Subscriber Discussion

Monday March 6 2017

Avatar
Brian Karas
Mar 07, 2017
IPVM

Screengrabs of dahua backdoor script

Added content to Dahua Backdoor post

Phonecalls with Janet Fenner (suggested they do a bug bounty program, even in the current state, better to show you are serious about fixing issues, etc.). Also talked briefly about pen testing firms, suggested Rapid7 as they worked with Hik.

Call with Anvil Group (local guy finally returned my call), should have what I need from them now.

Received email from Cobalt PR person with standard release info attached, told her we do actual analysis, and needed more details (listed out usual stuff, price, channel, strategy, battery info, etc.).  She replied:

"Hi Brian, 
For the next few weeks, Cobalt is staying laser-focused on iterating and refining the security aspects of the product for our initial pilot customers. It would be premature of us to provide any guidance or details on pricing, partnerships, sales channels, or new customer opportunities.  Perhaps we can reach back out when the timing is more appropriate.
Best,
Angela"

They are making the product public, but are too busy refining it to talk to their target audience... Not off to a good start.

Tomorrow I need to knock out a few posts.

Avatar
Brian Rhodes
Mar 07, 2017
IPVMU Certified

Did Mirolli class

Prepped deck for Class 9 tomorrow (form factors)

Continued to write DMP during gaps - will finish tomorrow

Avatar
Ari Erenthal
Mar 07, 2017

Mirolli class.

Finished motion detector tutorial.

Emailed camera cleaner guy.

Added Lightning's GIFs to alarm contact post, which is now finished-finished, including main news image. 

Glassbreak tutorial 90% done. I want to talk false alarms over with somebody, and then I'll be done with it. Also I am having trouble finding an image of a shock. I asked around but couldn't get anybody to send me any. Should I just buy one and mount it to a window and take a picture? It's less than $20. 

JH
John Honovich
Mar 07, 2017
IPVM
In reply to Ari Erenthal

Should I just buy one and mount it to a window and take a picture? It's less than $20.

Well, it's the time for you to go buy it unless you get it shipped to you.

If you spend the time / money to get it, you might as well spend an additional hour or two doing light testing / experiments with it.

Avatar
John Scanlan
Mar 07, 2017
IPVM • IPVMU Certified

updated simplisafe report

member support

final exam grading, ~30 or so are in now

vms vs nvr export test

followed up with derek; sony is complete, atv is complete.  followed up with flir and I have the current list, will go through it in the morning and send on to derek.

JH
John Honovich
Mar 07, 2017
IPVM
In reply to John Scanlan

updated simplisafe report

So its ready for publication or?

Avatar
John Scanlan
Mar 07, 2017
IPVM • IPVMU Certified
In reply to John Honovich

Yes, I made the changes that you requested and Ben updated the video, which I embedded.

JH
John Honovich
Mar 07, 2017
IPVM
In reply to John Scanlan

For all, when a post is ready for publication, make that clear. Otherwise, I am not sure if 'updated' means finished or progress is made but not finished.

JS, forward me the emails from Adam. And I should be cc:ed in the future. I need to be surely we are fairly and accurately incorporating feedback from sources.

JH
John Honovich
Mar 07, 2017
IPVM
In reply to John Scanlan

This report is NOT ready for publication.

How many times do I need to say include a free image and a home page image?

Otherwise, I need to figure out how to get images for someone else's work when that person clearly has easier access to such images.

I have not read the rest since those things need to be done.

New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions