I have been a Dahua cheerleader for years. Slowly drifting away due to better performance from Hik lately. Also, Hik has been much more aggressive pricing wise, to the point it is close to the same cost to me. Thirdly, all of my Dahua OEM dealers have jumped ship to Hik OEM or Uniview. Dahua seems like it is dying.
NOTICE: This comment was moved from an existing discussion: Vandal Resistant IR Illuminators For Correctional Facility
Dahua response from the original discussion:
I assure you, the case is quite the opposite, which is rather apparent when considering our impending new product launches. If you would like to speak at length by phone about any of these developments, or if you would like to cite grievances with me directly, please feel free to contact me at your leisure.
NEXT MONTH NEXT MONTH NEXT MONTH! New Products next month!
Probrem now? No worry... buy the new product next month! Fix all the problems! Buy our dead stock now though plz.... plz?
In fairness to Dahua, Matt reached out to me and is trying his best to resolve my issues with Dahua. Time will tell if they are able to deliver, but I am hoping that they can fix the issues for us quickly.
Jon, thanks for the feedback. How important is Hikvision cutting prices? Alternatively put, if the other things are rectified, how much does it matter / impact your buying of Hikvision's aggressive pricing?
The Dahua pricing I was getting was almost 25% less than Hik at that time. After the aggressive pricing by Hik, and considering the issues we found with the Dahua model in use, we shifted to Hik for now. I will give Dahua a chance to fix the issue and go from there.
I am glad to see you are working it out with Matt. But that begs the question, if the relationship was there, why wouldn't a buyer (end user, integrator, dealer, etc) try to work out concerns before jumping on the pricing bandwagon? Is TCO not a consideration in the price war?
Hikvision isn't cheaper than Dahua. We are paying more for Hik due to the fact we feel they are more reliable and stable at the moment. If Dahua takes a turn for the better, we may go back to them.
You may not know this, but Dahua has had these issues for years. These aren't new concerns. We usually can overlook them, because we control the camera network and can mitigate the risk, but with this particular client, the IT dept isn't willing to give us any help.
Has Dahua not resolved your open issues? I thought I read that your problems were fixed...?
For the 4MP model, the RTSP issue is fixed. However, the OEM is still begging for an update for the 3MP version that still has the RTSP flaw. We have more of the 3MP in service than the 4MP. The latest firmware available for the 3MP IPC-HDBW5302 is 2.420.0.10, which is the defective firmware that shipped on the 4MP.
So, my OEM has spent CONSIDERABLE time working on this issue, begging China for firmware. In fact, he was able to get me 2.6 firmware for the 4MP, which includes their Smart h.264 encoding. He has been unable to get anything newer for the 3MP models though, so they remain vulnerable.
Jon, out of curiosity, what white label Dahua brands have you been purchasing?
We have bought from many Dahua OEMs, all inside the US. Here is a short list of the most used:
1) Nellys
2) GenIV
3) Techvision
4) SavvyTech
5) FLIR (not direct)
Most of these are no longer carrying, or are phasing out Dahua products.
Thirdly, all of my Dahua OEM dealers have jumped ship to Hik OEM or Uniview.
I know Dahua has recently dropped a handful of white label customers, not so much "jumping" to HIK as they are being pushed.
My best guess is to no longer compete with Dahua branded products. I know that when ADI tried to sell me Dahua branded items, their pricing was higher than my sale price to my customers. My purchase price was sometimes 50% less than the ADI price.
hello Jon:
just want to know what problem you have with Dahua products, we will give you all the support you need.
We have a client that we have installed many Dahua IP cams of various models, but specifically the IPC-HDBW5421E-Z. The issue we are having is that anyone with access to the camera VLAN can use the standard RTSP string in a browser (http://IPADDRESS/axis-cgi/mjpg/video.cgi) to view the camera stream without credentials. Worse yet, doing so changes the Encoding setting on the camera to MJPEG and max frame rate and bit rates. This essentially will greatly inflate the network bandwidth and eventually lock up the camera.
Also, DW Spectrum (VMS in use at this site) will no longer show the feed, as it is expecting a h.264 stream, not MJPEG.
