Web access now that Adobe FLV no longer available

[Onlooker777]

Reolink security cameras now inform me that external web access, using camera IP address, is no longer possible without port forwarding now that Adobe FLV is no longer used by web browsers. This also applies when OpenVPN or NordVPN+Meshnet is used. Can anyone advise security camera manufacturers compatible with Apple OS that will allow web access without port forwarding?

 

[duplo]

Makes sense.
Portforwarding = possible
OpenVPN (like local or port forwarded) = not possible

 

[looney2ns]

Any Dahua or Hikvision cameras'.
Avoid anything from Reolink.

 

[Onlooker777]

Any Dahua or Hikvision cameras'.
Avoid anything from Reolink.

Are you serious? These are two of the most hackable cameras around. Are you Chinese by any chance?

 

[tangent]

Are you serious? These are two of the most hackable cameras around. Are you Chinese by any chance?

To an extent it doesn't matter what band, security cameras are never going to have updates produced or applied with the frequency of your computer and are going to be vulnerable.
Hikvision and Dahua make a wide range of products of varying quality some are more up to date and secure than others. There are many Chinese cameras that are FAR FAR worse when it comes to security.

The best advice is not to trust any security cameras, whether they're Avigilon, Axis, or something like more affordable like Hikvision. To do this effectively you have to do things like use VMS software (like BlueIris) on a computer with two NICs and isolate your cameras from the rest of the network and deny them access to the internet.

 

[wittaj]

Are you serious? These are two of the most hackable cameras around. Are you Chinese by any chance?

Regardless of which camera you go with, you should block them from internet access.

Even high end NDAA compliant Axis got hacked last year.

Block the cams from the internet and go with the best bang for the buck and that will be Dahua and Hik and not 5 times the cost axis lol.

Did Axis got Hacked?

Axis.com has been down since last week. Another ransomware attack? https://status.axis.com

ipcamtalk.com

NDAA compliant Verkada was hacked and 150,000 cameras in private companies, along with prisons and public school systems were part of it, which would be government funded..

150,000 security cameras hacked, exposing Tesla, prisons, hospitals

Hackers gained access through a 'Super Admin' account, allowing them to peer into the cameras

www.business-standard.com

It is why we recommend DO NOT LET YOUR CAMERAS OR NVR TOUCH THE INTERNET. You isolate them via VLAN or dual NIC.

Do not set the system up with P2P or UPnP or scan some QR code or they will be hacked.

I repeat, do not let your cameras touch the internet and you are fine.

In reality, since police departments have partnered with Ring to gain access to Ring video that is cloud based under the name of public safety, there is probably a much more risk of the enemy/hacker gaining access to stuff than thru the Dahua and Hikvision products that can be isolated from the internet as Ring will not work without an internet connection....

Or any manufacturer that has cloud based services that require that internet connection or their device doesn't work.

 

[tangent]

I repeat, do not let your cameras touch the internet and you are fine.

Technically there's still a little asterisk on that statement. In the days of cameras that required plugins there were a few for sale on amazon that came with actual windows viruses out of the box and you could still technically have a camera that's programmed to try to hack your lan.

 

[wittaj]

Technically there's still a little asterisk on that statement. In the days of cameras that required plugins there were a few for sale on amazon that came with actual windows viruses out of the box and you could still technically have a camera that's programmed to try to hack your lan.

True, so do you want to go with a name brand like Dahua or some unknown camera name on Amazon? At least the name brand camera should have enough eyes looking at it to find and publish about vulnerabilities.

And anything touching the internet has the potential to be hacked, just like there are motherboards with a backdoor on them.

Gigabyte Motherboards Were Sold With a Firmware Backdoor

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say. https://www.wired.com/story/gigabyte-motherboard-firmware-backdoor/

ipcamtalk.com

 

[wittaj]

Plus there are not many actual camera manufacturers out there.

Hikvision and Dahua make cameras for a lot of companies.

Hikvision provides the internals to many Sunba models for example

Axis is a stand-alone, but they are expensive.

Many of the no-names like JideTech and a few others are all rebranded something.

Below is just a small sampling of the other companies Dahua and Hikvision make cameras for (which in many cases are watered down versions of the real thing):

 

[concord]

Can anyone advise security camera manufacturers compatible with Apple OS that will allow web access without port forwarding?

Another option is using DVR software on your MacOS system, like SecuritySpy ($$), or open source like motionEye (maybe using Docker), or iSpy Agent, Shinobi, Xeoma (free and pay versions), etc. and use OpenVPN, WireGuard, ZeroTier, MeshNet, etc. to access the DVR.

Note that I've only played with motionEye on a Pi, not sure how well the others works and currently use Blue Iris.

 

[fenderman]

Are you serious? These are two of the most hackable cameras around. Are you Chinese by any chance?

You are cute.

New Reolink P2P Vulnerabilities Show IoT Security Camera Risks

Learn about the IoT security camera risks identified in new research from Nozomi Networks Labs (ICS-CERT ICSA-21-019-02).

www.nozominetworks.com