Slashdot Mirror

← Back to Stories (view on slashdot.org)

Despite Reports of Hacking, Baby Monitors Remain Woefully Insecure

Posted by samzenpus on from the won't-somebody-please-think-of-the-children? dept.

itwbennett writes: Researchers from security firm Rapid7 have found serious vulnerabilities in nine video baby monitors from various manufacturers. Among them: Hidden and hard-coded credentials providing local and remote access over services like SSH or Telnet; unencrypted video streams sent to the user's mobile phone; unencrypted Web and mobile application functions and unprotected API keys and credentials; and other vulnerabilities that could allow attackers to abuse the devices, according to a white paper released Tuesday. Rapid7 reported the issues it found to the affected manufacturers and to US-CERT back in July, but many vulnerabilities remain unpatched.

2 of 109 comments (clear)

  1. Marketplace Justice by eyepeepackets · · Score: 5, Insightful

    Would be nice if there were an organization like UL Underwriters for network security, call it Network Underwriters Themed, Security Assured Credentials -- NUTSAC for short.

    Silliness aside, until manufacturers have to pay the price in the marketplace for their crappy wares, they won't bother to do it right.
    --
    Everything in the Universe sucks: It's the law!

    --
    Everything in the Universe sucks: It's the law!
    1. Re:Marketplace Justice by tlhIngan · · Score: 4, Insightful

      The problem is that most people do not think about security and thus will not demand that in products. So the market place will not demand such.

      Until someone manages to get on TV and show how easy it is to spy on children that way, then you'll see consumers demanding security.

      The problem is the consumer doesn't know how easy it is for someone that is not them to access their camera. And you'll see immediate change because it's all about the kids.

      What needs to happen is media attention