Tuesday, February 7, 2012

SpyCam Story #647 - Unintended Exhibitionists

Feeds from thousands of Trendnet home security cameras have been breached, allowing any web user to access live footage without needing a password.

Internet addresses which link to the video streams have been posted to a variety of popular messageboard sites. Users have expressed concern after finding they could view children's bedrooms among other locations.

Oops...
Click to enlarge.
US-based Trendnet says it is in the process of releasing updates to correct a coding error introduced in 2010...
 
"We first became aware of this on 12 January," said Zak Wood, Trendnet's director of global marketing.

"As of this week we have identified 26 [vulnerable] models. Seven of the models - the firmware has been tested and released. We anticipate to have all of the revised firmware available this week. We are scrambling to discover how the code was introduced and at this point it seems like a coding oversight." (more) (example) 

Spybusters Security Alert: Check to see if you are operating any cameras made by Trendnet. If so, contact Trendnet for a firmware update. Then, change your password.