[ NNSquad ] Peeping into 73, 000 unsecured security cameras thanks to default passwords

NNSquad - Network Neutrality Squad
NNSquad Home Page
NNSquad Mailing List Information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Peeping into 73, 000 unsecured security cameras thanks to default passwords

To: nnsquad@nnsquad.org
Subject: [ NNSquad ] Peeping into 73, 000 unsecured security cameras thanks to default passwords
From: Lauren Weinstein <lauren@vortex.com>
Date: Fri, 7 Nov 2014 10:17:06 -0800

Peeping into 73,000 unsecured security cameras thanks to default passwords

(Network World): http://www.networkworld.com/article/2844283/microsoft-subnet/peeping-into-73-000-unsecured-security-cameras-thanks-to-default-passwords.html

"There were lots of businesses, stores, malls, warehouses and
parking lots, but I was horrified by the sheer number of baby
cribs, bedrooms, living rooms and kitchens; all of those were
within homes where people should be safest, but were awaiting
some creeper to turn the "security surveillance footage" meant
for protection into an invasion of privacy ... So many cameras
are setup to look down into cribs that it was sickening; it
became like a mission to help people secure them before a baby
cam "hacker" yelled at the babies ... I'm unwilling to say how
many calls I made, or else you might think I enjoy banging my
head against the wall. It was basically how I spent my day
yesterday. Too many times the location couldn't be determined,
led to apartments, or the address wasn't listed in a reverse
phone search. After too many times in a row like that, I'd switch
to a business as it is much easier to pinpoint and contact ...
One call was to a military installation. Since the view was of
beautiful fall foliage, it seemed like a "safe" thing to find out
if that camera was left with the default password on purpose.
Searching for a contact number led to a site that was potentially
under attack and resulted in a "privacy error." Peachy. Then I
had two things to relay, but no one answered the phone. After
finding another contact number and discussing both issues at
length, I was told to call the Pentagon! Holy cow and yikes! ...
Managers, don't shoot the messenger; a person out to hurt you
might dig into a Linux box with root, but no exploit or hacking
is needed to view the surveillance footage of your unsecured
cameras! It's exceedingly rude to yell or accuse a Good Samaritan
of "hacking" you. If your cameras are AVTech and admin is both
username and password, or Hikvision "secured" with the defaults
of admin and 12345, then you need to change that. Or don't and
keep live streaming on a Russian site."

- - -

--Lauren--
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren
Founder:
- Network Neutrality Squad: http://www.nnsquad.org
- PRIVACY Forum: http://www.vortex.com/privacy-info
Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info
Member: ACM Committee on Computers and Public Policy
I am a consultant to Google -- I speak only for myself, not for them.
Lauren's Blog: http://lauren.vortex.com
Google+: http://google.com/+LaurenWeinstein
Twitter: http://twitter.com/laurenweinstein
Tel: +1 (818) 225-2800 / Skype: vortex.com
_______________________________________________
nnsquad mailing list
http://lists.nnsquad.org/mailman/listinfo/nnsquad

Prev by Date: [ NNSquad ] Google: Behind enemy lines in our war against account hijackers
Next by Date: [ NNSquad ] Obama tells the FCC to implement real net neutrality. And he's serious.
Previous by thread: [ NNSquad ] Google: Behind enemy lines in our war against account hijackers
Next by thread: [ NNSquad ] Obama tells the FCC to implement real net neutrality. And he's serious.
Index(es):
- Date
- Thread