 Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | Trendnet security cam flaw exposes video feeds on net Trendnet security cam flaw exposes video feeds on net
By Leo Kelion
Technology reporter
Feeds from thousands of Trendnet home security cameras have been breached, allowing any web user to access live footage without needing a password.
Internet addresses which link to the video streams have been posted to a variety of popular messageboard sites.
Users have expressed concern after finding they could view children's bedrooms among other locations.
US-based Trendnet says it is in the process of releasing updates to correct a coding error introduced in 2010.
It said it had emailed customers who had registered affected devices to alert them to the problem.
However, a spokesman told the BBC that "roughly 5%" of purchasers had registered their cameras and it had not yet issued a formal media release despite being aware of the problem for more than three weeks.
"We first became aware of this on 12 January," said Zak Wood, Trendnet's director of global marketing.
"As of this week we have identified 26 [vulnerable] models. Seven of the models - the firmware has been tested and released.
"We anticipate to have all of the revised firmware available this week. We are scrambling to discover how the code was introduced and at this point it seems like a coding oversight."
Mr Wood added that the California-based firm estimated that "fewer than one thousand units" might be open to this threat in the UK, but could not immediately provide an exact global tally beyond saying that it was "most likely less than 50,000".
Feed links
An internet blog first publicised the vulnerability on 10 January.
The author discovered that after setting up one of the cameras with a password, its video stream became accessible to anyone who typed in the correct net address.
Trendnet says it is in the process of releasing firmware updates for its devices
In each case this consisted of the user's IP address followed by an identical sequence of 15 characters.
»www.bbc.co.uk/news/technology-16919664
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
|
|
 Noah VailSon made my AvatarPremium
join:2004-12-10
Lorton, VA
kudos:2
 ·Bright House
2 edits | said by Name Game:Trendnet security cam flaw exposes video feeds on net That sounds like a bad thing.
Imagine if some were to pastebin lists of compromised cam addresses.
Someone could go and create RSS Feeds out of them.
Woah. Heavy.
Hopefully the end users are on top of this and will patch up their cams ASAP.
--
Adopting other people's animosity is The New Stupid. |
|
 psafuxPremium,VIP
join:2005-11-10
kudos:2 | said by Noah Vail:Woah. Heavy.
Hopefully the end users are on top of this and will patch up their cams ASAP.
I would say that is highly unlikely, Marty. |
|
| reply to Name Game
TRENDnet has posted the resolution to the security breach on their IP cameras. You can check information on affected TRENDnet IP cameras at: »www.trendnet.com/products/featur···ureid=52. You can download critical firmware along with detailed update instructions for the affected TRENDnet IP cameras at »www.trendnet.com/downloads/. |
|
 siljalineI'm lovin' that double widePremium
join:2002-10-12
Montreal, QC
kudos:17
 ·Bell Sympatico
| reply to Name Game
• Backdoor in TRENDnet IP Cameras
• TRENDnet home security cam flaw exposes thousands
• Backdoor in TRENDnet IP cameras |
|
|
|
| reply to Name Game
TRENDnet has posted the resolution to the security breach on their IP cameras. You can check information on affected TRENDnet IP cameras at: »www.trendnet.com/press/view.asp?id=1958. You can download critical firmware along with detailed update instructions for the affected TRENDnet IP cameras at »www.trendnet.com/downloads/ . |
|
Noah VailSon made my AvatarPremium
join:2004-12-10
Lorton, VA
kudos:2 Reviews:
·Bright House
| said by TRENDnet :TRENDnet has posted the resolution to the security breach on their IP cameras. Thank you for posting the info.
I know it's tough to get end users interested in stuff like hardware updates. Kudos for trying.
--
Adopting other people's animosity is The New Stupid. |
|
 KilroyPremium,MVM
join:2002-11-21
Ann Arbor, MI | reply to Name Game
Here is the blog post
He used ShodanHQ to locate cameras.
--
When will the people realize that with DRM they aren't purchasing anything? |
|
| reply to Name Game
»71.191.188.25/anony/mjpg.cgi
Hmmm FBI ??? |
|
| reply to Noah Vail
»docs.google.com/spreadsheet/ccc?···Xc#gid=0
list of what they all are. |
|
 swintecPremium,VIP
join:2003-12-19
Alfred, ME
kudos:4
 ·RapidVPS
 ·Sprint Mobile Br..
 ·VoicePulse
·RoadRunner Cable
| said by CTMustang:https://docs.google.com/spreadsheet/ccc?key=0Atr6wiPy28CndHN4X3VUamo5OGNkRTcyYl8yWF9OQXc#gid=0
list of what they all are.
That is pretty crazy. How many are actually going to update the firmware of these, unless it constantly bugs them to do it? --
Usenet Block Accounts | Unlimited Accounts |
|
MrHappy316Wish I had my tankPremium
join:2003-01-02
Monterey, CA | reply to Name Game
Thanks OP for the update. I have one of the affected cameras but luckily it's been disconnected for over a year. |
|
 owlynPremium,MVM
join:2004-06-05
Newtown, PA
·Comcast
| reply to Name Game
Basically, almost no one with these cameras will even be aware that there is a problem. The post here was they first I've heard of it, so it's obviously not out in the general media. This is a pretty bad situation. The company should have called a press conference, or sent out media notices similar to what car companies do when there is a safety recall. |
|
| reply to Name Game
So how do we open each one of these at the same time so we can just watch and find some naked 18+ people  |
|
swintecPremium,VIP
join:2003-12-19
Alfred, ME
kudos:4 Reviews:
·RapidVPS
·Sprint Mobile Br..
·VoicePulse
·RoadRunner Cable
| said by CTMustang:So how do we open each one of these at the same time so we can just watch and find some naked 18+ people
lol
Open each in a new tab? send link to me if hot
--
Usenet Block Accounts | Unlimited Accounts |
|
| said by swintec:said by CTMustang:So how do we open each one of these at the same time so we can just watch and find some naked 18+ people
lol Open each in a new tab? send link to me if hot this is pretty HOT
»98.216.198.58/anony/mjpg.cgi |
|
Noah VailSon made my AvatarPremium
join:2004-12-10
Lorton, VA
kudos:2 Reviews:
·Bright House
| reply to CTMustang
said by CTMustang:So how do we open each one of these at the same time Load the list into links2rss.com. Load the rss feed as a live bookmark in Firefox. R-Click and chose the Open All in Tabs option.
Then watch Firefox struggle under the weight of 100+ video streams until it crashes.
--
Adopting other people's animosity is The New Stupid. |
|
| reply to Name Game
»76.116.210.124/anony/mjpg.cgi |
|
