2
Matt Brown Digs Deep Into an IP Camera's Firmware — and Finds a Hard-Coded Root Password (www.hackster.io)
submitted 3 months ago by imPastaSyndrome@lemm.ee to c/privacy@lemmy.world
2 comments fedilink hide all child comments
top 2 comments
sorted by: hot top controversial new old
[-] corroded@lemmy.world 1 points 3 months ago

This is one of several reasons why I keep all my cameras and any other IoT devices on a separate VLAN that has no access to the internet and no access to the rest of my home network. The only bridge is my DVR server, but that's something I can't get around.

Before it was set up this way, I saw a huge amount of requests on my DNS server from the cameras, each one resolving the manufacturer's domain name. It was probably innocuous, but why take the risk? There is absolutely no reason whatsoever that a security camera needs access to anything.

[-] onlinepersona@programming.dev -1 points 3 months ago

Very cool. If telnetd is on there, maybe it's already running and just spinning it up could be enough to then log into it - dunno if he tried that already. That would be even worse because anybody with access to the WLAN could then log into the camera if it's on the same network.

Anti Commercial-AI license

this post was submitted on 26 Jul 2024
2 points (100.0% liked)

Privacy

4158 readers
88 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 1 year ago
MODERATORS
iopq@lemmy.world