back to article Australia gives made-in-China CCTV cams the boot

Australia's Defence Department removed all Chinese manufactured surveillance cameras after an audit detailed the number of Hikvision and Dahua devices installed in various government facilities. In an impromptu interview on Friday, deputy prime minister and minister of defence Richard Marles revealed that all the relevant …

  1. Anonymous Coward
    Anonymous Coward

    TV cameras, bad

    Chinese investors laundering cash via property, putting up house prices, fine.

    1. elsergiovolador Silver badge

      Re: TV cameras, bad

      Tory landlords are very pleased with this, as it raises the value of their portfolios.

      It's like corruption, but money doesn't change hands.

  2. cookieMonster Silver badge
    WTF?

    Sure

    “ We hope the Australian side will provide a fair, just and non-discriminatory environment for the normal operation of Chinese companies and do more things that could contribute to mutual trust and cooperation between our two countries," said Mao.”

    Of course they will, just as soon as China does the same for all the non Chinese companies wanting to operate in China.

    You sanctimonious little f€&@.

    1. Lil Endian

      Re: Sure

      I've seen no claim that it's a retaliatory measure based on economics or trade, but on:

      ...the number of Hikvision and Dahua devices... and ...these dangerous devices... and ...because of the national security threat that they pose.

      I'm not even arguing whether the claims above are justified or not. But if the claims are the be maintained, then the equipment couldn't be permitted regardless of China allowing "...all the non Chinese companies wanting to operate in China." to do so.

      So which is it?

      FUD slinging to reduce trade quid pro quo or National Security. You can't have both.

      If it's the former, then it undermines the integrity of our Western Governments. If it's the later, then you must be comfortable without those non-Chinese companies trading in China, and rightly so.

      1. TheBadja

        Re: Sure

        The Chinese hypocrisy of denying any but Chinese equipment on their security networks, but complaining when others do the same.

        1. Lil Endian
          IT Angle

          Re: Sure

          This article refers to insecure technology, not "hypocritical" trade arrangements.

          Claiming one thing to achieve another is disinformation, at best.

          I've seen a number of reasonable questions and comments answered with nothing but "America Good. China Bad.". No refutation, no sensible discourse. Just name calling and "You hate America!" brain dead, indoctrinated fucking bullshit. 4Chan is available for that level of infantile bickering.

  3. Screwed

    And in the UK?

    Has anyone done and published a similar audit in the UK?

    I suspect some properties in Marsham Street might have Hikvision security cameras.

  4. Evil Auditor Silver badge

    "...that the Albanese government..." - Ignorant, early morning before-tea me: what's got Australia to do with the Albanian government and why that odd spelling?

    I do wonder though why banning Chinese (or other) products for security reason? If it is that relevant for security, I wouldn't trust any product unless I engineered, manufactured and operate it myself under my sole control - which is highly unlikely under most real-world scenarios. So, whichever product I use, I have to deploy them in a secure, controlled environment, where I do know and control what communication is going to and from the device. Personally, I'd trust a product from a private sector company more than one from a company run partially by (e.g. Chinese) government agents. But neither I would fully trust to only do what's written on the box.

    There are, however, plenty of other and good reasons to ban Chinese products. But off to a cuppa now.

  5. Ragarath

    Are there any articles/anaysis?

    Is there any study or article that actually shows that these devices are an issue, leaking data or anything or is this a case of oh it's china therefore it's bad?

    I'm not talking about these articles that go for headlines of X amount of $company cameras are exploitable. These articles are just revealing where people have not properly secured their devices.

    I have an estate of Hivision cameras and when I get time will do my own check on any leaks. Not that the company can afford to replace them all. But having a credible article with an analysis would be a great help.

    1. PhilipN Silver badge

      Re: Are there any articles/anaysis?

      I have posed this question countless times here and in other forums in relation to Huawei i.e. what precisely has been found?

      The silence is deafening.

      1. The Man Who Fell To Earth Silver badge
        Black Helicopters

        Re: Are there any articles/anaysis?

        Documents link Huawei to China’s surveillance programs

        https://www.washingtonpost.com/world/2021/12/14/huawei-surveillance-china/

        Huawei CEO tells staff to keep fewer records, write shorter memos

        https://www.washingtonpost.com/world/asia_pacific/huawei-ren-memo-ceo/2021/05/10/b321bf3a-b15b-11eb-bc96-fdf55de43bef_story.html

        Huawei official speaks out on why he resigned after The Post reported the tech giant had worked on a ‘Uighur alarm’

        https://www.washingtonpost.com/technology/2021/02/01/huawei-uighur-facial-recognition-fallout/

        Meng Wanzhou can return to China, admits helping Huawei conceal dealings in Iran

        https://www.washingtonpost.com/national-security/huawei-meng-wanzhou-plea-deal/2021/09/24/6068d9f4-1d49-11ec-bcb8-0cb135811007_story.html

        1. PhilipN Silver badge

          Re: Are there any articles/anaysis?

