Announcement

Collapse
No announcement yet.

China/mac-address/backdoor

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • LARMGUY
    replied
    Originally posted by SafeSmallTowns View Post
    To make the issue more complicated, sometimes backdoors are not programmed in maliciously, but for debugging purposes. The problem comes into play when a hacker discovers the backdoor exists and exploits it. This article talks about how China was initially blamed for a backdoor in a computer chip used by the US Military, but it ended up being a debugging program installed by a California-based firm: http://www.techspot.com/news/48817-c...-backdoor.html
    I found this while searching other forums.

    Bit of a heads up about a bit of a disconcerting security issue in some ONVIF IP
    cameras.

    I had my eye on some low cost, Chinese OEM IP cameras because
    they have good NAS compatibility (claimed Synology). They are branded as IPS,
    Uvision, Gsvision, Sunvision, Aote among others. I was willing to put up with
    the clunky ActiveX interface because I figured I'd only have to configure them
    once and would be viewing the video through the NAS/NVR
    interface.

    Everything went fairly smoothly- I set the time, IP address,
    changed the password- and when I went to log back in it would not accept the
    same one copied and pasted. No problem- went for the old reset button and… no
    reset button.

    So I emailed the Chinese manufacturer, they asked for me to
    give their technician access to my computer via TeamViewer so he could reset it-
    I said that was not really an acceptable solution. So they sent me the default,
    hard-written to firmware, root password for their cameras so I could just
    remotely log-in and hard-reset the camera over telnet.

    That's
    right, there's a root user, but you can't change the
    password.


    Yeah- not too happy about that.

    I spent a few
    days going back and forth with them- explaining why, with these cameras in homes
    and businesses all over the world this was a Bad Thing. Either they were playing
    dumb and had to have it for the Powers That Be (as has been documented with
    other network products of similar origin), or else they truly think it's ok.
    Their attitude was basically that they had made a mistake in giving it to me-
    and not in having one in the first place. Their "fix" was a promise to change
    the hard-written root pass in future firmware revisions. Given that the password
    is sent to the camera in plaintext, it's hardly likely the new one would remain
    secret for long.

    (In case you are wondering, even after a few hard reset
    cycles the camera would still not accept a new admin password but that is no
    longer really a concern for me.)

    All this seems a bit insane. As we all
    know few LANs are very secure- wifi is not tough to crack, we all password
    protect our computers and NASs against this eventuality. As it stands, anyone
    with access to the LAN that these cameras are on can take them all offline with
    a few keystrokes, or reset the admin password, restore the original IP and leave
    anonymous access on- so the owner would never know they had been compromised. Or
    set them to forward images to an outside location.

    As far as cameras that
    are accessible via the Internet, many people will not change the cameras default
    IP- which means that even on reset it won't lose its port mapping and video
    could be viewed by anyone, anywhere. At the very least they could still disable
    it. Other than that, root is root and someone with better Linux skills could
    probably make more of it.

    I'm posting this because as we all know there
    is no security in obscurity- and if they could accidentally just email me the
    root pass this is far from obscure. People have these cameras pointed at
    playgrounds and in private homes- hoping they don't give the password to anyone
    else (or that it is not already being used) is not really an option in my
    opinion. I would never consider installing a camera with this kind of known
    backdoor- perhaps others feel differently.

    If you'd like to check your
    camera, here is the information:

    Not going to give this part

    Credit to milo****

    Leave a comment:


  • LARMGUY
    replied
    Originally posted by SafeSmallTowns View Post
    To make the issue more complicated, sometimes backdoors are not programmed in maliciously, but for debugging purposes. The problem comes into play when a hacker discovers the backdoor exists and exploits it. This article talks about how China was initially blamed for a backdoor in a computer chip used by the US Military, but it ended up being a debugging program installed by a California-based firm: http://www.techspot.com/news/48817-c...-backdoor.html
    Here is a scenario. Would it be any different IF China was a favored nation and ally and never ever gave us any reason to think otherwise?
    No is my answer. Power changes every day and corrupt leaders could overthrow any regime at any time. They could give vital information quickly to any subversive faction about our tactics, strength, whatever.

    Like this

    Leave a comment:


  • SafeSmallTowns
    replied
    To make the issue more complicated, sometimes backdoors are not programmed in maliciously, but for debugging purposes. The problem comes into play when a hacker discovers the backdoor exists and exploits it. This article talks about how China was initially blamed for a backdoor in a computer chip used by the US Military, but it ended up being a debugging program installed by a California-based firm: http://www.techspot.com/news/48817-c...-backdoor.html

    Leave a comment:


  • LARMGUY
    replied
    Finally! There are intelligent life forms here. I have talked to several individuals in the IT industry. They say NOTHING is secure. Example, Stuxnet. The Chinese know when large shipments go out and one way would be by reversing the technical support route, anyone can determine who the end user could be. One scenario is they could leave the camera with a flaw that has to be corrected by the factory. The poor tech guy has no idea it is a ploy. It's not hard to backtrack anything if you really want to. Intel on commonly bought items such as cameras would be easy to find. The government usually puts jobs out for bids. That is easily tracked. We all know China follows all the rules. Finding a public IP address would be easy. Finding the back door through hardware and software would be the next challenge. Hard but not impossible.

    Your thoughts?

    Leave a comment:


  • SafeSmallTowns
    replied
    I don't know how probable it is, but it is certainly possible. There are two ways to do this: hardware and software. And one company may make the hardware and another company may make the software. Adding complexity, there may be many hardware manufacturers in each camera or system that make up the sum of it's parts. Additionally, there would need to be a motive or reason for doing this. "China" has no way of knowing where and how the cameras produced there will end up. It is far more likely that they don't have such a backdoor, but if you detect suspicious network traffic, you might want to take security precautions or switch cameras and notify the authorities. Why not try and find camera parts made in the US?

    Leave a comment:


  • LARMGUY
    replied
    120 views and no takers huh?

    Leave a comment:


  • LARMGUY
    started a topic China/mac-address/backdoor

    China/mac-address/backdoor

    I'm just going to throw this out there. It has been concerning me since security has gone IP.

    1. Every IP device has to have a unique identification number the mac address.
    2. Most of the world's cameras, access control boxes, security panels are made in China, Korea, Vietnam, Taiwan, etc.
    3. What is the probability these communistic, hostile countries have programmed "back doors" into every product they produce?

    Can anyone see the possible ramifications?

Leaderboard

Collapse
Working...
X