My first thought was to restrict access to the camera using the IP Filter setting in the Dahua camera itself. One would think that a whitelist of allowed IPs/MACs would be a good place to start. However, and here is the flaw, the IP Filter does NOT block any access!
The logical answer here is to simply lock down the VLAN, which we don't have control of, but, the IT dept is resisting this. They say that the time spent doing so is not something they can do. Currently any PC on the network has access to the camera VLAN. They say that is secure enough for them. No one inside their org will tamper with anything.
The issue is, it just happened yesterday by accident. Someone opened an old webpage that they used to use to view now retired Axis cameras that used the same IP address of the newer Dahua cameras. This webpage had a similar RTSP string associated with the current Dahua IP addresses. When they simply viewed this page, it knocked out 7 cameras.
Matt Bischof from Dahua has contacted me and is attempting to get this resolved. I am awaiting his reply with a resolution.
Also, John, we worked with Peter Hu from your company to resolve this issue, but Dahua claimed they couldn't replicate the issue. Another Dahua OEM, Sean Nelson from Nelly's Security was able to replicate it, however since they were severing ties with Dahua, he was unable to assist me.
...we worked with Peter Hu from your company to resolve this issue, but Dahua claimed they couldn't replicate the issue.
I can absolutely confirm the "accessing an mjpeg stream changes your settings" thing on multiple cameras/firmware.
Jon,
same by me (Dahua told me that browser caches the passwords! Haha). I have different model but it's across many models.
And try http://XXXXXXXX/axis-cgi/mjpg/video.cgi?channel=1
This URL will result in camera reboot. Enjoy.
Yes, they tried the cached password excuse with me too. So I changed the password, still allowed RTSP. That's when the dialog ended.
Dahua told me that browser caches the passwords! Haha.
You do realize that ALL modern browsers cache the password used by http authentication.
Otherwise, you would have to reenter it on every single protected page, every time.
Good one. Just didn't want people to think that browsers don't cache passwords.
Jon:
Dahua Technology understands the importance of network security. As such, we implement high security standards during our entire product development cycle. We strive to keep our products as secure as possible and to educate our customers and end-users so that they have the information they need to make their networks safer.
Our independent cybersecurity lab is responsible for the implementation of Security Development Lifecycle (SDL) standards, network security standards, and secured coding standards. Additionally, Dahua’s R&D department includes a team of engineers who are dedicated to testing our complete product line, and we have partnered with industry-leading network security and solution provider Synopsys for further testing.
With regard to your specific concern, please visit DahuaWiki , where you can download the latest firmware and update instructions for the product in question, as well as many other camera models.
For more information on our partnership with Synopsys and on Dahua’s security standards, please visit the “Cybersecurity” page on our website, a knowledge base that includes cybersecurity best practices and tips on how to make a video surveillance system more resilient against vulnerabilities.
Dahua is dedicated to high product quality and to helping protect our customers and end-users from potential risk. If you have any questions or concerns about the cybersecurity of Dahua products, please email our cybersecurity committee at cybersecurity@global.dahuatech.com , and thank you for being a Dahua customer.
Matt,
The link you gave is for the new USA part number. Is there any reason why I cannot use the same firmware update on the older part number (IPC-HDBW5421E-Z)? I don't need to compound my issue with bricked firmwares.
Thanks for all your help so far!
Jon, the firmware listed on that product page in the link will actually work just fine with your cameras.
Just a note: That firmware download on that page is a .zip file, when it should be a .bin. Easy fix, but some may not be aware of that.
EDIT: I have now tried this firmware on 3 different cameras and none have accepted the .zip file renamed as .bin. I also tried to extract the .zip file and use the included .bin file inside of it, but that didn't work either.
I tried upgrading via the browser as well as the Config tool.
"Our independent cybersecurity lab is responsible for the implementation of Security Development Lifecycle (SDL) standards"
Mr. Bischof, who funds and runs this independent lab? What is their name and website URL? Thank you.
Gimme an "H", Gimme an "I", Gimme a "K"…
This issue has been resolved by the latest firmware updates. I will work on getting this addressed, with Matt.
JP, which issue? There has been a number of things mentioned in the thread, I just want to be clear which one specifically.
