[dont__panic]

I'm not sure I would call Ubiquiti "impressive" after their recent bout of security breaches: https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-b...

Not exactly what I want to see in the device that can literally compromise all of my other devices. Am I missing something -- did this turn out to be nothing, or did folks decide that Ubiquiti has bounced back? This seemed really really serious at the time and turned me completely off from ever purchasing one of their products.

[InTheArena]

Turns out this story was planted by the perp to tank the stock after Unifi refused to give in to his "anonymous" ransom demand.

Not great - but more classic insider attack, then security breach.

[dangoor]

As noted in the update to the article, Ubiquiti was a victim of an extortion attempt from an employee. This is a pretty difficult attack to prevent.

[dont__panic]

Ah, that's a fair point. I guess at some level a sufficiently privileged employee can manage this in almost any system. But there's also some discussion of backdoors and inadequate access control in Ubiquiti's backend here that could concern privacy-minded folk.

[raesene9]

this is true but if the details in this post https://news.ycombinator.com/item?id=29456593 and others in that thread are to be believed, they have some serious security problems.

[ksec]

And that breach was from an insider?

https://krebsonsecurity.com/2021/12/ubiquiti-developer-charg...