Burglars Can Easily Make Google Nest Security Cameras Stop Recording

Orome1 quotes a report from Help Net Security: Google Nest's Dropcam, Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor security cameras can be easily disabled by an attacker that's in their Bluetooth range. The vulnerabilities are present in the latest firmware version running on the devices (v5.2.1). They were discovered by researcher Jason Doyle last fall, and their existence responsibly disclosed to Google, but have still not been patched. The first two flaws can be triggered and lead to a buffer overflow condition if the attacker sends to the camera a too-long Wi-Fi SSID parameter or a long encrypted password parameter, respectively. Triggering one of these flaws will make the devices crash and reboot. The third flaw is a bit more serious, as it allows the attacker to force the camera to temporarily disconnect from the wireless network to which it is connected by supplying it a new SSID to connect to. If that particular SSID does not exist, the camera drops its attempt to associate with it and return to the original Wi-Fi network, but the whole process can last from 60 to 90 seconds, during which the camera won't be recording. Nest has apparently already prepared a patch but hasn't pushed it out yet. (It should be rolling out "in the coming days.")

Re:Smart Burglars

[Baron_Yam]

But if you could package this attack into a smartphone app and sell it to a burglar... they wouldn't have to be all that bright, would they?

You know the first way an experienced burglar used to check a house prior to encrypted radio being common? They broke in the back door then left to listen to their scanner for alarm company or police dispatch radio traffic.

If somebody else packages up the tools, they're quite capable of using them.

Wireless

[silas_moeckel]

Because a burglar would never use a cheap RF jammer they can get for 50 bucks. If your security relies on wireless continuing to function it's broken by design.