Someone Is Taking Over Insecure Cameras and Spying on Device Owners

As security webcams, security cameras, and pet and baby monitors become part of our lives, their underlying technology is increasingly receiving scrutiny from researchers. Many of these devices are woefully insecure, and an attacker could -- and in some cases, has -- take over these devices to perform internet scans, among other things. BleepingComputer's Catalin Cimpanu dives into the subject: In the last nine months, two security firms have published research on the matter. Both pieces of research detail how the camera vendor lets customers use a mobile app to control their device from remote locations and view its video stream. The mobile app requires the user to enter a device ID, and a password found on the device's box or the device itself. Under the hood, the mobile app connects to the vendor's backend cloud server, and this server establishes connections to each of the user's device in turn, based on the device ID and the last IP address the device has reported from.

What's old is new again

[Snotnose]

30 years ago I was sysadmin for a network of maybe 20 Sun workstations. We got some new machines, naturally the boss got the first one. Found out about the mic and told the boss this might be a problem. He asked "why? It can be useful". I asked him to give me a minute, then call someone into his office and small talk for a minute. I went to my cube, logged into his machine, recorded him for a minute or so, then mailed him the audio file.

Spent the next couple hours opening up these brand new workstations and clipping a wire.

Why yes, I do have tape over my laptop camera. Why do you ask?