provides a better wireless signal for your network than previous-generation Wireless Gtechnology. Upgrading your home network to Wireless N 300 provides an excellent solution for sharing an Internet connection and files such as video, music, photos, and documents. D-link Wireless N 300 products use Intelligent Antenna technology to transmit multiple streams of data which enables you to receive wireless signals in the farthest corners of your home. Not only does the D-link Wireless N 300 technology extend your wireless range, it also works with previous-generation wireless devices. The DIR-615 also includes QoS (Quality of Service) Prioritization Technology that analyzes and separates multiple data streams based on sensitivity to delay, enabling multiple applications to stream smoothly across your network2• EASY TO SET UP The D-link Quick Router Setup Wizard quickly configures your new Wireless N 300 Router to get you up and running in minutes. Our Setup Wizard walks you step by step through the installation process to configure your Internet connection, wireless network settings and security, and everything else you need to get your network up and running so that you don't have to be a networking expert to get it set up. EASY TO SECURE The DIR-615 supports the latest wireless security features to help prevent unauthorized access, be it from over a wireless network or from the Internet. Support for WPA™ and WPA2™ standards ensure that you will be able to use the best possible encryption, regardless of your client devices. In addition, the Wireless N 300 Router utilizes dual active firewalls (SPI and NAT) to prevent potential attacks from across the Internet. Delivering great wireless performance, network security and coverage, the D-link Wireless N 300 Router (DIR-615) is ideal for upgrading your existing wireless home network. WIRELESS N DJR-615 TECHNICAL SPECIFICAnONS SIANOAHOS + IEEE802.11n Lt US Powor + WLAN (Wireless Conne1cion/ + LAN {10/100) + /nce1r1e1 S1a1us + + IEEE802.11g + IEEE802.3 + IEEE 802.Ju WHAT THIS PRODUCT DOES Create a wireless netv.ork to sllare high-speed Internet access with computers, game consoles, and media players from greater distances around CERTIFICATIONS +FCC Class B +IC + Wi.F;i DEVICE INTERFACE + 4 101100 LAN Ports + 1101100 WAN Port your home. SECURITY ~ Wi-Fi BENEFITS OF A WIRELESS N JOO ROUTER ( 198.1mm x Jllmm x 30.!inm) ADVANCED FIREWALL FEATURES This Wireless N 300 Rou1er uses powerful 802.11 n 1ecl111ology wi1l1 muhi11le ln1ellige11t DIMENSIONS + Item (WxOxHJ: 7.8" x 5"; 1.2" Protected Access /WPA. WPA2)" a111~1111as 10 + Packaging (WxDxH/: 10.l" x 2.6" x 8.1" +Network Add:ess Translarion (NAT} + Statetul Packet Inspection !SPIJ + VPN Pass·through I Mulri·sessions PPTP I LZTP / IPSec (276.9mm x 66mm x 205.Bnm) WEIGHT maximize the speea anll rangeof yourwlrelessslgnal to significantly ou1per1orm prev1ous·genera11on Wireless G MIMO devices'. The antennas on the + Item: 0.6 lbs (272.2 grams} DEVICE MANAGEMENT +Packaging: 1.4 lbs/635 grams} +Internet Explore,.. vl or later; Mozilla FirefoX- v3.0 or later; or other Java-enabled Browsers WARRANTY Wireless N 300 Router make use of your home's + I · Year limited' envirorrneri by bouncing multiple wireless signals off walls and ceilings to wori around obstruct.ans and help eliminate dead spots. YOUR NETWORK SETUP RECOMMENVED SYSlfM REQUIREMENTS MINIMUM SYSTEM REQUIREMENTS PACKJ.GE CONTENTS For Oplllral l.'ffoless Pertormarce, use ..tt'r Comp/let wlitr t WICldows 7',Wondowsl.!