Menu
What's new

New cam releases

fenderman

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,901
Reaction score
21,270
FrankMCN said:
Actually I do understand the issue with WPA2 - should have been replaced years ago since all the encryption keys have been used more than once, but my point is that your likely happily using your wifi now aren’t you, or are you roaming the streets with a placard telling people to repent and turn off their wifi? keep up the crusade, seems the only reason you’re in the Hikvision sub-forum.

And yes I must be a fraudster since I commit the sin of installing RG59... oh look TVI can do 4K over coax. Its cool I can tell your just trolling me ;)
Click to expand...
Again you proved that you don't understand the wpa2 issue...all my wifi access points have been patched for krack.. that's at the vulnerability itself required the attacker to be local to the access point or router... Well the Hikvision backdoor a lot anyone with internet access to attack your system...
 
FrankMCN

FrankMCN

Getting the hang of it
Joined
Apr 14, 2017
Messages
142
Reaction score
57
Glad you got your router sorted, but don't stop there brother - go forth and spread the good news to all your neighbours.
 
fenderman

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,901
Reaction score
21,270
FrankMCN said:
Glad you got your router sorted, but don't stop there brother - go forth and spread the good news to all your neighbours.
Click to expand...
right, so what was that stupid nonsense about all the encryption keys being used? that doesnt even make any sense...proves you know nothing about the subject....
Point is it required a targeted attack by a local attacker - highly unlikely...hikvision security has been awful even after the backdoor issue...they either simply dont care or are doing it intentionally, either way, that is not someone you should be taking advice from or bragging about taking courses from...regardless, back to the point, TVI should not be used in new installations..oh and you are a fraudster....bottom line is, it is forums like this that out folks like you who present a danger to the consumer and their business/home...
 
FrankMCN

FrankMCN

Getting the hang of it
Joined
Apr 14, 2017
Messages
142
Reaction score
57
fenderman said:
right, so what was that stupid nonsense about all the encryption keys being used? that doesnt even make any sense...proves you know nothing about the subject....

Point is it required a targeted attack by a local attacker - highly unlikely...hikvision security has been awful even after the backdoor issue...they either simply dont care or are doing it intentionally, either way, that is not someone you should be taking advice from or bragging about taking courses from...regardless, back to the point, TVI should not be used in new installations..oh and you are a fraudster....bottom line is, it is forums like this that out folks like you who present a danger to the consumer and their business/home...
Click to expand...
Mathy Vanhoef of KU Leuven, one of the security researchers who discovered the specification blunder...

...The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available.

KRACK targets the four-way handshake of the WPA2 protocol and relies on tricking a victim's device into reusing an already-in-use key. This sleight of hand is achieved by manipulating and replaying cryptographic handshake messages.

“When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value,” Vanhoef explained today on a microsite about the attack. “Essentially, to guarantee security, a key should only be installed and used once. Unfortunately, we found this is not guaranteed by the WPA2 protocol. By manipulating cryptographic handshakes, we can abuse this weakness in practice.”

An attacker can force these nonce resets by collecting and replaying retransmissions of message three of the four-way handshake.

A nonce is a number that is not necessarily a secret but is meant only to be used once and never repeated. The flaw in WPA2 allows a nonce to be – or forced to be – repeated, thus allowing an attacker to extract the WPA2 session key and decrypt and compromise all wireless traffic for that session.
Click to expand...
Honestly you talk a lot of rubbish and muddle an argument to suit yourself. WPA2 is broken in the same way that enigma was broken, reuse of keys.

I find it laughable that you pretend to try and get this topic back on track and then immediatly sling more mud and drag it back. We're a mile off topic and it’s due to your boring elitism and arrogance. I never 'bragged about anything' just pointed out that your assertion that TVI is only an 'upgrade' technology is false, it’s not marketed that way and if it was the prices would not be as low as they are – it’s a price point solution because not everyone can afford Honeywell, AXIS, BOSCH.

Hikvision is the most popular globally and amongst enthusiasts so it follows that there will be more hacking attacks on Hik systems because of it and more people finding and reporting issues, exactly the same as how the PC/Microsoft was seen to be more vulnerable and less secure then Apple throughout the 90's & 00 - only after Apple became mainstream popular did hackers and virus writers turn their attention to them, until that point apple had been touting how great their security was and how they were pretty much un-hackable. You’re just mistaking volume for proportion.
 
fenderman

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,901
Reaction score
21,270
FrankMCN said:
Honestly you talk a lot of rubbish and muddle an argument to suit yourself. WPA2 is broken in the same way that enigma was broken, reuse of keys.

I find it laughable that you pretend to try and get this topic back on track and then immediatly sling more mud and drag it back. We're a mile off topic and it’s due to your boring elitism and arrogance. I never 'bragged about anything' just pointed out that your assertion that TVI is only an 'upgrade' technology is false, it’s not marketed that way and if it was the prices would not be as low as they are – it’s a price point solution because not everyone can afford Honeywell, AXIS, BOSCH.

Hikvision is the most popular globally and amongst enthusiasts so it follows that there will be more hacking attacks on Hik systems because of it and more people finding and reporting issues, exactly the same as how the PC/Microsoft was seen to be more vulnerable and less secure then Apple throughout the 90's & 00 - only after Apple became mainstream popular did hackers and virus writers turn their attention to them, until that point apple had been touting how great their security was and how they were pretty much un-hackable. You’re just mistaking volume for proportion.
Click to expand...
Keep on proving how incompetent you are...you stated "WPA2 - should have been replaced years ago since all the encryption keys have been used more than once" that is simply a dumb statement and NOT what the article you quoted says. Read it again. I love proving how inept some of the "installers" like yourself are..you are a danger to any business or home you touch.
The issue with hikvision is that they dont give a crap about security. They write bad code (likely deliberately) and then when they learn about it, they fail to respond. See this hikvision vulnerability...reported June 1, hikvision FAILED to respond until OCTOBER 3. CVE-2017-14953 Hikvision Wi-Fi IP Cameras associate to a default unencrypted rogue SSIDs in a wired
So stop with this nonsense blaming security issues on their popularity, the dont give a crap...what was that about hikvision being anal about security? The researcher reported this to hikvision THREE times, they ignored him.
 
You must log in or register to reply here.
Top