Backdoor In MVPower DVR Firmware Sends CCTV Stills To an Email Address In China

An anonymous reader writes: An IoT security research company has discovered that a DVR model manufactured by MVPower includes a backdoor-like feature in its code that takes a screenshot of your CCTV feed and sends it to an email address hosted somewhere in China. The device's firmware is based on an open source project from GitHub that was pulled by its developer when someone confronted him about the backdoor.

Firewalls for the Great Wall

[The+Eight-Bit+Link]

Whenever I use something that connects to my network that I ordered direct from China, as a rule-of-thumb I don't let anything to or from it cross my router. I have a specific access point for anything wireless, and ports on my managed switch for anything wired.