$ta -+ Wireess N 300 Rou1e1 t Wife/e$$N;JJOAtaPlllf/0WA·l:lll '.~XPSP3, or Mac OS" XlvllUf t t CAT5Etheme1 C.ble + Pow:1 Adapfet • ln1m..1&plotw v7 or MolJ/kl lilesss19nd fllle denved from IEEE Stnodard802.1I spet1licatons. Ac1ualdnra ~11111~hp111 W1N •"'I· Nl!(Warl.condtioos and e1Niroomemalfac1ors, including wlume ot network treffic, tuild•ng materiels ond coustrucbOf\. andnC1'N01k uvt31hcad, luwcr nctuol doto Uwouuhciut rote. U1..,ronmc•1tnl actOls w;n adversely affect w;relesssignalrange. Wireless range and speed rates arc D·Ur« RELATIVE pcmm1ance measuremenis based on Ille W•oloss rang• andspeod rateior a Slanda·d Wireless Gproduc1 frorn D·ulk. Moxim11m thtough1ut base.d Of\ 0 Unk Wtofost Ndcvicoa. 4 ' OoS feature availalle in hardwore w.rs.on B1end above. J l-Yoar Umitod Wa1Tanty avaibblu only m lho USA and Can3do ' Compu1er must adhere IO M1crosoh's •ecomrnonded System Acqulrernems ' The s.oftvvato incluted Wth thi$ p.rod1.1et it not Mac-compacible. • Latest software anl docurnemarion are a•a1lalie ar l'ltpt/suppon.dllrl<.com. ~N»l llOUTlJl ............,.llilWn ~.--. 1 HatdwarP. version Cl tJnd abowt are equippP.d wid11ion-dP.1Arh11hlff antennu Al references to sseed and fanl}e ate forcornpanSM pt.1(Jlm;esonly PrDl11ict ~Pf!efflcationc,s110.11nd • 1-Year Limited Warranty' 2.4GHz i5 600 I~~ I • I • I • I • I • I • • • • • • • • I • • content with ' - interferel ice • Built-in QoS Engine Enhances Internet Experience • 4 Fast Ethernet Ports • Supports Secure Wireless Encryption Using WPA"' orWPA2"" • 24fl Basic Installation Support5 !N I • I • • IEEE 802.11n,802.11 g, and 802.11 a Compliant • Wi-Fi• Protected Setup"' (WPS) for Simple Push-Button Wireless Network Configuration 300 • I • Enhanced router performance fot a mote reliable network QoS engine prioritizes video and gaming traffic • Dual Band Technology for Superior Wireless Performance' N DIR-815 SGHz •• (< ~>) ma e-mail, surf the web and instant message stream HD videos and play games online Case 3:17-cv-00039 Document 1-1 Filed 01/05/17 Page 13 of 31 DIR-815 Wireless N Dual Band Router Technical Specifications Back Standards Certifications • IEEE80211n • IEEE80211g • FCCClassB • IC • IEEE80211a • Wefi• • IEEE8023 • IEEE8023u Power Connector Device Interface • 4 10/100 LAN Ports • 110/lOOWAN Ports 4LAN Ports Connects up to 4 Devices Dimensions • Item: 6.25"x4.72"x 1.27" (1S8.871YYnx 120.<>4mmx32.18mm) • Packaging: 8.l"x 10.9"x 26" (20S.7mm x 276.9mm x 66mm) Security • WeFi Protected Access (WPA, WPA2) 0 Power Switch Weight • Item: 0.47 lbs (213.2grams) LEDs 1 • Packaging: 1J) lbs (453.6grams) • Power • Internet Warranty • WLAN 2.4 GHz (Wireless Connection) • 1-YearWarranty2 • WLAN SGnz (Wireless Connection) • LAN (HYl 00) ~ Reset Button Internet Port _J Restore Settings Operating Temperature • 32'F to 104'F (O'C IO 40'CJ Plug your Internet c.ible in here ' Maximum wireleos signal me~d from IEEE Standard 802.1lg,802.11, 812.1lb,ard812.1 ln specifications.Actual data throughput wi" vtwy. Network oonditicns and erwironment;il fact~ including volumed .-rktraftic, buiking moterials andccnstruction,and notwooi< 1em Requiremenu. 'The scft\'\Olre included wi\11 this pioduct is net Macxcrnpati,le. 5 2417 Basic Installation Suppc:rt is ..,.lable en~ in the USA b thefm 30d~ from date dcftginal pun:hase An addticnal 60 da)5cf Baoic lnsmlaticnSuppcrt (for a toQI c:J !IO da)5 from datedoriginal purchase) is awial>e in\tie USA by registering this proruct at "-'Pl'Ofl.dink.c:om/registerwi\tiin the """'"""6cn »day period. Extended i:rerrium suppcrtawiable. 