In general, cloud services have far better security than DIY systems.
Where are you pulling this from? These aren’t “DIY”. DIY is when you roll your own remote network access (e.g. VPN, DDNS, port forwarding, etc) or FOSS software/hardware. I’d trust most DIY systems more than any cloud provider, because most DIY systems would be LAN only or VPN accessible. The QR code authentication mentioned in the article sounds like these are generic IP security cameras of stock firmware, that utilize a cloud server to enable remote viewing over the internet. Even reputable cloud services use the same method to connect or setup individual cams to their cloud.
All of the hacked systems in this article are home based systems.
That doesn’t mean the exploits used are of no fault of the user — from the vendors authentication implementation, software, or hardware.
Ok… But cloud services are centralized and have a lot more content to obtain, so that fundamentally makes them a more valuable target. This alone adds a level of relational security to maintaining a home backup of the information. Unless someone happens upon your home network and decides to hack it, or you download a file that sends up a flare, nobody is going to seek it out unless they know you have something specific they want.
If you have an IP camera system exposed to the outside, they will “happen upon you” within the hour.
It’s one of the top things searched for in wide net port scans.
But unlike those cloud services, your home network likely doesn’t have enterprise level threat detection to alert you to it, or a team of network engineers to try to guard against it.
Why the fuck are you broadcasting a beacon to come hack your network? Of course they are going to find it if you light it up like a Christmas tree with a giant neon sign. I said you set up your cameras to record locally. Only an idiot would set up a camera system with an unsecured exposed port. Hell, set up anything with an unsecured exposed port for that matter. Especially one that is an always broadcasting system. It doesn’t even matter if you use a cloud provider at that point. All they have to do is hack an network hop near your home and install a man in the middle and they don’t have to bother hacking a server farm to get your videos.
Maybe, but the difference is a lot more people are going to be looking to target the cloud provider than your home network. To say nothing of the fact that your videos on the cloud are subject to the terms and services that you agree to and those terms can be changed at any time. And also the fact that you can’t guarantee that the stuff you delete off of that server is actually being deleted.
a lot more people are going to be looking to target the cloud provider than your home network.
I can show you logs with tens of thousands of hits from all IPs all over the globe trying to gain access to a single NVR that has a port open on the WAN side of a network.
Besides email servers or FTP servers, cameras are the next highest thing target for attacks. The minute they go online they become a flaming red beacon for hackers.
You can’t connect home system that is never connected to internet, basically make home server and hook up cameras and don’t ever connect that to internet
The problem is cameras like these, the kind that people are putting up inside their own homes, facing their living spaces, their own damn bedrooms, they’re sold to people that have this desire to be able to check in with those cameras remotely at any time, without a good reason.
The only reason my mother seems to have crap like this set up is so she can see the dogs when she’s not home. They’re just sleeping.
Internet connected, living space directed cameras are this bizarre consumer electronics trend that has no legitimate use case for like 90% of the people that rush to use it. Certainly not one that merits the security risks and the privacy invasion that they are inviting on themselves.
Why the fuck do people put security cameras in their bedrooms? It’s so weird to me that people do this. Even if you think (or at least thought) that you were the only one with access to the footage, won’t the presence of a camera make you feel like you’re being watched? Are we not on camera enough as it is that we have to be on camera in the supposed privacy of our bedrooms? Imagine if you told George Orwell that people would willingly put cameras in their most personal and private spaces.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@lemmy.world
This is a most excellent place for technology news and articles.
This is why you shouldn’t use cloud services for personal security, because the cloud is just someone else’s computer.
In general, cloud services have far better security than DIY systems. All of the hacked systems in this article are home based systems.
Where are you pulling this from? These aren’t “DIY”. DIY is when you roll your own remote network access (e.g. VPN, DDNS, port forwarding, etc) or FOSS software/hardware. I’d trust most DIY systems more than any cloud provider, because most DIY systems would be LAN only or VPN accessible. The QR code authentication mentioned in the article sounds like these are generic IP security cameras of stock firmware, that utilize a cloud server to enable remote viewing over the internet. Even reputable cloud services use the same method to connect or setup individual cams to their cloud.
