Submitted by Alvin_Chen t3_z4cfzz in worldnews
merien_nl t1_ixq5caj wrote
The camera is not the problem, the network part is. And it is not just China. The actual and legal stance of the US is also not very good.
So you can buy Chinese (or any other supplier) dumb camera's. But if you want to make them remote accessible make sure the network equipment is secure.
HisAnger t1_ixq87gw wrote
actually camera can be problem, you have no idea how small chips can be and how many functions they can have inside.
You can open ability to connect directly to camera using hidden wifi.
PunkinBrewster t1_ixqgi2b wrote
Plus firmware updates can unlock no end of additional capabilities. Even if it isn't dangerous now, it could be with an update.
noplace_ioi t1_ixsx76k wrote
serious question: what is the risk of getting said cameras, blocking them from accessing internet in the firewall and using something like BlueIris to operate them?
[deleted] t1_ixt8xeu wrote
[deleted]
MaxwellCE t1_ixr2y4h wrote
Can't wait for the firmware update on my phone to add an extra camera module.
PunkinBrewster t1_ixr4gct wrote
No, but the firmware update to enable the camera without notifying the operating system and secret the data out via DNS queries to Chinese name servers is in beta.
[deleted] t1_ixrr1l6 wrote
[deleted]
PunkinBrewster t1_ixruugt wrote
Data exfiltration is an art as much as a science. A company can minimize their risk, but never eliminate it. Unless your devices are completely airgapped, there is always a risk.
SRM_Thornfoot t1_ixryz5h wrote
Even airgapped there is a risk. See my post above.
PunkinBrewster t1_ixs10tt wrote
Oh, agreed. My favorite story of these types of exfiltrations is The Thing. This was done almost 80 years ago. It is insane what can be done now.
SRM_Thornfoot t1_ixt0v4u wrote
Very cool, thanks. I had not heard of the Thing before.
SRM_Thornfoot t1_ixryszk wrote
A simple way would be for the camera to have secret built in bluetooth. Even if the camera were set up hard wired to a private intra-net the image could be retrieved if an external bluetooth receiver was positioned in range of the camera.
For example a car could be parked with a receiver/recorder outside an embassy, or a tourist could have a receiver/recorder in their purse while touring inside the Capital building.
(and that is just one way to do it)
BumPumpyFace t1_ixrx0k7 wrote
There could be an IOT mobile sim in there for all you know.
[deleted] t1_ixryilx wrote
[deleted]
BumPumpyFace t1_ixs61th wrote
That's not quite how IOT sims work. They're used frequently in industrial telemetry at very large scale and they work anywhere.
Plus, nation states do all sorts of wacky expensive shit.
The point is, it's possible.
justinlongbranch t1_ixs66z0 wrote
Sim cards are cheap, just activate the ones you want later. It probably wouldn't even be all that tough to disguise em
[deleted] t1_ixrxes0 wrote
[removed]
Kaeny t1_ixsc4xk wrote
I have a feeling youre kidding, but if not you gotta think a little deeper
mgzukowski t1_ixqaog1 wrote
Oh no the cameras are. Hikvision and Dahua have both been found with back doors and massive security holes.
That's why they have been banned in government buildings and certain buisnesses in the US. That's what NDAA compliant means. Not one of those companies.
Problem is those two companies make many of the SOC's used by other companies. Or many of the cheap cameras are just rebadged OEMs of those companies.
WordWord-1234 t1_ixrcdai wrote
Source for hikvision and dahua please?
mgzukowski t1_ixs49p5 wrote
Which part the security breaches, the NDAA law or the complete ban of new products in US. Or the FCC declaring it a national security risk?
amfmm t1_ixt3bbo wrote
There were several incidents, this is one of them: https://ipvm.com/reports/hik-exploit
[deleted] t1_ixrxbm9 wrote
[removed]
tedead t1_ixq6upo wrote
The UKs hands aren't clean either. You've heard of Five Eyes?
kaesylvri t1_ixqh89u wrote
whatabout! whatabout! whatabout!
[deleted] t1_ixro3vw wrote
[removed]
merien_nl t1_ixq7cs1 wrote
Of course the UK is not clean either. But if they are afraid of spying on themselves they have an other issue.
tedead t1_ixq7oiq wrote
They kind of do spy on themselves. They just do it in a different way. Part of the reason of that alliance.
Killboypowerhed t1_ixrf2b1 wrote
There's a difference between a country spying on itself and a country spying on another
tedead t1_ixs12p5 wrote
But they do spy on themselves via the other countries in the alliance. Since they can't technically legally spy on their own people, they allow the other members to do the spying for them, and then they share the data secretly with each other.
Down vote this all you want. It doesn't change what's happening.
DirtyBeastie t1_ixsc0s4 wrote
MI5's entire purpose is to spy on "their own people". It would be a bit pointless for them to exist if they weren't allowed to do it.
But, hey, you've heard of five eyes, don't really know what it does, but thought you'd shoehorn it in anyway.
chazeg t1_ixqiecn wrote
Burgers and Fries
Viewing a single comment thread. View all comments