          And as regards the actual Huawei kit that had to be de-installed....? Any backdoors found?

        2. Ragarath

          Re: Are there any articles/anaysis?

          @The Man Who Fell To Earth

          Thanks for linking the exact articles I was talking about. Nothing about the technical side of things an if these devices are intentionally sending out data. The first is the most technical and that is dealing with designing systems, for companies. Shock horror, other companies do this too.

          What I want to see is where this so-called leak/threat is and how I should mitigate it. Although I already know that as I don't let anything out from these cameras.

        3. PhilipN Silver badge

          Re: Are there any articles/anaysis?

          “There is, to date, no public evidence of serious technological vulnerabilities in specific Huawei or ZTE equipment.”

          CCDCOE Paper, Tallinn 2019

    2. silent_count

      Re: Are there any articles/anaysis?

      I'd just like to chime in to say that thusfar the Chinese-hardware-is-evil thing comes across as paranoid nonsense along the lines of Bush's dosier on WMDs in Iraq. "Trust us that we have compelling evidence of... oh no! We're not going to show you any of it. But if we did you'd be really convinced".

      If there was a single case of $THIS model of Chinese (Huawei or whatever brand) camera has a undocumented extra memory which stores pictures of your wife's nickers and tries to email them chairman Mao's private account every Thursday at 7pm... it should be fairly easy to demonstrate that the camera has this nefarious behaviour under $THESE conditions. Right?

      1. Paul Crawford Silver badge

        Re: Are there any articles/anaysis?

        Maybe worth thinking beyond the "Has model X been seen to spy?" sort of question in to the "Can they update X to spy if desired by the CCP?" question.

        But maybe more fundamentally "Should I be putting $$$ in to a company that is more than complacent in the abuse of minorities and even of genocide?". True, many, MANY countries and companies are not squeaky clean on this point, but sometimes the right thing is to make some sort of a stand for democracy, however small. The banned company list is not every Chinese company, just those with known links to CCP activities.

      2. Cav Bronze badge

        Re: Are there any articles/anaysis?

        "that thusfar the Chinese-hardware-is-evil thing comes across as paranoid nonsense"

        Then you haven't clue about the threats that China poses. Why would anyone use any electronic device created by a corporation based in an oppressive enemy state, that has the ability to directly control said corporations? You don't need eveidence of specific harm. You can see the possibilities and the actual actions of the Chinese regime. There's is not a society\form of government that we want to allow even the possibility of monitoring the West.

    3. Michael Wojcik Silver badge

      Re: Are there any articles/anaysis?

      There have been tons of documented security vulnerabilities in IP-connected cameras from various manufacturers. I'm not saying anyone else's are better, but certainly many of these devices have been found to be laughably insecure.

      Wyze and Eufy (and also this) have probably gotten the most press, but there are plenty of others.

      Hikvision might be one of the less-bad vendors, since they actually fix stuff. But personally I wouldn't have any of the damned things connected to the Internet. If I absolutely had to have remote access to camera feeds, they'd be on an isolated segment with a tunnel to another part of my network, which I'd bring up only when I needed it.

      Here are all of the 18 CVEs for Hikvision products. Hmm. That wasn't so hard. Probably a little harder than complaining you haven't been told what's wrong with them, though.

  6. Anonymous Coward
    Anonymous Coward

    Why?

    I don't get this. Why these being removed? I have some on a site. And none of them have access to the internet as they are blocked at the firewall.

    External access to the CCTV system is via VPN into the management console.

    Surely that would be standard procedure on any secure site? I did this to stop hackers poking at my cameras. Not due to fear of the Chinese government watching my car park.

    Is there a new CIA\GCHQ branded line we are now supposed to be purchasing instead?

    1. Paul Crawford Silver badge
      Facepalm

      Re: Why?

      Surely that would be standard procedure on any secure site?

      Yes, it should be. But then gov ministers should not leave secret documents on public transport, or use personal email for gov business, or out-source IT to cheapest company their cronies own who use overseas servers and staff.

    2. Anonymous Coward
      Anonymous Coward

      Re: Why?

      depending on what your organisation does and what it connects to there may be obligations to meet various requirements that may dictate the use of certified equipment.

      https://www.iso.org/isoiec-27001-information-security.html

      https://security-guidance.service.justice.gov.uk/code-of-connection-standard/#code-of-connection (other departments have variations on the same theme.)

      https://www.gov.uk/government/publications/psn-code-of-interconnection-coico

    3. Gene Cash Silver badge

      Re: Why?

      they are blocked at the firewall.

      Uh huh. That's lovely that you're so smart. And most people don't even know what a firewall is, much less have one, other than whatever default Windows uses.

      And yes, I've seen these cameras connect to Chinese IPs on more than one of my friend's networks.

      But they don't give a shit, just like they don't give a shit about how much their Ring cameras are broadcasting.

