Quote:
posted: Tech news website The Verge first publicised the issue last week after discovering a blog which had published details of the vulnerability on 10 January.
The author discovered that after setting up one of the cameras with a password, its video stream became accessible to anyone who typed in the correct net address. In each case, this consisted of the user's IP address followed by an identical sequence of 15 characters. The writer then showed how the Shodan search engine - which specialises in finding online devices - could be used to discover cameras vulnerable to the flaw.
"Last I ran this there was something like 350 vulnerable devices that were available," the author wrote at the time. However, it appears that others then took advantage of the technique to expose other links and uploaded them to the net. Within two days, a list of 679 web addresses had been posted to one site, and others followed - in some cases listing the alleged Google Maps locations associated with each camera.
posted: Tech news website The Verge first publicised the issue last week after discovering a blog which had published details of the vulnerability on 10 January.
The author discovered that after setting up one of the cameras with a password, its video stream became accessible to anyone who typed in the correct net address. In each case, this consisted of the user's IP address followed by an identical sequence of 15 characters. The writer then showed how the Shodan search engine - which specialises in finding online devices - could be used to discover cameras vulnerable to the flaw.
"Last I ran this there was something like 350 vulnerable devices that were available," the author wrote at the time. However, it appears that others then took advantage of the technique to expose other links and uploaded them to the net. Within two days, a list of 679 web addresses had been posted to one site, and others followed - in some cases listing the alleged Google Maps locations associated with each camera.
Oops? I'm often amazed that, here in the interweb era, software security seems an afterthought.
-----signature-----
I radiate more heat than light.
I know what you're trying to do but you're just sailing another failboat over the falls. - imaloon1
I know what you're trying to do but you're just sailing another failboat over the falls. - imaloon1