Thursday, August 15, 2013

Baby Cam Hackers Can See You, Hear You, and Talk to You... and Your Kids

A hacker was able to shout abuse at a two-year-old child by exploiting a vulnerability in a camera advertised as an ideal "baby monitor".

ABC News revealed how a couple in Houston, Texas, heard a voice saying lewd comments coming from the camera, made by manufacturer Foscam.

Vulnerabilities in Foscam products were exposed in April, and the company issued an emergency fix.

Foscam said it was unable to provide a statement at this time.

However, a UK-based reseller told the BBC it would contact its entire customer database to remind them "the importance in setting a password to their cameras".

The spokesman added that it would be urging Foscam's head office - based in Shenzhen, China - to send out a memo to all its resellers suggesting they too contact their customers.

The BBC has found evidence of hackers sharing information on how to access insecure Foscam cameras via several widely-used forums. Using specialist search engines, people can narrow their results by location...

Foscam is not the only company to find itself the target of hackers. Last year, camera company Trendnet had to rush out an update to fix a security hole that left thousands of cameras exposed. (more

This is not a new problem. Manufacturers have been slow to respond. (Security Scrapbook warnings from 2/12 and 7/13). Why?

Espionage Idea: Imagine your country is the top manufacturer of surveillance cameras. You build in a back-door capability to monitor each one, and hope no one notices. Salt the Earth with your product. Target the units placed in sensitive areas. Wow, what power! And, then some hackers blow it for you. Damn hackers.