IOT is still hackable as hell
- Thread starter looney2ns
- Start date
Q™
IPCT Contributor
alastairstevenson
Staff member
zero-degrees
Known around here
- Aug 15, 2015
- 1,335
- 844
Two key points.
"Cheap devices typically manufactured in China have hardwired default passwords, which are almost impossible for the user to change. In order to avoid this, you might want to seek out US-based products with better security"
and
"was able to take control of the security camera he’d just purchased off Amazon for $55"
This isn't really a story/news, this stuff has gone on for years, it's just making its way into mainstream media finally. As much as I like Gizmodo - been an avid reader for over 10+ years ever since my post grad days, they really suck like most mainstream media/blogs now. The writers are childish and composed of millennials that write half ass articles - like this one.
Bottom line - the story is about a guy who connected a shitty camera, did not change any passwords, and did so to show how quickly this can happen. Gizmodo then writes a story like this is a surprise, late breaking, blah blah blah.
Buy crappy imported hardware from china and don't change passwords - expect to have a security breach. I mean seriously, the linkedin hack over the summer showed 800,000 accounts using "123456" as their password with the second and third passwords making up a total of 300,000 accounts being "linkedin" and "password" in that order... Even without these backdoors the general population is still to stupid to setup secure passwords thus making even hardware without a backdoor easily accessible.
"Cheap devices typically manufactured in China have hardwired default passwords, which are almost impossible for the user to change. In order to avoid this, you might want to seek out US-based products with better security"
and
"was able to take control of the security camera he’d just purchased off Amazon for $55"
This isn't really a story/news, this stuff has gone on for years, it's just making its way into mainstream media finally. As much as I like Gizmodo - been an avid reader for over 10+ years ever since my post grad days, they really suck like most mainstream media/blogs now. The writers are childish and composed of millennials that write half ass articles - like this one.
Bottom line - the story is about a guy who connected a shitty camera, did not change any passwords, and did so to show how quickly this can happen. Gizmodo then writes a story like this is a surprise, late breaking, blah blah blah.
Buy crappy imported hardware from china and don't change passwords - expect to have a security breach. I mean seriously, the linkedin hack over the summer showed 800,000 accounts using "123456" as their password with the second and third passwords making up a total of 300,000 accounts being "linkedin" and "password" in that order... Even without these backdoors the general population is still to stupid to setup secure passwords thus making even hardware without a backdoor easily accessible.
This is problem #1. The media spends more effort reporting on celebrity trash than giving us vital information. They've all turned into the National Enquirer.
This is problem #2. The general population is basically incompetent when it comes to technology (thus, too stupid). And, manufacturers are more interested in making things easy for the incompetent in order to peddle their products to the masses. As a result, hackers and scammers have job security, which means the problem will never go away.
alastairstevenson
Staff member
I tend to agree, until some unfortunate event or bad publicity starts to hurt their brand.
It was the huge embarrassment, and risk to future sales / contracts in China when large numbers of Hikvision products installed in local and regional administrations were found to be easily accessible due to the use of default passwords that triggered their 'strong password' then 'device activation' response.
And, to be fair, they did a decent job of it.
Though, arguably, Hikvision don't seem to want to " peddle their products to the masses" judging by the nasty tricks they pull on 'grey imports'.
