back to article UK government to set deadline for removal of Chinese surveillance cams

The UK government will set a deadline for removing made-in-China surveillance cameras from "sensitive sites." News of the not-very-imminent deadline came with on Tuesday with the publication of proposed amendments [PDF] to the Procurement Bill – legislation that will reform many aspects of the UK government's practices for …

  1. Anonymous Coward
    Anonymous Coward

    "Government agencies will also be required to pay small business contractors within 30 days."

    This should be law for everyone.

    My brother went out of business as he spent more time chasing people for payment than actually doing the jobs!

    1. Ideasource Bronze badge

      I had similar problem for a while in a business of my own but I learned to start charging up front for my costs , so that at least if I had to chase them down for the profit portion after I still hadn't lost anything of importance. Just the bonus winnings after what it takes to maintain a life to be able to have to be able to work in the first place.

      Running a business is just another way to put food on the table and avoid charges of vagrancy.

      As long as that much is met, then the rest is just for sport anyway.

      My condolences to your brother.

    2. G2
      Facepalm

      the actual quote from that proposed amendment does not quite say that:

      quote:

      (9) Subject to subsection (10), not later than 30 days after the date of handover of each subcontracted works at least 50% of the withheld retention monies must be released, and not later than the date which is 12 months from the date of handover of each subcontracted works the balance of the retention monies must be released.

      /quote

      this just shifts the delay point in the event chain - thus, if they delay signing the paperwork for the "handover" then they can delay payments.

  2. Headley_Grange Silver badge

    Security Risk?

    There's a low risk of info being phoned home if the network security is correctly handled. There's a limited number of addresses and users who need to see the data streams from these cameras and Shirley that can be handled with an IP/Security plan and a half-decent hardware firewall. The fact that they're worried about data being sent to China implies that the cameras have got unfettered access to the web, which is a security risk looking to be exploited not matter where the bloody cameras are made.

    1. Anonymous Coward
      Anonymous Coward

      Re: Security Risk?

      Agreed. I have a bunch of the Chinese made cameras all over the property.

      They are all on their own network segment that is firewalled off from the internet. The surveillance server lives on that same segment, and even it can't initiate an outbound connection. Remote viewing is allowed, but only through the server running surveillance software from a known, reputable company. Only the server can connect to the cameras.

      I would think (hope?) that this is how everyone has their surveillance system set up?

      It's interesting (and a little frightening) to see all of the places that these cameras try to connect to. I can't imagine someone would be dumb enough to allow them to connect to the live internet!

    2. Mr Humbug

      Re: Security Risk?

      I don't think CCTV and alarm installers ever consider restricting outbound network traffic. Last year our remote monitoring company changed its IP address and asked me to update our firewall rules so I asked them to confirm which of the other addresses they still needed. This was the reply:

      "You’re very on it with your network.

      [redacted] needs to be cancelled

      [redacted] & [redacted] our inbound connections but these should not need to be on your firewall as I can’t imagine your firewall blocking outbound traffic."

      Naturally, the firewall does block outbound traffic.

      As I recall, some years ago when they last changed IP address they just sent one of their engineers to update the firewall settings. Of course, I ddn't let him do that.

    3. Anonymous Coward
      Anonymous Coward

      Re: Security Risk?

      I would presume that the government are smart enough to properly secure their cameras. I just doubt they want to take the risk of using cameras made by companies wholly subject to an authoritarian and hostile country that it increasingly looks like we may be involved in conflict with (i.e. Taiwan etc).

  3. Anonymous Coward
    Anonymous Coward

    The downside?

    How long until we start hearing "sorry, your honour, we have no CCTV evidence, the government made us remove the cameras"?

    1. R Soul Silver badge

      Re: The downside?

      This scenario would never arise if the cops got off their arses and did their jobs properly by gathering evidence from interviewing eyewitnesses, making door-to-door inquiries, checkimg alibis, using forensics, searching the crime scene and so on. That takes a bit more effort than eating doughnuts while watching CCTV.

      IMO, unless there's indeoendent corroboration CCTV images must be inadmissible as evidence. The "witness" can't be cross-examined and the authenticity of their "evidence" can't be tested.

      1. Commswonk

        Re: The downside?

        IMO, unless there's independent corroboration CCTV images must be inadmissible as evidence. The "witness" can't be cross-examined and the authenticity of their "evidence" can't be tested.

        Not really; I know it is a cliché but the camera does not lie. It does not "know" what it is looking at*; it does not "know" who it is looking at*; it does not "know" where it is*; it has no idea what the time of day is*.

        * Not yet, anyway... :(

        If your house was burgled and (say) your television was stolen, would you accept a defence plea that because the television had failed to confirm the identity of the person who stole it then the verdict of the Court had to be Not Guilty?

        I suspect that CCTV evidence falls into the category of Res Loquitur, but then IANAL...

        1. localzuk Silver badge

          Re: The downside?

