and THIS is why you do NOT let your Cameras on the internet.

It's called an undocumented enhancement. When you log into your camera you are using a web interface. These people are remoting in as they would using something like an SSH connection to see more than an HTML output would show.
I can’t tell if this is sarcasm. This reply seems to just be using some garden variety buzz words and does not make a lot of sense.

In essence are you trying to say that all security cameras contain 2 distinct web servers and only hackers can log onto the second server?

Or are you saying there is a second profile that only hackers can access? Like something with higher privileges than admin?
 
I can’t tell if this is sarcasm. This reply seems to just be using some garden variety buzz words and does not make a lot of sense.

In essense are you trying to say that all security cameras contain 2 distinct web servers and only hackers can log onto the second server?

Or are you saying there is a second profile that only hackers can access? Like something beyond admin?
Port 80 coms are unencrypted. Therefore, you can skim user names and passwords when monitoring their http request remotely with something like wireshark.
any web server can service more than one port if it is set up to do so.
common web servers have an entry for 80 and 443

But there other servers inside they can exploit like rstp. But if they found a way to perform OS injection at the login screen, you are not going to have logs of any kind either, as all script based programming (java, javascript, python, rust, some c++ methods, php) can be subjected to code injection in one way or form.
 
Last edited:
  • Wow
Reactions: Flintstone61
Millions of people around the world want the simplicity of Internet of Things (IoTs) to be easy to connect to their system and work. They do not want to deal with security. They wrongfully assume that because they bought it and all they have to do is scan a QR code, that all is good. A manufacturer also doesn't want to deal with endless phone calls from consumers asking how to set something up, so they make it easy.

So these companies create these QR codes/P2P and magically the new device can be seen on the consumers app. Consumer is happy. But, this device has opened up the system to gain easy access to your entire network.

I have a friend that falls under this "I just want to plug it in and scan a code and it works" mindset. Many years ago she bought a Foscam wifi camera to monitor her front door. She plugged it in and pointed it out a 2nd story window and downloaded the Foscam app and scanned the QR code and magically she could see her camera through the magic of P2P.

A few years later she bought a wifi printer and again, simply downloaded the app from the manufacturer and scanned the QR code and she could start printing.

One time in the middle of the night, she hears her printer printing a page. She thinks maybe she is dreaming or hearing things, so she thinks nothing of it and goes back to sleep. Next morning she gets up and indeed her printer did print something in the middle of the night and the printed page says I SEE YOU and a picture of her from her Foscam camera was below the text.

She changes her wifi password in case it was the peeping perv next door that she has caught looking at her from through her window and he guessed her password, which was password because she liked things simple.:banghead:

Problem still persists. She goes into Foscam app and changes the password to the camera. Problem still persists. She gets a new router and sets up a stronger password for wifi and changed the passwords of all of her devices. Problem still persists. She gets rid of camera and printer.

At some point Foscam issues a security vulnerability and issued a firmware update. Based on chatter on forums, basically the vulnerability was something like when logging into the camera with a web browser over HTTPS, the initial login to the P2P site is done using SSL. But then it establishes a connection to the HTTPS port again (for the media service) and sends all of its commands unencrypted. This means the username and passwords are being sent unencrypted. While this was a security vulnerability found in Foscam, I suspect it is in others as well. I suspect this is how my friend was hacked and someone was sending pictures of her taken from her Foscam camera to her wifi printer that she set up using the QR code.

Many articles on this site and out on the internet show how vulnerable these devices can be. I remember seeing an article of a webpage showing like 75,000 video streams around the world that were hacked into because of these vulnerabilities. I know there is an article someone on this forum where someone posted that many of these cameras do send passwords totally unencrypted and wide open easy to see for anyone knowing what they are doing.

Do not assume that because it is a name brand that they actually have good security on these cameras or any device for that matter. Think about the typical end-user that just wants simplicity to connect. And then think how a company would go about that to provide that simplicity. End result is to provide that simplicity, it comes at a cost and that cost is security vulnerabilities, which is ironic for security cameras. But if it can happen to Amazon/Ring (which is a fairly large company), it can happen to anyone, especially all the no-name brands being sold on Amazon.

For that reason, most of us here prevent the cams from having access to the internet.