Please login or register.

Login with username, password and session length

Author Topic: Yet another security issue  (Read 3794 times)

dhouston

  • Advanced Member
  • Hero Member
  • ******
  • Helpful Post Rating: 37
  • Posts: 2547
    • davehouston.org
Yet another security issue
« on: January 18, 2017, 08:47:18 AM »

http://arstechnica.com/security/2017/01/its-shockingly-easy-to-hijack-a-samsung-smartcam-camera/
After hijacking the camera the hackers have access to your whole system.
Logged
This message was composed entirely from recycled letters of the alphabet using only renewable, caffeinated energy sources.
No twees, wabbits, chimps or whales died in the process.
https://www.laser.com/dhouston

Tuicemen

  • Administrator
  • Hero Member
  • ****
  • Helpful Post Rating: 283
  • Posts: 10509
  • I don't work for X10, I use it successfuly!
Re: Yet another security issue
« Reply #1 on: January 18, 2017, 08:54:25 AM »

IP cameras have always been vulnerable to hackers.
Although those that have been making them for some time now are a bit more secure.


Logged
Please Read Topic:
General Forum Etiquette
Before you post!

bkenobi

  • PI Expert
  • Hero Member
  • ******
  • Helpful Post Rating: 24
  • Posts: 2082
Re: Yet another security issue
« Reply #2 on: January 18, 2017, 11:48:17 AM »

This hack requires access to the camera IP which means the hacker must be inside the network.  If the network is already exposed, hacking a camera to give access to the network is kinda silly.  This seems like a nice way to add capabilities to the camera, but it could allow someone to insert code onto the camera to send data outside without the hacker remaining on site.  It's an example of how people are buying toys without knowing their full capabilities/liabilities though.  Good info!

HA Dave

  • Hero Member
  • *****
  • Helpful Post Rating: 175
  • Posts: 7127
Re: Yet another security issue
« Reply #3 on: January 18, 2017, 02:11:53 PM »

...... It's an example of how people are buying toys without knowing their full capabilities/liabilities though.  Good info!

EXACTLY! Here is what people forget.

If you live in America... your government is already capturing all your data... you can NOT stop that.

If you live in America... China has already captured your data... often times from your government.

Every computer sold has already been hacked. The spyware is in the drivers. Unless you re-write your own drivers... your hacked.

People are killed and houses broken into almost every minute. Cyber crime... is far less serious. 

You have NO SPAM OF CONTROL over hackers. You follow the (normal security) rules and hope for the best. Unless you're trying to conceal top secret information on your home PC... you should be OK. Otherwise.... paper in a safe works well too.
Logged
Home Automation is an always changing technology

toasterking

  • Hero Member
  • *****
  • Helpful Post Rating: 11
  • Posts: 347
  • We adore chaos because we love to produce order.
Re: Yet another security issue
« Reply #4 on: January 19, 2017, 04:43:47 PM »

Every computer sold has already been hacked. The spyware is in the drivers. Unless you re-write your own drivers... your hacked.
I was unaware of personal computers shipping with device drivers that somehow behave as spyware.  I'm intrigued by the concept but cannot find any information on it.  Do you have a link that you can share that goes into detail on this?
Logged

HA Dave

  • Hero Member
  • *****
  • Helpful Post Rating: 175
  • Posts: 7127
Re: Yet another security issue
« Reply #5 on: January 19, 2017, 05:02:12 PM »

I was unaware of personal computers shipping with device drivers that somehow behave as spyware.  I'm intrigued by the concept but cannot find any information on it.  Do you have a link that you can share that goes into detail on this?

It was never "classified" information. I remember also reading about that somewhere on the internet. But when I worked for the government we found spyware in the drivers of things like sound cards, printers and such. We had to contract code writers to recreate everything. Then when we bought new PC's we'd erase and download our own driver versions from our own servers... everything... updates and everything came by way of our own servers.
Logged
Home Automation is an always changing technology

toasterking

  • Hero Member
  • *****
  • Helpful Post Rating: 11
  • Posts: 347
  • We adore chaos because we love to produce order.
Re: Yet another security issue
« Reply #6 on: January 19, 2017, 05:21:15 PM »

Okay, I think I tripped on the semantics.  If you're talking about software that sends usage information back to the manufacturer, that's usually in a user-mode application that gets installed with the driver.  I've never heard of the device driver by itself calling home, nor of it being possible, since all the driver is supposed to be able to do is bridge the OS to a piece of hardware at a low level, and creating a TCP/IP connection to the Internet happens at a much higher level.  You could have a kernel-mode driver installed as part of a rootkit, but that's a different thing entirely.  It's nearly always possible to remove or defeat those bundled user-mode applications and still use the driver.

