Wireless baby monitor hacked, baby insulted


#1

[Permalink]


#2

For what it's worth, Team BBC says that the camera involved was a Foscam product. Looking at their product lineup strongly suggests that this was an IP cam, presumably hit through some horrifyingly trivial failure of implementation, rather than one of the old-school 900MHz or 2.4GHz analog video blaster systems (which are even worse; but at least only accessible within RF range, rather than anywhere).

Unfortunately, the security of embedded computers is generally pretty appalling, and 'security' cameras have the handy feature of being pointed at things people value...


#3

Geez, poor kid!

This reminds me of a story in Ghost in the Wire when Kevin Mitnick and his high school buddies hacked into the drive-through intercom at McDonald's and hurled abuse at drivers just trying to place their orders...


#4

Oh good, I have that IP cam. Unless the parents in the story failed to secure it with a password (or something equally basic), I suppose I'm at risk as well. Time to check that firmware version...

EDIT: and yeah, the latest firmware includes:

  • Enhance security to prompt user change the default blank login password
  • Fix several vulnerabilities to improve security

I imagine most parents who buy such a device would have no idea what "firmware" is.


#5

It doesn't seem to me the camera should have to be secure any more than a diamond ring should prevent itself from being stolen. The person using the camera should be responsible for securing it same as they're responsible for securing their jewelery. All an IP camera does is run a webserver for you to download/control the camera. It's up to you put make sure it's not accessible from outside your local network.

If it somehow punched a hole through your router/firewall maybe that would be cause to hold the company responsible. Otherwise no.

BTW: As an aside, every app you download to your phone/tablet can potentially see everything on every network you connect it to. I'd suggest running OpenWRT or some other router that lets you run multiple wireless networks. Put your phone / tablet on one network and your PC on another (not without its headaches but...)


#6

I like that this post is just downstream from Cory's review of the minimalist parenting book. If I felt the need to take an occasional peek in on my kids, I think I'd use the wired network that connects my eyes to my visual cortex.


#7

Of course, one of the most useful things about an IP cam is being able to access it over the internet. That's problematic if one's really using it as a "baby monitor", I suppose (I'm not), but in any case any device exposed to the internet needs to be secured and regularly updated.

If I weren't lazy, I'd probably set up a home VPN rather than just punching a hole in the firewall; but it really would be nice to know more about the attack vector used in this case.


#8

Fairly reliable the ol' eye sockets are, and they require minimal configuration.


#9

Sorry I'm going to get geeky here but ...

SSH is your friend. (or VPN). You put the camera on your local net and don't make it accessible from the internet directly. You setup an SSH server. Some routers can do this otherwise you need a PC always running Win/OSX/Linux. You set up dynamic dns. Most routers can do this. You then SSH tunnel into your local network to the IP camera. Too much to go into here. Maybe someone should ask this question on a stackexchange site?

Clearly there's a market for a less geeky solution (although as a geek I have a problem trusting non-open source networking stuff).


Securing IP Cameras
#10

The weakness in the camera allows you to just hit a URL and get the mjpeg feed. No authorisation required! There is some more info here: http://atenlabs.com/blog/get-your-creep-on/ and a real life implementation at http://www.atenlabs.com/camwar/.

This is a variation on the 'people leaving random crap open on the internet' thing.


#11

It is an IP Foscam, I have the same. The easiest software solutions for the camera were horribly insecure. I was able to put something together that was more secure, but the thing crapped out after 3 months, so it's no longer an issue.


#12

Just replied as new topic (over to the top right of original comment), if you want to carry on the discussion.


#13

Am I going to hell if I thought this was funny?


#14

Our old analogue baby monitor was picking up crying babies elsewhere along the street at one point. It occured to me that you could write a great horror story around that with disturbed people spying on their neighbours kids bedrooms.


#15

Here is a tragifarce with an angry and ignorant baby-monitor user facing off against a frustrated HAM radio enthusiast who wants their cheap, nasty, RF-spewing garbage off his licensed band...

No apparent malice on the eavesdropper's part; but apparently the quality control on cheap baby monitors is...not everything it might be...


#16

at least most parents are aware their babies beeing very "wetware".


#17

I prefer to think that it's picking up the ghosts of murdered babies.


#18

I think that's a bug in a different model of camera.

The Foscam hack is based on a directory traversal bug (see here) which dumps the system memory, then you can extract the username/password from the dump.


#19


#20

Someone needs to tell this guy about "the Internet". I seriously do not get HAM radio enthusiasts post 2003 or so.