Wireless baby monitor hacked, baby insulted

[Permalink]

1 Like

For what itā€™s worth, Team BBC says that the camera involved was a Foscam product. Looking at their product lineup strongly suggests that this was an IP cam, presumably hit through some horrifyingly trivial failure of implementation, rather than one of the old-school 900MHz or 2.4GHz analog video blaster systems (which are even worse; but at least only accessible within RF range, rather than anywhere).

Unfortunately, the security of embedded computers is generally pretty appalling, and ā€˜securityā€™ cameras have the handy feature of being pointed at things people valueā€¦

3 Likes

Geez, poor kid!

This reminds me of a story in Ghost in the Wire when Kevin Mitnick and his high school buddies hacked into the drive-through intercom at McDonaldā€™s and hurled abuse at drivers just trying to place their ordersā€¦

2 Likes

Oh good, I have that IP cam. Unless the parents in the story failed to secure it with a password (or something equally basic), I suppose Iā€™m at risk as well. Time to check that firmware versionā€¦

EDIT: and yeah, the latest firmware includes:

  • Enhance security to prompt user change the default blank login password
  • Fix several vulnerabilities to improve security

I imagine most parents who buy such a device would have no idea what ā€œfirmwareā€ is.

3 Likes

It doesnā€™t seem to me the camera should have to be secure any more than a diamond ring should prevent itself from being stolen. The person using the camera should be responsible for securing it same as theyā€™re responsible for securing their jewelery. All an IP camera does is run a webserver for you to download/control the camera. Itā€™s up to you put make sure itā€™s not accessible from outside your local network.

If it somehow punched a hole through your router/firewall maybe that would be cause to hold the company responsible. Otherwise no.

BTW: As an aside, every app you download to your phone/tablet can potentially see everything on every network you connect it to. Iā€™d suggest running OpenWRT or some other router that lets you run multiple wireless networks. Put your phone / tablet on one network and your PC on another (not without its headaches butā€¦)

1 Like

I like that this post is just downstream from Coryā€™s review of the minimalist parenting book. If I felt the need to take an occasional peek in on my kids, I think Iā€™d use the wired network that connects my eyes to my visual cortex.

4 Likes

Of course, one of the most useful things about an IP cam is being able to access it over the internet. Thatā€™s problematic if oneā€™s really using it as a ā€œbaby monitorā€, I suppose (Iā€™m not), but in any case any device exposed to the internet needs to be secured and regularly updated.

If I werenā€™t lazy, Iā€™d probably set up a home VPN rather than just punching a hole in the firewall; but it really would be nice to know more about the attack vector used in this case.

1 Like

Fairly reliable the olā€™ eye sockets are, and they require minimal configuration.

4 Likes

Sorry Iā€™m going to get geeky here but ā€¦

SSH is your friend. (or VPN). You put the camera on your local net and donā€™t make it accessible from the internet directly. You setup an SSH server. Some routers can do this otherwise you need a PC always running Win/OSX/Linux. You set up dynamic dns. Most routers can do this. You then SSH tunnel into your local network to the IP camera. Too much to go into here. Maybe someone should ask this question on a stackexchange site?

Clearly thereā€™s a market for a less geeky solution (although as a geek I have a problem trusting non-open source networking stuff).

4 Likes

The weakness in the camera allows you to just hit a URL and get the mjpeg feed. No authorisation required! There is some more info here: http://atenlabs.com/blog/get-your-creep-on/ and a real life implementation at http://www.atenlabs.com/camwar/.

This is a variation on the ā€˜people leaving random crap open on the internetā€™ thing.

1 Like

It is an IP Foscam, I have the same. The easiest software solutions for the camera were horribly insecure. I was able to put something together that was more secure, but the thing crapped out after 3 months, so itā€™s no longer an issue.

1 Like

Just replied as new topic (over to the top right of original comment), if you want to carry on the discussion.

1 Like

Am I going to hell if I thought this was funny?

1 Like

Our old analogue baby monitor was picking up crying babies elsewhere along the street at one point. It occured to me that you could write a great horror story around that with disturbed people spying on their neighbours kids bedrooms.

1 Like

Here is a tragifarce with an angry and ignorant baby-monitor user facing off against a frustrated HAM radio enthusiast who wants their cheap, nasty, RF-spewing garbage off his licensed bandā€¦

No apparent malice on the eavesdropperā€™s part; but apparently the quality control on cheap baby monitors isā€¦not everything it might beā€¦

2 Likes

at least most parents are aware their babies beeing very ā€œwetwareā€.

I prefer to think that itā€™s picking up the ghosts of murdered babies.

I think thatā€™s a bug in a different model of camera.

The Foscam hack is based on a directory traversal bug (see here) which dumps the system memory, then you can extract the username/password from the dump.

Someone needs to tell this guy about ā€œthe Internetā€. I seriously do not get HAM radio enthusiasts post 2003 or so.