Hey Sean, just figured I’d take the bait (as one of those former Hik dealers) and throw my two cents in here.
First to clarify: a device with cyber security vulnerabilities/hard codes backdoors/exploits/etc, yeah can be a “weapon” but realisticly it is more of a “bug” or spy device. Most of us, maybe not all, know China is not going to blow us up and kill everyone with “cyber warheads” (another term I believe you may have coined lol). However it is very realistic to assume China itself or bad actors/black hats/corporate espionage types will attempt to use vulnerable points of entry (like criminals due into properties... most don’t try to “crack the vault” like in the movies but prefer that weak/improperly installed door, open window, doggy door, etc same in cyber security). So what might these bad actors (Chinese and other nationalities as well) try to do with insecure devices? Mine Bitcoin (or more likely Monero)? Not a “warhead” but certainly bad since that overworking of the poor little camera is going to burn it out prematurely which will cost the end-user money ie damages. Hack into an otherwise secure network? Hey happens all the time, I have a buddy who used to drive around with an antenna and an empty pringle can to hack (white hat style) into networks and them use that as a selling point for his IT services (hey I got in through that D-Link router installed by your manager in his office, might want to pay me to secure it so someone else doesn’t do the same). Ok so what someone hacked in through a camera, recorder, router, smart coffee maker, whatever? Well sure unless you are the Navy (sound familiar?) or a major corporation with trade secrets, etc. There are plenty of other bad things hackers can do, but I think I have made my point and then some?
Second, to your questions:
IPVM did not brainwash me into thinking the Chinese government and Hikvision are evil. Just shed light on the truth of the connection and I decided to purchase from different Chinese companies aka Hikhua/Dahik (though i am looking for a non Chinese yet still value line... Hanwha or Dynacolor maybe idk?).
Yes I did inform my clients who took their cyber security seriously after discovering the truth. They opted to leave the systems in place and apply mac address filters and other security measures. However when they wanted to expand the system they opted for Dahua instead (even after I shared about the backdoors and other hacks). They feel their security measures are sufficient to protect them, so they feel safe in taking a chance on a Chinese company but can’t in good conscience buy directly from a PRC owned and controlled company.
As for how we did the break down of cost with the client, we paid out of pocket to replace the nvr, they paid for all the new work. The existing Hik cams are still in place, but have no direct access to the web.
On a side note, I do some sub work for some huge integration companies who won’t touch Dahik/Hikhua or anything other than Avigilon/Axis/etc and they make millions selling cameras that sometimes cost as much as an entire 8 channel system. Different strokes for different folks I guess? I guess it is all about perceived value. Some clients value budget items (Kias/Hyundais/Hikvision/etc) and others care about brands, features and security (Bentley/Tesla/Axis/etc).