61-Year LimitedWartanty avoilable orly in the USA andc.n.da. All """"'°'510speed and raroe are b CDmlllriscn purpo... orly. Product specificaticn\ size, and shape are sut:;e1Rm1.lrc.Nlrigha""""""1~\tiel}Llnkic9'1(}U)kGreen,\tiel}LlnkGreen~~Nand\tiel>tnkRcHSlcgcaret'**"'-oipectNe owners. Visit www.dlink.a>m IOf rncte demils. '"'"'II""""" Updated03l02112 D ..Link: Building Networks for People Case 3:17-cv-00039 Document 1-1 Filed 01/05/17 Page 14 of 31 PXS Case 3:17-cv-00039 Document 1-1 Filed 01/05117 Page 15 of 31 D-Lintc PX 5 amPLiFi with smARTBEAM N+ 300 SmartBeam technology for whole home coverage SharePort for sharing any USB device 4 Gigabit Ethernet ports for great wired connectivity amPLiFi \ hole Home Router 1000 Wi-Fi coverage to the farthest corners of your home DIR-645 Case 3:17-cv-00039 Document 1-1 Filed 01/05117 Page 16 of 31 D-Linte DIR-645 Give your wireless devices the bandwidth they crave. Give them SmartBeam . Advanced Home Networking. Simple Setup Build a wireless home network capable of delivering the anywhere in your home. Multiple laptops. Network storage media systems. iPads, iPhones - It used to be that designing a home file downloads, and online gaming to multiple devices, network capable of handling so many devices required some simultaneously. SmartBeam uses 6 multi-directional antennas to serious hardware and some seriously messy installation. Not find and track individual devices, then focus beams of bandwidth with Amplifi™- the Whole Home Router 1000 has not only been to those devices, ensuring a seamless connection anywhere engineered with the power to handle all of your digital demands, in the home. Ideal for large homes or small offices where but with the smarts to put it at the tip of your fingers. Whole concrete walls, successive floors in multi-storied buildings, or Home Routers offer Wireless G backwards-compatibility and other architectural impediments can weaken a wireless signal, Wi-PnP technology for simple wireless connections through a SmartBeam is designed to handle large home networks and USB drive. 1Pv6 allows for intelligent self-deted and router setup. bandwidth to handle HD video streams, large High-performance entertainment devices. Wireless signals can even power devices across large backyards. What's more, this tracks mobile devices in real -time so the Whole Home 128-bit Security Encryption Router 1000 supllies this boosted bandwidth to your iPad or or The Whole Home Router 1000 proteds your network with 128-bit smartphones as you move around. Eliminate wireless dead spots AES data security encryption - the same technology used in and unleash comprehensive whole-home coverage on all your E-commerce or online banking. Create your own network name devices, all at once - the Whole Home Router 1000 provides and password or put it at the tip of your fingers with 'Push Button uninterrupted connectivity to any device, anywhere in your Security' standard on every Amplifi device. With hassle-free plug home or small office. and play installation, and advanced Wi-Fi proteded setup, the Whole Home Router 1000 is not only one of the fastest routers Now Playing: Everything available, its also one of the safest. The Whole Home Router 1000 has not only been engineered to deliver seamless connedivity to your favorite wireless devices, but comes equipped with 4 high-performance