"Thirdly, all of my Dahua OEM dealers have jumped ship to Hik OEM or Uniview. Dahua seems like it is dying."
Just got this from my formerly devout Dahua dealer:
Just got this from my formerly devout Dahua dealer
I did not know you were a WorldEyeCam man...
How many relabelers are out there? I never even heard of WorldEyeCam. It amazes how many of these companies exist.
It amazes how many companies exist.
Obviously they need to spend a few more bucks per camera on marketing to bring them up to a tier 1 spending level.
Just wanted to update this thread with the latest findings...
1) Dahua made a failed attempt to get me a working firmware. I was told that the firmware on their Wiki site was used by an employee and for sure worked. This is not possible. The firmware is either corrupted or the wrong file.
2) My Dahua OEM has tried very hard to assist, but is at the mercy of Dahua. One hurdle is that this week was ASIS in the US and the Moon Fest in China. This means that most Dahua employees are away from the office. My rep at the US based OEM has contacted me multiple times a day in a valiant effort to try his best to resolve the issue. He has tried the same firmware files from the Dahua Wiki site and cannot get them to install either.
3) We have also had outsiders try to assist with links to other 3rd party sites that host Dahua firmware, but none of these links have resulted in a working firmware.
4) In order to exhaust my attempts at narrowing the issue to a bad file, I went to my clients site and attempted to upgrade the firmware with the camera removed from the network. I simply used my laptop and a PoE injector. This should work fine, but the camera still rejected the file.
5) While at my clients site, I was able to successfully upgrade the firmware of 20 units of a different Dahua models, the IPC-HDBW5302-DI 3MP dome and a IPC-E81200 fisheye. These upgrades were completed using the ConfigTool via Batch mode with the cameras connected to the network. They were not disconnected from the VMS (Spectrum) server, as Dahua had claimed was necessary. All I did was simply download the firmware file for the 3MP and Fisheye from the Dahu Wiki site and use the ConfigTool v3.20.
6) My contact at the OEM is trying to contact any engineer in China that could assist us with a working firmware file. He is also pushing his firm to compile a list of working firmware that they are able to verify and host themselves, since Dahua USA doesn't seem capable.
Jon, on a different discussion regarding the same firmware issue you said:
I can find many versions in PAL only format, but none that work that are NTSC versions...
There is reason to believe that the PAL version may work for you though,
Does PAL/NTSC Matter Anymore When Using IP Cameras And HD Displays Via HDMI?
Well you live in N, so that makes sense. But maybe thats just the pat answer.
From what I've read the difference is changing the frame rate from 30 to 25.
Maybe the hardware is different, and it could brick the camera, but I think it worth asking considering your predicament.
If I had a cold spare to test, I would consider trying it. But, I don't feel like testing your theory on a camera that is installed in the field. Especially this client.
On top of that, I feel like it is a point of principle at this point that neither Dahua USA or China can deliver a working firmware for this product. This has been confirmed by the OEM.
Ok, today we finally received assistance getting the Dahua 4MP cams upgraded and can now verify the firmware version 2.240.0.15.R did indeed fix the RTSP issue. I was asked not to disclose the way we were able to push the firmware, but I would gladly tell others via PM if needed.
Well thank Christ you were able to fit a defamatory remark in there somewhere about Dahua.
So you bought a really cheap camera. Have you ever stopped to evaluate how much that cheap camera REALLY cost you after factoring in all of your time and effort spent troubleshooting their issues?
Yes, that evaluation has lead me to Hikvision. Isn't that what this whole discussion is about?
To clarify to the public, I asked that he not share the method he used to upgrade those cameras mainly because using the direct firmware update daemon to force a firmware update through the firmware recovery method for an update CAN HARD-brick the camera as opposed to a simple soft-brick.
Basically, go ahead and look up port 3800 at your own peril, but I'm going to make the sane disclaimer that if you do firmware recoveries (whether this is Axis/Dahua/Hikvision/Avigilon) without supervision from your dealer/distributor/manufacturer then when it does brick we'll be very displeased when you try to return these to us.
Did this firmware fix the rtsp stream changing the settings to mjpeg problem or the security problem?
Yes, Dillabaugh already said it did earlier in the thread here. Didn't you see?
