Slashdot Mirror
58,000 Security Camera Systems Critically Vulnerable To Attackers
Sparrowvsrevolution writes with news of some particularly insecure security cameras. From the article: "Eighteen brands of security camera digital video recorders are vulnerable to an attack that would allow a hacker to remotely gain control of the devices to watch, copy, delete or alter video streams at will, as well as to use the machines as jumping-off points to access other computers behind a company's firewall, according to tests by two security researchers. And 58,000 of the hackable video boxes, all of which use firmware provided by the Guangdong, China-based firm Ray Sharp, are accessible via the Internet. Early last week a hacker who uses the handle someLuser found that commands sent to a Swann DVR via port 9000 were accepted without any authentication. That trick would allow anyone to retrieve the login credentials for the DVR's web-based control panel. To compound the problem, the DVRs automatically make themselves visible to external connections using a protocol known as Universal Plug And Play, (UPnP) which maps the devices' location to any local router that has UPnP enabled — a common default setting. ...Neither Ray Sharp nor any of the eighteen firms have yet released a firmware fix."
"As Seen On TV"
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
Damn! and i was just looking for a system for my house and my mom's house.
Is your mom hot?
Well, I guess we'll find out soon enough...
I can't even get my Swann DVR to work right WITH the login credentials!
I am a geek attorney, but not your geek attorney unless you've already retained me. This is not legal advice.
I really don't care about cameras watching rock crushers...
Can someone please post a short-list of the ones covering strip clubs? 58,000 is a lot to sort through. Thanks in advance.