I expect that your contractors were tasked with doing just that -- divorcing the bloatware from the drivers and repackaging them without it -- since actually rewriting the drivers would require intimate knowledge of the specific hardware device, its firmware, its communication protocol, and all its nuances, and manufacturers don't typically release things like that.  That's interesting, though.  I'm glad to see someone taking this seriously as a security issue, because we don't know what's really included in the "anonymous usage statistics".

FWIW, the first thing I do when I buy any Windows device is to make a backup of the OEM preload, reformat the internal disk, and reinstall everything minus the bloatware from a known good source, as you also described.  That kind of project can take days to figure out, and I'm sure I'm not as thorough as your contractors were.
Logged

HA Dave

  • Hero Member
  • *****
  • Helpful Post Rating: 175
  • Posts: 7127
Re: Yet another security issue
« Reply #7 on: January 19, 2017, 05:41:23 PM »

...... You could have a kernel-mode driver installed as part of a rootkit, but that's a different thing entirely.  It's nearly always possible to remove or defeat those bundled user-mode applications and still use the driver.

I expect that your contractors were tasked with doing just that -- divorcing the bloatware from the drivers and repackaging them without it -- since actually rewriting the drivers would require intimate knowledge of the specific hardware device, its firmware, its communication protocol, and all its nuances, and manufacturers don't typically release things like that. 

If it makes you sleep better thinking that we couldn't tell the difference between adware and spyware. Or that Microsoft didn't open there OS for the government.... Or that the government couldn't scrape up enough to pay contractors enough to attract them....  then sure... you believe that.

Everyone obsesses about something... I guess. But every home, every car, every living being (and every phone and PC) are vulnerable to entry and/or harm... 24/7. And there is nothing anyone can do to actually change that.
 
Logged
Home Automation is an always changing technology

toasterking

  • Hero Member
  • *****
  • Helpful Post Rating: 11
  • Posts: 347
  • We adore chaos because we love to produce order.
Re: Yet another security issue
« Reply #8 on: January 19, 2017, 06:00:01 PM »

If it makes you sleep better thinking that we couldn't tell the difference between adware and spyware. Or that Microsoft didn't open there OS for the government.... Or that the government couldn't scrape up enough to pay contractors enough to attract them....  then sure... you believe that.
I didn't say that, I don't assume that, and I don't disagree with or take issue with anything you posted other than the feasibility of a specific bit of code that the OS identifies as a device driver sending data over any hardware other than the hardware it's controlling.  A device driver for a sound card should not be able to transmit data to anyone except those within earshot of the speakers.  The fancy room equalizer that gets installed along with the driver for the sound card, however, could be sending data anywhere via any methods that user-driven software could exploit.  It would make a lot more sense to come up with a way to install the driver without the extra programs than to write a new driver from scratch for a piece of hardware one didn't design, though I can't be sure that the latter didn't happen.
Logged

HA Dave

  • Hero Member
  • *****
  • Helpful Post Rating: 175
  • Posts: 7127
Re: Yet another security issue
« Reply #9 on: January 19, 2017, 09:52:07 PM »

....  It would make a lot more sense to come up with a way to install the driver without the extra programs than to write a new driver from scratch for a piece of hardware one didn't design, though I can't be sure that the latter didn't happen.

Yeah... it was a line-by-line edit. The contractors didn't actually create new product. A friend of mine supervised the program. And last I heard.... it was still on-going. But it has been a while.
Logged
Home Automation is an always changing technology
 

X10.com | About X10 | X10 Security Systems | Cameras| Package Deals
© Copyright 2014-2016 X10.com All rights reserved.