Yes, Dillabaugh already said it did earlier in the thread here. Didn't you see?
Well considering I was directly replying to the post where he said it got fixed, I suppose I did see it.
But what I was trying to confirm was exactly which bug it was that was fixed, as I saw this post which was not responded to.
In any event, why can't the normal firmware update method be used for this file?
It had less to do with the file and more to do with the batch (or the model...I don't know which is worse) we got. For some reason the firmware these cameras came with was locked in. Would not matter what other version we tried to update it with. After we literally exhausted all normal firmware options and update methods, JP Wenger decided to throw caution to the wind and he went to port 3800. This is a last resort measure, but at least it works. Now he can freely switch between the available firmwares at will, whether it's the stable 2.4 line or the 2.6 line that we accidentally let him have.
This may be unique to HDBW5421E-Z (or maybe our batch, in which case I have to ask Dahua, "WTH dudes?") or it's bullet cousin, but I can confirm that force flashing the firmware set the camera free. Before JP Wenger took a crack at it, I had grabbed 3 warehouse samples to test and the firmware refusal happened for all 3 until we finally did port 3800 and replicated the positive result multiple times. I couldn't even get his attention until I told them that I was replicating the same problem over and over again and even then the Chinese rep had to step in and get him to remote in for me.
I made like...2 cold calls for all of 2-3 days while trying to figure this **** out. I'm the special sales guy that works just as hard in technical support...Yay >.>
At least my Chinese rep takes me seriously. :D
.15 did fix the RTSP issue, as well as the firmware lockout issue. However, that's as far as I tested at that point. Those were my two main concerns at the moment.
I can test further if you have a given concern. More than happy to contribute to the community. I just need to know what you would like done.
Thanks. Is the file on the dahua wiki or was it a special version made for you?
He got a standard version. Problem is Dahuawiki doesn't have the OEM version. Do you need OEM or branded?
I used the General version, which is what you need for the OEM versions. The Wiki page only has the DH version, which is for the Dahua US branded models.
Its Dahua branded, although I'm not sure its "Dahua US branded".
Will the Dahua US branded firmware brick a Dahua non-US camera, or just not allow it?
Well if you need NTSC then you're in good shape.
Otherwise, if you need PAL, head here.
This is the problem, you guys are discussed price and not quality, even when they go to stay fighting for pennies?
Use in their projects Axis, Vivotek, Panasonic where you guys have added value.
The market will be ruthless with Dahua, Hikvision and UNV will be ... just input options, and for small projects, or you guys crrem the famous * DOORS * will be closed? Do you believe that any government or large corporation authorizes these manufacturers?
The market is already segmented in Hi END END and Low.
Make your bets.
When did this discussion become Dahua's Tech Support Forum?
Lol, if anyone has questions about product I can support, I try to answer.
Would it be better if I started a new topic for that?
What other direction should we have expected this to head in other than one which addresses this customer's inherent concerns? Perhaps as a "manufacturer" you'd be more content with yet another thread bashing Dahua?
Acutally by the title of this thread "Dahua Cheerleader Slowly Drifting Away to Hikvision", I would think that there would be a few arguments on why to stay with Dahua. There weren't any presented. Oddly enough I'd think all the tech support issues and the number of ways to brick a Dahua camera presented...I'm guessing going the tech support route on this thread probably worked against you.
I think it went both ways. Imperfect manufacturers can be dealt with by hard-working distributors. There are still reasons to work with Dahua as they are cost-effective and versatile given enough effort. They actually are good, solid product. However, when you ARE having problems with the product, the good techs and customer support will be able to relate and work with you cause we can feel your pain.
Perfection is hard and expensive. We'll get there step by step though. For now, we're willing to work hard to gain and retain business.
OK, today I received a new firmware file for the 3MP cameras and it also resolved the RTSP flaw that we had issues with.
Thanks to Robert @ SavvyTech!
Woohoo!
But serious note, if someone needs this file or something similar for an EOL model, please go through me first so I can be sure you get the right firmware.
Last thing I need is to have people bricking their cameras without supervision.
Real thanks goes to my rep @ Dahua!
The power of butt kissing wins again!
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.
