Logo of Ubiquiti Networks
|Traded as||NASDAQ: UBNT|
|Industry||Computer networking Energy|
|Headquarters||San Jose, California, USA|
|Products||Computer networking devices|
Ubiquiti Networks is an American technology company started in 2005. Based in San Jose, California Ubiquiti manufactures wireless data communication products for enterprise and wireless broadband providers with a primary focus on under-served and emerging markets.
Ubiquiti's brands include airMAX & airFiber for Outdoor Wireless, UniFi, Bullet, NanoStation, NanoStation Loco, PicoStation and RouterStation series of managed wired & wireless networking products, as well as sunMAX Grid-tied solar kits.
Ubiquiti's first product line was its "Super Range" mini-PCI radio card series. The SR2 and SR5 cards were adopted by original equipment manufacturers and wireless Internet service providers. Customers included Wireless Router Application Platform (WRAP), Soekris, and Mikrotik. This was followed by other wireless products, such as Freedom Frequency, the "Xtreme Range" and the PowerStation. The Xtreme Range cards operated on non-standard IEEE 802.11 bands, which reduced the impact of congestion in the 2.4 GHz and 5.8 GHz bands.
The company received attention in August 2007 when a group of Italian amateur radio operators set a distance world record for point-to-point links in the 5.8 GHz spectrum. Using two XR5 cards and a pair of 35 dBi dish antennas, the Italian team was able to establish a 304 km (about 188 mi) link at data rates between 4-5 Mbit/s.
airOS is the firmware maintained by Ubiquiti Networks for its airMAX products. It is Linux-based but features a modified MadWifi Linux kernel device driver for Atheros-based Wireless LAN devices, rather than the free and open source Atheros-based ath5k or ath9k drivers, the drivers accepted into the Linux kernel. The PicoStation M2, Bullet M2/M5, NanoStation M2/M5, Rocket M2/M5, and UniFi AP models are also used as a basis for Commotion Wireless networks, with the customized Commotion software installed.
U-Boot configuration extraction
In 2013, it was discovered that there was a security issue in the version of the U-Boot boot loader shipped on Ubiquiti's devices. It was possible to extract the plaintext configuration from the device without leaving a trace using Trivial File Transfer Protocol (TFTP) and an Ethernet cable, revealing information such as passwords.
While this issue is fixed in current versions of Ubiquiti hardware, despite many requests and acknowledging that they are using this GPL-protected application, Ubiquiti refuses to provide the source code for the GNU General Public License (GPL)-licensed U-Boot. This made it impossible (in practical terms) for Ubiquiti's customers to fix the issue.
It was reported by online reporter, Brian Krebs, on June 15, 2015, that  "Recently, researchers at the Fujitsu Security Operations Center in Warrington, UK began tracking [the] Upatre [trojan software] being served from hundreds of compromised home routers — particularly routers powered by MikroTik and Ubiquiti’s AirOS". Bryan Campbell of the Fujitsu Security Operations Center in Warrington, UK reported, "We have seen literally hundreds of wireless access points, and routers connected in relation to this botnet, usually AirOS", said Bryan Campbell, lead threat intelligence analyst at Fujitsu. "The consistency in which the botnet is communicating with compromised routers in relation to both distribution and communication leads us to believe known vulnerabilities are being exploited in the firmware which allows this to occur".
United States sanctions against Iran
Open-source licensing compliance
In 2015, Ubiquiti revealed that it lost $46.7 million in a scam.
- "World Record 304km Wi-Fi connection". Gizmag.com. Retrieved 2012-12-22.
- "Supported Devices". Commotionwireless.net. Retrieved 9 November 2014.
- "AirOS and Security DUMP of configuration files with TFTP or other thing"
- "GPL archive missing components"
- "Four ways Ubiquiti Networks is creatively violating the GPL". Retrieved 28 October 2015.
- "Crooks Use Hacked Routers to Aid Cyberheists".
- "Ubiquiti Networks IPO Priced To Work At $15?". Seeking Alpha. Retrieved 2012-12-22.
- "Annual report for fiscal year ended June 30, 2012". Form 10-K. US Securities and Exchange Commission. 21 September 2012. Retrieved 16 October 2013.
- "Ubiquiti Networks settles with OFAC for alleged violations of Iran sanctions", Debevoise & Plimpton LLP, 7 March 2014.
- "Fraudsters duped this company into handing over $40 million". Fortune.com. Retrieved 2015-10-19.