One of the problems of widespread broadband access is that we all get cheapo devices that perform tricks that used to be limited to a few high-end users a few years ago. The wireless broadband router that many of us have as our gateway to the internet is a case in point. It performs firewalling, DHCP, DNS proxy, NAT, WiFi and a host of other services just so that we can surf the internet speedily and reasonably securely. Just five or six years ago you needed to buy a fairly high end cisco router to do all this or alternatively you had to be a dedicated hobbyist either using something like smoothwall or for the real experts rolling your own Linx firewall, whereas now you just plunk down around $50 for a little box about 2cm x 10cm x 20cm.
Unfortunately there is a minor issuette with this proliferation of highly funcional boxes. If the code in them is written badly then a lot of people get to use the bad stuff. The classic example of this is Microsofts' various security holes which have affected practically everyone. However one advantage that Microsoft has over the manufacturers of boxes is that Microsoft software is easily upgradable (in theory - ignoring how upgrades break things etc etc). The box manufacturers have to get their customers to download a new version of firmware on to their computer, verify that it is genuine, and then upload it to the box and get the box to burn it on its flash memory. If this process goes wrong you end up with a mindwiped box which is a bit of a bugger because this is typically your only way of accessing the internet. Hence you might hope that the box manufacturers would do their best to make sure that the firmaware in their boxes works properly and won't break things before they ship uncounted gazillions of them.
Needless to say that hope is WRONG. The latest culprit is D-link which appears to be DDoSingmany of the world's most accurate time servers (Stratum 1 NTP servers for techie readers). The original problem was noticed by Poul-Henning Kamp, who discovered that numerous people were apparently sending malformed NTP packets to his time server and thereby annoying both him and his ISP, as well as his real customers - the BGP routers at DIX. Subsequently he and his reseach colleagues have identified that he is not the only NTP service provider to be hit by this and that the cumulative bandwidth cost of this is significant.
Poul-Henning's page explains in detail the costs involved - they aren't huge but aren't miniscule either, especially to a self employed individual - and the fact that D-link appears to have made things worse for themselves by hard-coding the NTP server list into the firmware of the boxes so that there is no way to update the list or check it for sanity or otherwise use it sensibly. Perhaps worse they have egregiously violated an internet covention that Stratum-1 servers (the most accurate) are only queried by Stratum-2 servers and critical internet infrastructre - i.e. BGP core routers not gazillions of DSL routers in homes and offices.
There are, almost certainly, ways to mitigate the problem, but they are costly and the costs fall on the victims rather than D-link which seems unfair. For example the obvious solution is to rename the timeservers so that the hostnames used by D-link's crud are no longer resolvable. Unfortunately this means that all users of these servers (i.e. the administrators of core routers etc.) have to change the configuration of their devices which is not something you do without a lot of care and attention simply because making a mistake potentially causes an Internet outage that affects millions.
I don't know whether any of my readers knows a US (California) based lawyer who would be interested in suing D-link pro bono to get them to stump up for the costs, but I really hope so because I doubt that anything short of a high-powered US lawyer is going to get the attention of D-link management.