Stories
Slash Boxes
Comments

SoylentNews is people

Webcams Used to Attack Reddit and Twitter Recalled

posted by martyb on Tuesday October 25 2016, @12:22PM   Printer-friendly
from the rein-in-the-bots dept.

Phoenix666 writes:

Home webcams that were hijacked to help knock popular websites offline last week are being recalled in the US.

Chinese electronics firm Hangzhou Xiongmai issued the recall soon after its cameras were identified as aiding the massive web attacks.

They made access to popular websites, such as Reddit, Twitter, Spotify and many other sites, intermittent.

Security experts said easy-to-guess default passwords, used on Xiongmai webcams, aided the hijacking.

The web attack enrolled thousands of devices that make up the internet of things - smart devices used to oversee homes and which can be controlled remotely.

Will we go through this over and over with toasters, refrigerators, and every other connected appliance?

Original Submission

 
This discussion has been archived. No new comments can be posted.
Webcams Used to Attack Reddit and Twitter Recalled | Log In/Create an Account | Top | 25 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Tuesday October 25 2016, @06:42PM

    by Anonymous Coward on Tuesday October 25 2016, @06:42PM (#418668)

    I've been seeing this for as long as I've been in IT. Security isn't seen as a requirement when people develop products. When you buy a webcam, does it occur to you to care whether it's secure? Maybe. Does it occur to John Q. Public? Not at all.

    Actually, it does. My question, though, is what can I do about it? There isn't a sticker on the equipment saying how secure or insecure it is, and I'm not spending hours researching online trying to find a proverbial needle in the haystack of marketing information to find out what is secure. That's not counting things which are thought to be secure but later have security holes found in them.

    Does anybody have advice? My current policy of "paranoia-based buy nothing" works... but means there are many shiny things I can't get.

  • (Score: 0) by Anonymous Coward on Tuesday October 25 2016, @09:49PM

    by Anonymous Coward on Tuesday October 25 2016, @09:49PM (#418735)

    Get a decent router, completely block internet access off to these devices. If you need to access them remotely, perhaps VPN in to your local network or access it through a remote connection to a secure computer on your network.

    You really can't trust these things to be secure, because your average consumer know nothing about security and they care more that it is easy to use, very few manufacturers are going to care about security especially when the security impacts easy of use.

    Something like a home webcam you can build yourself using a Raspberry Pi. It is certain to be more effort than an off-the-shelf solution, but easier to secure, and you'll always be able to update the software that runs on it.