Gigabit Ethernet ports to power your digital entertainment system as well. HDlVs, the Boxee Box by D-Link, Blu-Ray Players, xBox 3608 , Playstation 3 - Conned your favorite performance devices and give them the 300 Mbps speed and advanced QoS bandwidth prioritization they need for seamless iPad® HD video streams, high-performance gaming, and VOiP calls without annoying glitches or lags. Conned printers, NAS servers - even security cameras - Shareport Plus USB 2.0 lets you stream from any USB device. There's even a SharePort App for Android® and iPhone8 OS for online gaming support like Onlive. Get Ready for the Future - 1Pv6 Equ ipped With the growing number of Internet-enabled applications requiring IP addresses, the supply of IP addresses under the current Internet Protocol version 4 (1Pv4) system has already been exhausted. The 1Pv6 protocol solves this network addressing exhaustion by creating more IP addresses, but migration from 1Pv4 to 1Pv6 is not necessarily automatic. No worries - This D-Link produd is 1Pv6 Certified and ready for the future. Case 3:17-cv-00039 Document 1-1 Filed 01/05117 Page 17 of 31 AFTER IAmplifi Wireless Network win SITIARTsi:AM Whde Home Router )()()() I focuOe-rietS Strong Signal Features + 4 Gigabit Ethernet Ports 1 +IEEE 802.11nand802.1 lg Compliant +WPS (Wi-Fi• Protected Setup™) for simple PushButton Wireless Network Configuration +Supports Secure Wireless Encryption Using WPA™ orWPA2™ + Parental Controls powered by OpenDNS + UPnP• Support + 2417 Basic Installation Support2 + 1-Year Limited Warranty3 Think Green While this may look like your average router, it's not. This is a D-Link Green router, which is as good for your wallet as it is for the environment. The Whole Home Router 1000 is designed to conserve energy, protect our environment from harmful substances and reduce waste by using recyclable packaging. D-Link Green devices provide eco-friendly alternatives without compromising performance. To learn more, visit www.dlinkgreen.com. D-Link Green™ Technology2 + Power saving by link status + Power saving by cable length + Power saving by wireless LAN scheduling +Complies with the EU RoHS directive that restricts the use of certain hazardous materials + Uses soy ink and recyclable packaging to reduce harmful environmental waste Technical Specifications STANDARDS DEVICEMANAGEMENT + IEEE 802.11 n + IEEE 802.11 g + IEEE802.3 + IEEE 802.3u + IEEE 802.3ab + Internet Explorer" v7 or Later; Mozilla Firefox• v3.0 or Later; or other Javaenabled Browsers LEDs DEVICE INTERFACE + 4 Gigabit LAN Ports + 1 Gigabit WAN Port + Push Button (for Wi-Fi Protected Setup™) + USB Port (SharePort™ Plus) + Power Button ANTENNATYPE + Smartbeam SECURITY + Internet + WLAN + WPS + Power CERTIFICATIONS + FCC Class B + IC + Wi-Fi 9 + WPS - PBC/PIN DIMENSIONS + Wi-Fi Protected Access™ (WPA, WPA2)" + Wi-Fi Protected Setup (WPS) - Push Button + Item (WxDxH): 4.6"x 7.6"x 1.2" (11 ?mm x 190mm x 97mm) ADVANCED FIREWALL FEATURES + Item: 0.7 lbs + Packaging: 2.0 lbs + Network Address Translation (NAT) + Stateful Packet Inspection (SPI) + VPN Pass-through I Multi-sessions PPTP I L2TP / IPSec ' Maximum wireless si"1al rare derived from IEEE Standard 802.11 specifications.Act>Jal data tflrooghputwil vary. Networlt conaltions and environmentlll factDrs, including vollme rJ. -traffic, buiklings mmrials and construdion, and n -overhead, lower actual data tflroughPuter must adhere to Microsoft's recommended System Requi°ements. ' The software included with this product is not Mao-oompe, ble. ' Latest software and documentation are available athnp://SUR>Of!.dlink.com. All references to speed end range are for comparison purposes only. Pnxktctsc>eeificablns, size, and shape are subject to change without notice, and actual product appearance may differ from that depicted herein. © 2011 0-Unk Corporatio.VO-l.ink Systems, Inc. Al rights reserved. 