Swann's home security camera recordings could be hijacked ( FLIR also )

Discussion in 'Chit-Chat' started by mat200, Aug 1, 2018.

Share This Page

  1. mat200

    mat200 Known around here

    Joined:
    Jan 17, 2017
    Messages:
    2,985
    Likes Received:
    1,373
    Swann's home security camera recordings could be hijacked
    ( FLIR also.. )

    "..
    The intercepted messages included a reference to a unique serial number given to each camera in the factory.

    By altering the serial number, the researchers were able to obtain video feeds from other cameras - something they tested by typing in numbers belonging to other cameras that they had bought.

    At no point were they required to type in the other accounts' usernames and passwords."
    ..

    "..the researchers discovered that a US-based security consultancy had previously flagged a similar issue with another brand supported by OzVision - Flir FX.

    Despite Flir having been told of this a year ago, Mr Munro's team found it was still able to hijack feeds in a similar manner to the way it had done with Swann's kit."

     
    bigredfish and fenderman like this.
  2. alastairstevenson

    alastairstevenson Known around here

    Joined:
    Oct 28, 2014
    Messages:
    8,621
    Likes Received:
    2,426
    Location:
    Scotland
    Yes, another example of dumb coding, and ineffective code reviews.

    Every time I hear of one of these vulnerabilities, and it gets fixed and closed off, I imagine the security services backroom folk sighing a bit and opening their filing cabinet to pick out the next vulnerability from their collection to use instead.
     
    fenderman and mat200 like this.