Slashdot Mirror

← Back to Stories (view on slashdot.org)

Despite Reports of Hacking, Baby Monitors Remain Woefully Insecure

Posted by samzenpus on from the won't-somebody-please-think-of-the-children? dept.

itwbennett writes: Researchers from security firm Rapid7 have found serious vulnerabilities in nine video baby monitors from various manufacturers. Among them: Hidden and hard-coded credentials providing local and remote access over services like SSH or Telnet; unencrypted video streams sent to the user's mobile phone; unencrypted Web and mobile application functions and unprotected API keys and credentials; and other vulnerabilities that could allow attackers to abuse the devices, according to a white paper released Tuesday. Rapid7 reported the issues it found to the affected manufacturers and to US-CERT back in July, but many vulnerabilities remain unpatched.

1 of 109 comments (clear)

  1. Marketplace Justice by eyepeepackets · · Score: 5, Insightful

    Would be nice if there were an organization like UL Underwriters for network security, call it Network Underwriters Themed, Security Assured Credentials -- NUTSAC for short.

    Silliness aside, until manufacturers have to pay the price in the marketplace for their crappy wares, they won't bother to do it right.
    --
    Everything in the Universe sucks: It's the law!

    --
    Everything in the Universe sucks: It's the law!