      1. Anonymous Coward
        Anonymous Coward

        Re: Why?

        > But they don't give a shit, just like they don't give a shit about how much their Ring cameras are broadcasting.

        These are the ones that the police have access to, and Amazon are about to make a TV show out of.

        Yeah I trust that so much more than the Chinese kit... </sarcasm>

        It puzzles me that people don't seem to care what Amazon are doing with their data, but get all jumpy about the Chinese.

        1. Michael Wojcik Silver badge

          Re: Why?

          Oh, do fuck off. Plenty of people are equally suspicious about both. It's not a zero-sum game.

          Anyone who's actually paying attention knows that network-connected cameras have a miserable record when it comes to security. That's true pretty much across the board. Yes, you can mitigate that greatly by properly isolating them and locking them down. Most people don't.

      2. Lil Endian

        Re: Why?

        Do "most people" secure Australia's government's infrastructure? No.

        And what do any of the "...more than one of [your] friend's [sic] networks. have to do with Australia's Defence Department or any Australian government facilities? Nothing.

    4. Anonymous Coward
      Anonymous Coward

      Re: Why?

      Given the quality of other Chinese products, governments are probably replacing broken cameras with ones designed to last more than 30mins

  7. tmTM

    Brought this on themselves

    Chinese kit is notorious for sending far too much data back home. The world is slowly deciding they are no longer willing to put up with that.

    1. The Man Who Fell To Earth Silver badge
      Trollface

      Re: Brought this on themselves

      My Chinese made camaras keep emitting little balloons.

      1. Anonymous Coward
        Anonymous Coward

        Re: My Chinese made camaras keep emitting little balloons.

        Amusingly, someone has made a Kerbal Space Program "spy balloon"...

  8. Anonymous Coward
    Anonymous Coward

    Sloppy buying praticies

    So nobody did any due diligence before purchasing the junk. National security should depend on tech from it's own nation. Not the most scamming/murderous/patent abusing/bribing/****, country in the world. Sure it's cheap, which much like Free - means you are the product.

    I'll bet $1 that there some nice kickbacks to whoever bought the cameras initially.

    1. Anonymous Coward
      Anonymous Coward

      Re: Sloppy buying praticies

      > Not the most scamming/murderous/patent abusing/bribing/****, country in the world.

      The USA?

      1. Cav Bronze badge

        Re: Sloppy buying praticies

        If you believe that then you are a fool. Show us where the US has camps set up to "reeducate" ethnic majorities (and the past doesn't count, we are responsible for what happens now). Show us where corporations are allowed to use slave labor.

        1. This post has been deleted by its author

        2. Anonymous Coward
          Anonymous Coward

          Re: Sloppy buying praticies

          Slave labor like this? https://www.theguardian.com/us-news/2022/jun/15/us-prison-workers-low-wages-exploited

          The US constitution literally allows slavery "as punishment for a crime" and the US has one of the largest prison populations in the world, it's officially bigger than China's (though that's probably inaccurate when you count China's concentration camps).

          Yes, US corporations absolutely DO use slave labor, and the slaves are frequently Black.

          None of that is in any way intended to excuse China, the Chinese situation is worse, China's racism problem is worse, and China is far more actively engaging in genocide. But the US situation is also inexcusable.

          1. Michael Wojcik Silver badge

            Re: Sloppy buying praticies

            Yeah, the slave-labor stone is not one you want to throw, if you're in the US. And that's a problem the US has been backsliding on since the middle of the 20th century, not correcting.

            But then there isn't a lot to be gained by playing the "my oppression is worse than your oppression" game. Deciding not to do business with nation X because of human-rights abuses can be a principled stand even if there's no alternative supplier who's a paragon of morality and justice.

        3. that one in the corner Silver badge

          Re: Sloppy buying praticies

          > Show us where corporations are allowed to use slave labor.

          https://www.theguardian.com/us-news/2022/jun/15/us-prison-workers-low-wages-exploited

          "US prison workers produce $11bn worth of goods and services a year for pittance: New report by American Civil Liberties Union says incarcerated laborers are either poorly compensated or not at all"

          https://corpaccountabilitylab.org/calblog/2020/8/5/private-companies-producing-with-us-prison-labor-in-2020-prison-labor-in-the-us-part-ii

          "Private corporations are incentivized to lobby for policies that maximize prison populations in order to sustain a business model that is only profitable because they can exploit artificially deflated labor costs'

  9. Will Godfrey Silver badge
    Unhappy

    Something must be done!

    This is something. We'll do it.

    Of course none of this stops everything about you being slurped. It just decides who gets to do the slurping.

  10. HighHair

    Nothing to see here...

    There is absolutely NO THREAT here unless they are WIRELESS (WiFi)

    No professional camera installer would use Wifi.

    They would connect the cameras to a wired network behind a firewall with appropriate routing rules.

    The Defence Department twats probably just want new cameras and so make out that the cameras are not "safe".

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like