That doesn’t mean the exploits used are of no fault of the user — from the vendors authentication implementation, software, or hardware.
Ok… But cloud services are centralized and have a lot more content to obtain, so that fundamentally makes them a more valuable target. This alone adds a level of relational security to maintaining a home backup of the information. Unless someone happens upon your home network and decides to hack it, or you download a file that sends up a flare, nobody is going to seek it out unless they know you have something specific they want.
If you have an IP camera system exposed to the outside, they will “happen upon you” within the hour.
It’s one of the top things searched for in wide net port scans.
But unlike those cloud services, your home network likely doesn’t have enterprise level threat detection to alert you to it, or a team of network engineers to try to guard against it.
Why the fuck are you broadcasting a beacon to come hack your network? Of course they are going to find it if you light it up like a Christmas tree with a giant neon sign. I said you set up your cameras to record locally. Only an idiot would set up a camera system with an unsecured exposed port. Hell, set up anything with an unsecured exposed port for that matter. Especially one that is an always broadcasting system. It doesn’t even matter if you use a cloud provider at that point. All they have to do is hack an network hop near your home and install a man in the middle and they don’t have to bother hacking a server farm to get your videos.
Maybe, but the difference is a lot more people are going to be looking to target the cloud provider than your home network. To say nothing of the fact that your videos on the cloud are subject to the terms and services that you agree to and those terms can be changed at any time. And also the fact that you can’t guarantee that the stuff you delete off of that server is actually being deleted.
I can show you logs with tens of thousands of hits from all IPs all over the globe trying to gain access to a single NVR that has a port open on the WAN side of a network.
Besides email servers or FTP servers, cameras are the next highest thing target for attacks. The minute they go online they become a flaming red beacon for hackers.
You can’t connect home system that is never connected to internet, basically make home server and hook up cameras and don’t ever connect that to internet
The problem is cameras like these, the kind that people are putting up inside their own homes, facing their living spaces, their own damn bedrooms, they’re sold to people that have this desire to be able to check in with those cameras remotely at any time, without a good reason.
The only reason my mother seems to have crap like this set up is so she can see the dogs when she’s not home. They’re just sleeping.
Internet connected, living space directed cameras are this bizarre consumer electronics trend that has no legitimate use case for like 90% of the people that rush to use it. Certainly not one that merits the security risks and the privacy invasion that they are inviting on themselves.
Half the reason to own a security camera system is so you can monitor it while away. Can’t do that if the system isn’t online.
Also, quit putting unnecessary, Internet connected cameras indoors.
I seriously cannot fathom the amount of people that seem to want to put cameras up in their own bedrooms and just let them stream video constantly.
It has nothing to do with any serious home security, and everything to do with mindless consumerism. Hopefully it’s a trend that will pass.
I know it’s not 100% the same, but there’s a website that gives you access to insecure webcams and has been for ages!
http://www.insecam.org/
Obviously these aren’t hacked as per the article
Shodan.io
Ironic that the website itself is http.
LMAO don’t put a fucking camera in your bedroom you dummies
I’m assuming they are in young children’s bedrooms. There’s only one reason to put a camera in an adult’s bedroom ( ͡° ͜ʖ ͡°)
And don’t stay at hotels or airBnB or …. Well just don’t sleep.
Why the fuck do people put security cameras in their bedrooms? It’s so weird to me that people do this. Even if you think (or at least thought) that you were the only one with access to the footage, won’t the presence of a camera make you feel like you’re being watched? Are we not on camera enough as it is that we have to be on camera in the supposed privacy of our bedrooms? Imagine if you told George Orwell that people would willingly put cameras in their most personal and private spaces.
removed by mod