back to article 80,000 internet-connected cameras still vulnerable after critical patch offered

Tens of thousands of internet-facing IP cameras made by China-based Hikvision remain unpatched and exploitable despite a fix being issued for a critical security bug nearly a year ago. Researchers at Cyfirma recently published a report [PDF] claiming they found more than 80,000 cameras in more than 100 countries online, with …

  1. VoiceOfTruth

    Airstrip One

    -> Similar discussions are being had in the UK

    Do as you are told, little dog. The UK (and Europe) is a colony of the USA.

    1. Anonymous Coward
      Anonymous Coward

      Re: Airstrip One

      Yawn, troll.

      1. hoola Silver badge

        Re: Airstrip One

        There is every possibility there is a connection to the BBC HYS commetard "VoiceOfReason".

        The general rhetoric it very similar.......

      2. Anonymous Coward
        Anonymous Coward

        Re: Airstrip One

        Troll or not (and he is bloody annoying), the matter of US hegemony is a point worth raising.

        After all, it's difficult to defend the double standards under which something in China or Iran is worthy of condemnation but the same thing in Saudi Arabia is "a matter of concern" and in Israel "they have a right to defend themselves".

        It would be a different matter if we were treated like adults and told "we're concerned about China's economic power and we're trying to stay on top so here are some measures we're taking" (although WTO rules might get somewhat on the way).

    2. steviebuk Silver badge

      Re: Airstrip One

      The wumao is back.

      Back to the cameras. We should be avoiding them, but sadly, the image quality is good and they are cheap so we've had to use them at work.

    3. Casca Silver badge

      Re: Airstrip One

      Oh, its you again. How quaint. Now go back into your hole.

      1. Caver_Dave Silver badge

        Re: Now go back into your hole

        Don't Trolls all live under bridges?

  2. Kevin McMurtrie Silver badge

    Cheap now, expensive later

    Only one camera needs to be compromised to bring down the whole system. You're thinking of filling up the storage device? No, that might trigger monitoring alarms before recording stops.

    If you bought Hikvision cameras to save money, it's a good bet that the storage system is cheap too. All a compromised camera needs to do is write one large file (a few TB) to storage then delete it. All but the best NAS will become unresponsive during the delete. Within seconds, all the Hikvision cameras will crash from buffer overflow. Video from the past is lost before any monitors raise an alarm.

  3. Winkypop Silver badge
    Big Brother

    Not a bug

    A feature.

    CCP Approved

  4. Paul Crawford Silver badge

    Aside from Hikvision's dubious human rights aspect, who puts their fscking cameras on the net anyway?

    Firewalls can, and here should, block in and out you know...

    1. Anonymous Coward
      Anonymous Coward

      "who puts their fscking cameras on the net anyway?"

      Erm... anyone with a smartphone/tablet... most laptops... many home automation products... and, erm, perverts...

    2. hoola Silver badge

      Err, much of the problems around this are that they are:

      cheap to buy

      easy to setup

      don not require a stack of funky infrastructure with associated costs.

      Much like all the other Internet connect stuff we are now encumbered with. Pretty much anything that can be setup with an App will be connected to the Internet. That covers an awful lot of stuff now.

      1. Ragarath

        But they err don't need to be connected to the Internet. Keep them behind your firewall.

        I don't use their recorders though I use a server to stream the data.

    3. John Brown (no body) Silver badge

      "who puts their fscking cameras on the net anyway?"

      Home users who want 24/7 operation and quite likely don't even have a PC at home any more, at best a laptop, and may only have a tablet or a mobile phone these days. Few will have anything running as a server 24/7 just so their home cameras will work.

      Home users who want Internet of Tat gadgets don't want to be bothered with network security, managing servers or any of the stuff we Reg readers think about every day. They just want to plug it in and see it work within 5 minutes of opening the box and following the one page pictorial instruction sheet. That means everything need to be internet facing and talking to cloud providers. They don't care about and don't remember things like entire home automation systems being made redundant because Nest or whoever no longer support the back-end systems any more. Until it bites them. Then they'll moan and move on to the next shiny thing.

      1. Ragarath

        Likely not using the Hikvision stuff then.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like