Viewing a single comment thread. View all comments

PunkinBrewster t1_ixqgi2b wrote

Reply to comment by HisAnger in UK bans Chinese cameras from government buildings by Alvin_Chen

Plus firmware updates can unlock no end of additional capabilities. Even if it isn't dangerous now, it could be with an update.

44

noplace_ioi t1_ixsx76k wrote

serious question: what is the risk of getting said cameras, blocking them from accessing internet in the firewall and using something like BlueIris to operate them?

1

[deleted] t1_ixt8xeu wrote

[deleted]

1

HisAnger t1_ixv5d8o wrote

It is not only that, you can hide wifi capability and device can wait for a signal to activate it. You can park a car next to a building and get access to all cameras ... or get a back door to someone's network

2

MaxwellCE t1_ixr2y4h wrote

Can't wait for the firmware update on my phone to add an extra camera module.

−11

PunkinBrewster t1_ixr4gct wrote

No, but the firmware update to enable the camera without notifying the operating system and secret the data out via DNS queries to Chinese name servers is in beta.

23

[deleted] t1_ixrr1l6 wrote

[deleted]

1

PunkinBrewster t1_ixruugt wrote

Data exfiltration is an art as much as a science. A company can minimize their risk, but never eliminate it. Unless your devices are completely airgapped, there is always a risk.

8

SRM_Thornfoot t1_ixryz5h wrote

Even airgapped there is a risk. See my post above.

3

PunkinBrewster t1_ixs10tt wrote

Oh, agreed. My favorite story of these types of exfiltrations is The Thing. This was done almost 80 years ago. It is insane what can be done now.

2

SRM_Thornfoot t1_ixryszk wrote

A simple way would be for the camera to have secret built in bluetooth. Even if the camera were set up hard wired to a private intra-net the image could be retrieved if an external bluetooth receiver was positioned in range of the camera.

For example a car could be parked with a receiver/recorder outside an embassy, or a tourist could have a receiver/recorder in their purse while touring inside the Capital building.

(and that is just one way to do it)

4

BumPumpyFace t1_ixrx0k7 wrote

There could be an IOT mobile sim in there for all you know.

2

[deleted] t1_ixryilx wrote

[deleted]

−1

BumPumpyFace t1_ixs61th wrote

That's not quite how IOT sims work. They're used frequently in industrial telemetry at very large scale and they work anywhere.

Plus, nation states do all sorts of wacky expensive shit.

The point is, it's possible.

3

justinlongbranch t1_ixs66z0 wrote

Sim cards are cheap, just activate the ones you want later. It probably wouldn't even be all that tough to disguise em

1

Kaeny t1_ixsc4xk wrote

I have a feeling youre kidding, but if not you gotta think a little deeper

1