0-Unk, the 0-link loo<>. G-link Green, and 1he O·Link Green loo<> are trademalb °' regjstEred 1rademal1cs of O·Link Corporation°' its subsidiaries in 1he United States anrdllnk.com). mydl1nk makes 1L easy to get the most from your digital lifestyle without the learning curve. Convenient Access, Anywhere, Anytime A.s a mydlink-enabled device, you can access the IXS-930L anytime, anywhere you have lntemer access Get peace of mind by keeping an eye on your kids, pets, home or office from almost anywhere by simpty logging on to the mydllnk website and selecting your camera or download the free mydlink'mapp from the App store' or Android'" market for on-the go Uve video viewing. Since the DCS-930Lcomes with a built-in microphone, you can see and hear for yourself that everything is well at home. Camera Management For advanced users that want more out of their camera, the OCS-930l also comes with D-l ink D-1/iewCam"' management software. D-1/iewCam comes with a host of features induding the ability to record direclly from the camera to a local hard drive. trigger motion detection, set recording schedules, set e-mall alert notifirations. and even support for up to 32 cameras. D-ViewCam also allows you to upload a floor plan of your home or small business and create a realistic layout of where your cameras are located, providing you wirh better access to your camera. For even greater recording Oexibllity. you can record video directly to a Network Attached Storage (NAS) device, eliminating the need for a dedicated computer to store video. DKS00001170 Case 3:17-cv-00039 Document 1-1 Filed 01/05/17 Page 20 of 31 DCS-930L VariousViewing Applications Internet iPhone a ~ Desktop PC Remote Vlawing fPad I Laptop 11• Modem Router l I DCS-930L I ·>) (< ~ . W ired PG IA Technical Specifications Network Protocol + IPV4,ARP.TCP. UDP. ICMP +DHCPaient + NTP Client (D-link) +DNSOient 1 DONS Olent (Dynds and D·link) +SMTPOient t FTPOlent + HTTP server +PPPoE + UPnP Port f throoghput\Nill vary. Nctworl< conditions and "'1Vimnmcnt>Ifuctor>. lncludingvolume o( nctwOrsely affect w.raess srgnal ra09f!. W•eless range and speed rat<'> are D-1.Jnk RaATM performance measurements based on lhew1reless r.1t190 and speed rates ofa s!Jlndard Wireless G product fron1 o-t.mk. Maximum throughput baSr mu>t adh0 ~nt of[HJnk o< thlnc. Android~ a tr.ldcmark ofGoogle Inc. Case 3:17-cv-00039 Document 1-1 Filed 01/05/17 Page 21 of 31 PX7 Case 3:17-cv-00039 Document 1-1 Filed 01105/17 Page 22 of 31 Digital Baby Monitor, Day ! Night Cloud Camera Digital Baby f!lonotor D·Link'. mmm °'r lfiY'I ~ "'~ z.-, ~'l.1«11\ JllMnio"ll BB& -~---- CD el» =I ' ~·- ~,§ 1 C11 -- Ii. i i .._........ Digital Baby Monitor PX7 DKS00001388 Case 3:17-cv-00039 Document 1-1 Filed 01105/17 Page 23 of 31 Day / Night Monitoring Secure Connection Package Contents • ll1g~al Bab~· Moa1t~1 IDC~·931LiS'o + E:h.;rnetJ~aM~· + Puo\-1-!r/\drtfllm- ._ f,.lll111:1t~ B :~t~ ;.111rJ Mt-Ullt,iltcJ K1t 4xDigital Sound/Motion Zoom Detection Expand Wire less Network Unllmite9 Range Using Sman;phones '1, <·r f+J!