          Cameras can indeed lie. Timestamps can be wrong. Hardware can be problematic, and therefore add weird delays to footage. Images can be unclear and therefore require human interpretation.

          1. Ideasource Bronze badge

            Re: The downside?

            Cameras often lie by omission.

            Meaning that they do not tell the entire story and thus promote false positives.

        2. Ideasource Bronze badge

          Re: The downside?

          If your house was burgled

          Well if my house was burgled, I would be much more concerned with filling out the paperwork to be paid back by my insurance.

          The burglars punishment is irrelevant to making me whole.

          Occasional theft is one of the unavoidable costs of property ownership. It's part of the natural trade-off to subscribing into the concept of private property.

          Just as generation of criminal potential , as well as the eventual realization of those potentials, is a natural byproduct of law creation.

          Punishing one criminal does nothing to deter others.

          And so I have nothing to gain but psychological harm unto self and self-destructive perceptions, from entertaining pleasure or relief from the punishment of others.

  4. R Soul Silver badge

    Snoopercams uber alles

    Getting shot of China's spyware/crapware is all very well. But it misses the point. Why are our streets and public spaces swarming with spy cameras? And why has there been no proper discussion or public engagement on this pervasive mass surveillance?

    When the Chinese cameras get removed, it would be nice if they didn't get replaced. That won't happen however. Just like there will never be any objective cost/benefit analysis on the use and costs of this gross violation of civil liberties. And its operation outsourced to Crapita of course.

    1. Zippy´s Sausage Factory

      Re: Snoopercams uber alles

      Like a hydra, each one that gets removed will spawn more.

      Of course the worry was less government owned security cams - which are likely to be secured - as opposed to those of your average corner shop owner who can only afford a cheap Chinese cam, who now has given the CCP a nice view outside their local shop.

      1. R Soul Silver badge

        Re: Snoopercams uber alles

        I'm not so bothered about the CCTV in a corner shop. It's unlikely to be connected to the interwebs and sending stuff back to the CCP mothership.

        Besides, you can always avoid any privacy intrusions and unwanted surveillance from those cameras by shopping on Amazon or Fleabay. They don't snoop on anyone, no siree. And neither does our google overlord. Allegedly.

        The cameras that worry me are the ones controlled by the authorities. Like the ones the cops are using for facial recognition "experiments". Or the ones used for ANPR. Or the so-called "biometric" passport gates at airports, etc, etc. All linked to enormous back-end databases with minimal oversight or accountability. These are morphing into an Orwellian nightmare of unavoidable pervasive surveillance that exceed anything the Stasi or KGB could have imagined. Or the wettest of Blunkett's or Bliar's wet dreams about an authoritarian state. No need for ID cards: all of your retina scans, facial data, fingerprints and DNA samples are belong to us.

  5. sitta_europea Silver badge

    I'd be happier if they'd just ban Chinese everything.

    1. Headley_Grange Silver badge

      What did you type that on?

    2. R Soul Silver badge

      Does that include whatever you used to post this comment and just about all the electrical devices in your house?

    3. Anonymous Coward
      Anonymous Coward

      Piss off, then I’d starve to death!

    4. Al fazed
      Facepalm

      F'in Bollox

      No more noodles or paper moon lanterns for you then

      ALF

  6. Anonymous Coward
    Anonymous Coward

    "the relevant suppliers will be placed on a naughty list that indicates they are not to be considered for some government contracts."

    Unless they are called Crapita, Serco, KPMG....

    https://www.gov.uk/government/news/government-toughens-rules-to-exclude-underperforming-suppliers

    Erm... that was announced back in Dec 2021

    1. Fruit and Nutcase Silver badge

      Don't forget drinking buddies of government MPs and ministers

  7. Anonymous Coward
    Anonymous Coward

    Little question..

    Just to be sure, the kit that is going to replace the gear they remove is surely as thoroughly screened and the results made public as the gear it replaces, right?

    Right?

    Yeah, thought so.

    Someone is making a mint here - and we're paying. Again.

  8. cookieMonster Silver badge
    Trollface

    I’ll give it 18/24 months

    before we read a story here about some company getting charged for removing said cameras, changing the stickers and reselling them back. In addition to charging for the initial removal and disposal

  9. Howard Sway Silver badge

    Don't ban them, buy hundreds more

    They'll be going cheap with all the bans already in place elsewhere. Then set them up with names like "GOV security headquarters operations hub entrance D". Point them at a wall in a back yard somewhere, connect them to the internet and sleep happily knowing that there may be rooms full of people somewhere whose job is to watch the exciting output.

    1. Fruit and Nutcase Silver badge
      Alert

      Re: Don't ban them, buy hundreds more

      Point them at a wall in a back yard somewhere [with an enormous mural of Winnie the Pooh]

  10. StrangerHereMyself Silver badge

    Pi camera

    Aren't there any British manufacturers that make CCTV camera's based on Raspberry Pi's and its accompanying camera?

