Dropcam is MARKETED as a spycam.
See the "NBC" ("Nothing But Calculus") television commercial, as an example.
Yet another example of the gootard's fuckwittery ...
Hackers could inject fake video into popular home surveillance kit Dropcam and use the system to attack networks, researchers Patrick Wardle and Colby Moore say. The wide-ranging attacks were tempered by the need for attackers to have physical access to the devices but the exploits offer the chance to inject video frames into …
I am given to understand BusyBox comes as a single binary, it would be interesting to see how a persistant exploit was achieved. But then again with physical access, it's game over as far as security is concerned. Unless, as I've seen elsewhere, you erase all the chip makings and encase the device in epoxy resin.
--
ref: 'Synack, the Menlo Park, Calif.-based company started by former NSA agents Jay Kaplan and Mark Kuhr, announced this morning'