Category: IT|Dec 4, 2022 | Author: Admin

Cameras sold in Norway are a security disaster

Share on

"Server error" allowed Eufy owners to see into each other's homes,"

Such poor security that it is hard to fathom
At the time, customers of Anker's "security cameras" explained that they "could see every single camera, front door, back door, bedroom, living room, garage, kitchen, their recording started by motion, everything."

 

Furthermore, we reported that "Eufy has stated to Android Police that the error lasted for an hour and that it did not affect their baby-call products. On Reddit, a message is shared that should have been sent from Eufy to their customers.”

 

There should also be problems with content that should not be shared with the cloud being shared with the cloud regardless of whether the function is not activated - the security key should also be out of the way (Paul Moore has sued Anker):

 

 

Videos from Eufy cameras are not even encrypted
Now it is the winter of 2022 and the problem is not fixed but is so much worse than anyone could have imagined. According to The Verge, even the company has lied to them and said that what is happening now is not technically possible.

 

So what is happening now? Yes, it is possible via a hack to connect to any Anker Eufy camera via video apps such as VLC - that's right; there is no encryption of the video stream, despite Anker's advertising:

 

 

Supposedly lied to The Verge
The problems continue for Anker, for The Verge asked the company, which is mainly known for chargers if it is actually true that you can video stream other people's security cameras with VLC because nothing is encrypted. The advantage is that sleeping cameras will not be woken if you try.

 

“I can confirm that it is not possible to start a stream and watch live video with a third-party player like VLC,” Brett White explained to The Verge.

 

The newspaper can now confirm that this is not true:

 

This week we repeatedly watched live footage from two of our own Eufy cameras using the same VLC media player from across the US. It proves that Anker has a way to bypass encryption and access these supposedly secure cameras through the cloud.

 

“But it gets worse”
According to The Verge, it has not been proven that malicious actors have tried the trick before, which includes logging in with a username and password "before Eufy's website hosts the encryption-free stream."

 

Okay, that's good. It's also good that the cameras have to be active to peek, but there is an even bigger problem that follows this:

 

“Eufy's best practices appear to be so poor that malicious actors may be able to figure out the address of a camera stream. This is because the address largely consists of the camera's serial number coded in Base64, which you can easily reverse with a simple online calculator."

Sources: The Verge

Sponsored Ads:

Comments:


Smart mobile function on its way to Windows

Category: Microsoft|May 28, 2024 | Author: Admin

The camera upgrade will be fantastic

Category: IT|May 27, 2024 | Author: Admin

Microsoft battens security hatches on Windows admin accounts

Category: Microsoft|May 26, 2024 | Author: Admin

Apple will not be alone in this

Category: Apple|May 25, 2024 | Author: Admin

Spotify gadgets become trash in December

Category: General|May 24, 2024 | Author: Admin

Need to share passwords?

Category: Google|May 23, 2024 | Author: Admin

Gets cool function soon

Category: Google|May 22, 2024 | Author: Admin

Will be open source

Category: IT|May 21, 2024 | Author: Admin

Frustration grows over Google's AI Overviews feature, how to disable

Category: Google|May 20, 2024 | Author: Admin

Is a tablet for NOK 3,800 good enough? - "OnePlus Pad Go"

Category: IT|May 19, 2024 | Author: Admin

Microsoft is ending Edge support on computers without SSE3

Category: Microsoft|May 18, 2024 | Author: Admin

Gratulerer med 17. mai!

Category: General|May 17, 2024 | Author: Admin

Now many can try Android 15

Category: Google|May 16, 2024 | Author: Admin

Apple has released iOS 17.5

Category: Apple|May 15, 2024 | Author: Admin

Toshiba demonstrates 30TB+ HDDs using HAMR and MAMR technologies — customer sampling scheduled for 2025

Category: IT|May 14, 2024 | Author: Admin
more