    1. John H Woods Silver badge

      Re: Pi camera

      I've made a few with the 8MP sensor. Fixed cams are easy, PTZ a little bit harder.

  11. Grunchy Silver badge

    Security is trivial

    All you do is isolate the cameras, to communicate exclusively with one Network Video Recorder.

    Then, you control access to the NVR — over a separate interface.

    Anybody who has configured a router and can grasp the difference between Local Area Network LAN vs Wide Area Network WAN has enough background to foil any of these rogue cameras.

  12. VoiceOfTruth Silver badge

    British 'government'

    Memo to the USA: You're spying on us is OK.

    1. Commswonk

      Re: British 'government'

      @VoiceOfTruth: You're spying on us is OK.

      While your misuse of the English language is not OK...

      1. VoiceOfTruth Silver badge

        Re: British 'government'

        Your comment is fair enough. My English was bad in this case.

  13. Anonymous Coward
    Anonymous Coward

    Yep.... "hikvision" is just the tip of hte iceburg, the company is already shipping product under other new more "western" sounding company names.

    they also produce "badged" cameras for a number of UK security companies, you know them incharge of prisons.

    and as regards to "back doors", yes they DO have them and tehy have fixed passwords, which they have started encrypting recently.

    also the "guarantee" label on the backs of the cameras have a "special" override code, that can bypass any "incorrectly set" password. hmmmm... why not just a hardware reset?

    Then there is the "special" web link & software that is loaded into all their ip cameras, but appears disabled... this allows any camera to build up an internal network of any other camera it is signalling on the internal network.

    so from a single camera, it is possible for it to display live images from any other camera it sees, on a lan, to top all this off.... we saw an app, with what we thought was malware, trying to act as a "bridge"

    between an isolated WIFI network for phones to a local lan, that housed some of these cameras....

    so yep, the camera may appear to be "clean" but now we have bridge applications floating about , that "signal" as cameras to build up an internal network over bridged networks.

    We also saw a couple of local phones, that were enabled to try an signal vlans, that might be present on a network.

    Yep.. it might all be an "accident", but from experience , it is almost impossible to stop these devices from tunneling out of a vlan or even a vlanned local lan., they seem to be using the same tech as "anydesk" or "teamviewer" to tunnel.

    1. Anonymous Coward
      Anonymous Coward

      Fix your wonky "quotes" key.

    2. Anonymous Coward
      Anonymous Coward

      "it is almost impossible to stop these devices from tunneling out of a vlan or even a vlanned local lan., they seem to be using the same tech as "anydesk" or "teamviewer" to tunnel."

      Sorry amigo, but if you can't understand how a firewall works, it's probably time to hang up your keyboard and collect your P45 if you work in IT...

  14. PhilipN Silver badge

    Coincidence?

    Or is there a connection between this manoeuvre and Rishi's recent trip to the USA (from where he returned empty-handed again)?

  15. Anonymous Coward
    Anonymous Coward

    We’re not spying

    We just thought we were watching a post-apocalyptic TV drama.

    - China

  16. Tron Silver badge

    Sunak kissing American butt.

    Local authorities are skint, running up debts and in some cases going bust. Some of those that manage to get themselves elected to run your town (and tax you £5 per day to use your car) turn out to be rubbish at managing multi-million pound budgets, despite self-identifying as financial geniuses.

    So when all of this zero-risk Chinese kit gets pulled out or just turned off, it will not be replaced. The CCP don't care who is dogging in your local car park, but without their cameras, there will be more thefts, more vandalism, more fly-tipping and more rapes.

    And all because the idiots that run the country choose their half-baked nationalist ideology and their desire to get a few favours from Washington over common sense and the protection of British citizens at an affordable price.

  17. ITMA Silver badge

    An now the BBC are the US "lapdog"

    This wonderful piece of rubbish appeared on the BBC News website, plugging a Panorama programme this evening:

    https://www.bbc.co.uk/news/technology-65975446

    Two paragraphs immediately scream "setup/con job":

    First:

    "Panorama worked with US-based IPVM, one of the world's leading authorities on surveillance technology, to test whether it was possible to hack a Hikvision camera. IPVM supplied the one that was installed in a BBC studio."

    So the BBC let the US company supply the camera the very same company were then going to "hack". Did the BBC have the camera independently checked to ensure it had not been "tampered" with?

    What's the bet the answer to that is "NO".

    Second:

    "Panorama could not run the camera on a BBC network for security reasons - so it was put on a test network where there is no firewall and little protection."

    That is a great real world test of how such cameras are going to be used by competent businesses and organisations.... NOT.

    So this entire programme is based on a "hack" perpertrated by an American company against a camera THEY have supplied while it is connected to a totally unsecured network.

    What a pile of unrealistic shite.

    The BBC really have scrapped the bottom of the toilet bowl for this crap.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like