General > General Technical Chat

Home Security Cameras and Privacy Concerns

<< < (6/6)

TomKatt:
There appears to be 2 fundamental uses for security cameras - DVR type setups for archival recording and "Live" broadcasting for remote observation.

If remote access is not required, a reasonable level of security can be achieved via segregated networking etc as someone mentioned earlier.

If remote access IS required, all bets are off and you have to decide whether the risk of having your camera accessed by others is a priority.  You can take steps to minimize rogue access, but you cannot fully prevent it.

We have 2 cameras set up for remote observation of our dogs while we are at work.  If anyone hacked into my feed they'd just get bored.  And if they want to watch me come out of the bathroom in a towel, thanks for making me feel better about myself lol.

Berni:

--- Quote from: Cerebus on June 27, 2022, 12:01:46 pm ---The context was Jon-Paul's remarks about deliberate "embedded HW/FW/SW backdoors". You don't hack a whole nation's private security cameras without someone noticing.

--- End quote ---

The S in IOT stands for Security.

It is usually more along the lines of unintentional security holes due to bugs. There are many software layers that build the functionality of these products. Often some of these layers contain exploitable bugs or are just configured to work with each other in a bad way that causes problems.

To make things worse these things often run very old versions of these software layers. It might run a very old linux kernel because that's what they had running on the SoC they use (as its likely a old chip that they could get dirt cheep) that then runs various software stacks that might not be fully up to date to begin with (as they might be reusing old code from previous cameras) that is then left running in the camera for many years and never updated.

As a result bugs get found here and there, make it out into the wild and eventually a bad actor will use those to exploit the devices since they ware never updated to fix them.

Miyuki:
Exactly, most of those "smart home" devices are like a good swiss cheese
If customers are not interested in security why would the manufacturer invest its money in any fixes
And most of the firmware is done by a swarm of third world programmers who have no idea or interest in what they are doing (just have to do it cheaply)
People will even happily accept EULA with sh%ts like all data can be used for whatever reason, just no one cares or reads it.
Just look what things like Alexa do with all it hears, people do not care about their privacy

And that huge hole in your network it provides all attackers, it just exposes all the internal network
I do not even want to know how big a portion of those devices are in some kind of botnet

Red Squirrel:
I would never install anything that requires cloud or an app, it's not future proof and it's basically a black box that you have no control over, not to mention, the privacy issue.  Unfortunately it's getting harder and harder to find normal locally managed cameras now days.

It seems lot of tech is going in that direction now too and I hate it.

Miyuki:

--- Quote from: Red Squirrel on June 28, 2022, 06:46:05 pm ---I would never install anything that requires cloud or an app, it's not future proof and it's basically a black box that you have no control over, not to mention, the privacy issue.  Unfortunately it's getting harder and harder to find normal locally managed cameras now days.

It seems lot of tech is going in that direction now too and I hate it.

--- End quote ---
Because app and cloud is so cool.
I now work on one product, not cloud-based, but have a local wifi connection.
I recommended them a simple web config interface (that will conveniently work on any platform) and what was the response.
We need and fancy looking app  ::) to set password and a few values  |O

Navigation

[0] Message Index

[*] Previous page

There was an error while thanking
Thanking...
Go to full version