Genetec CEO Worried About "Unsafe Equipment Being Brought In From Asia"

A pretty frank and damning answer from Genetec's CEO:

"that is more worrisome is there is unsafe equipment being brought in from Asia and put into sensitive parts of our critical infrastructure. This concerns me greatly. We are building stuff into our software to try to compensate for that, but ultimately, it’s part of the system architecture and if we’re not involved to influence the architecture to make sure we isolate components that are of untrustworthy sources, there’s nothing I can do. Our infrastructure will be vulnerable."

Firewall the Chinese IP camera section? :)

So is Genetec's CEO being unfair and ignorant, as Hikvision likes to say, or is he being prudent?

[Update: Genetec's CEO followed through on this - Genetec Expels Hikvision.]


"I don't get it. We got the new malware counter measures in place, but so far it's only reacting to the Axis and Arecont camera's!"

But for real, I wouldn't mind if they build these checks in for all camera's, and not stare blindly on the chinese ones.

Why do you assume that they only check Chinese / Asian ones? Looking at the overall comments in the interview, Genetec is clearly taking many steps for cybersecurity. My read of the quote in question is that the risk is simply higher on Asian ones than, e.g., Swedish, a reasonable assumption.

Because the quote is entirely specified on the Asian equipment, how they are unsafe, and how they are building stuff to compensate that ?

If they really so concerned about others doing the same, they would had done that ages ago.

The interview is far more than that quote.

For example when asked about assuring cybersecurity, Genetec's CEO said:

"It’s the three Ps: people, product and process. In terms of product, for the last four years we’ve implemented the Microsoft SDL. We have a security development lifecycle which lets us identify attacks on our software. And we make sure our senior engineers examine the code to make sure we don’t make any exploitable software flaws. We don’t leave any flaws there."

...how are they building stuff to compensate that?

Genetec stole my code :)

The Chinese are known for hacking, reverse engineering and stealing Intellectual Property. I believe that they do have a backdoor built in for penetrating your network when, and if, they want to use it. Unless you are unconcerned about "IP", why in the world would you put a product manufactured, and developed, by a Chinese Government owned company on your network? The only way I would consider this is if it was a completely separate and dedicated surveillance network.

...why in the world would you put a product manufactured, and developed, by a Chinese Government owned company on your network?

  1. You make a living selling cameras.
  2. You happen to live in China.

Ignorant? No. Proactive? Yes.

Genetecs CEO is merely stating what thousands of integrators are (or should be) thinking. We should not be so naive as to think that any manufacturer, especially foreign, is incapable or would not DESIRE to have such technology within our critical infrastructures.

Contact Kevin Coleman, he was a founder of Netscape. I met and interviewed him years ago and he could really tell you what China is doing. Very scary stuff..

Bump. This comment from Genetec's CEO 8 months ago about 'untrustworthy sources' has more meaning given that Genetec has now expelled Hikvision cameras.

....should have a poll....

John,

So what makes Hikvison's equipment more unsafe than any other companies? Specifically! I read the article. A lot of accusations, with zero to back it up.

"Stuff that is more worrisome is there is unsafe equipment being brought in from Asia and put into sensitive parts of our critical infrastructure." "people are just bringing in all kinds of stuff into your network, and some of it is actually crap. But worse than that are purchasing people, when they’re buying cheap stuff, and they don’t care or are not conscious of what kind of vulnerabilities they might be bringing into the system."