Sign in / up

back to article RSI Videofied is a 101 in how to build IP CCTV and alarms with zero security, zero encryption

The Videofied wireless video surveillance cameras and alarm systems can be easily hijacked and spied on – thanks to practically nonexistent security. According to London-based infosec biz Cybergibbons, the Videofied W panel is hopelessly insecure. It gathers live video from cameras, and data from security sensors, and feeds …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. asdf

    can't resist

    Hmm why would anybody including a web site send passwords (keys) unencrypted over the internet? Biting the hand ...

    5 0 Reply
    1. Robert Helpmann??
      Reply Icon
      Childcatcher

      Re: can't resist

      It's just that Videofied is working to make the Hollywood version of IT come true.

      0 0 Reply
    2. TeeCee Gold badge
      Reply Icon
      Coat

      Re: can't resist

      It's probably just the French way of doing it.

      0 0 Reply
    3. phuzz Silver badge
      Reply Icon
      Joke

      Re: can't resist

      No, you don't understand, it's a business feature!

      When the various politicians manage to get this evil encryption thing banned, then RSI Video Technologies will already have a shipping product with no encryption, putting them weeks ahead of the competition!

      2 0 Reply
    4. Adam 1
      Reply Icon

      Re: can't resist

      > send passwords (keys) unencrypted over the internet?

      In defence of such "bird brained" security, one could make the argument that they do not ever send passwords unencrypted*

      *as opposed to receiving unencrypted passwords.

      0 0 Reply
  2. Notas Badoff

    IoT success!

    Next year, *five* digit numbers! We've been at the flatter part of the exponential curve.

    ... CVE-2015-8252, CVE-2015-8253, CVE-2015-8254, ... CVE-2015-15283, ...

    BTW: Can someone come up with a CVE medal/ribbon we can start sending these companies? Should then be easy to have a site where a potential customer can quickly check when thinking about a product. "AeroGello brand security products have received 17 CVE ribbons!"

    3 0 Reply
  3. x 7

    I always assumed those USA cop programs that showed the intelligence services hacking private security cams at will to be a load of bull........now I'm not so sure

    What did the TV studios know that we don't?

    0 0 Reply

    1. This post has been deleted by its author

    2. Crazy Operations Guy
      Reply Icon
      Joke

      They knew how to build a GUI in Visual Basic and trace the IP addresses of the feds.

      7 0 Reply
  4. John Mangan

    I don't know about you . . .

    but given how badly borked their product is - how much faith would you have in the patch?

    1 0 Reply
    1. DropBear
      Reply Icon
      Trollface

      Re: I don't know about you . . .

      The new patch will surely be completely impervious to hackers - the serial-number-derived keys will be stripped out and replaced with new ones generated using a state-of-the-art random generator (returning the value "4", chosen by fair roll of dice).

      0 0 Reply
      1. Adam 1
        Reply Icon

        Re: I don't know about you . . .

        https://xkcd.com/221/

        0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like