Genetec CEO Worried About "Unsafe Equipment Being Brought In From Asia"

JH
John Honovich
Feb 29, 2016
IPVM

A pretty frank and damning answer from Genetec's CEO:

"that is more worrisome is there is unsafe equipment being brought in from Asia and put into sensitive parts of our critical infrastructure. This concerns me greatly. We are building stuff into our software to try to compensate for that, but ultimately, it’s part of the system architecture and if we’re not involved to influence the architecture to make sure we isolate components that are of untrustworthy sources, there’s nothing I can do. Our infrastructure will be vulnerable."

Firewall the Chinese IP camera section? :)

So is Genetec's CEO being unfair and ignorant, as Hikvision likes to say, or is he being prudent?

[Update: Genetec's CEO followed through on this - Genetec Expels Hikvision.]

(10)
(4)
Rv
Rogier van der Heide
Feb 29, 2016

"I don't get it. We got the new malware counter measures in place, but so far it's only reacting to the Axis and Arecont camera's!"

But for real, I wouldn't mind if they build these checks in for all camera's, and not stare blindly on the chinese ones.

(1)
(1)
JH
John Honovich
Feb 29, 2016
IPVM

Why do you assume that they only check Chinese / Asian ones? Looking at the overall comments in the interview, Genetec is clearly taking many steps for cybersecurity. My read of the quote in question is that the risk is simply higher on Asian ones than, e.g., Swedish, a reasonable assumption.

(1)
Rv
Rogier van der Heide
Feb 29, 2016

Because the quote is entirely specified on the Asian equipment, how they are unsafe, and how they are building stuff to compensate that ?

If they really so concerned about others doing the same, they would had done that ages ago.

(2)
JH
John Honovich
Feb 29, 2016
IPVM

The interview is far more than that quote.

For example when asked about assuring cybersecurity, Genetec's CEO said:

"It’s the three Ps: people, product and process. In terms of product, for the last four years we’ve implemented the Microsoft SDL. We have a security development lifecycle which lets us identify attacks on our software. And we make sure our senior engineers examine the code to make sure we don’t make any exploitable software flaws. We don’t leave any flaws there."

(2)
U
Undisclosed #1
Feb 29, 2016
IPVMU Certified

...how are they building stuff to compensate that?

(9)
U
Undisclosed #1
Nov 12, 2016
IPVMU Certified

Genetec stole my code :)

UM
Undisclosed Manufacturer #2
Mar 06, 2016

The Chinese are known for hacking, reverse engineering and stealing Intellectual Property. I believe that they do have a backdoor built in for penetrating your network when, and if, they want to use it. Unless you are unconcerned about "IP", why in the world would you put a product manufactured, and developed, by a Chinese Government owned company on your network? The only way I would consider this is if it was a completely separate and dedicated surveillance network.

(3)
U
Undisclosed #1
Mar 07, 2016
IPVMU Certified

...why in the world would you put a product manufactured, and developed, by a Chinese Government owned company on your network?

  1. You make a living selling cameras.
  2. You happen to live in China.
(3)
LA
Levi Angst
Mar 06, 2016
IPVMU Certified

Ignorant? No. Proactive? Yes.

Genetecs CEO is merely stating what thousands of integrators are (or should be) thinking. We should not be so naive as to think that any manufacturer, especially foreign, is incapable or would not DESIRE to have such technology within our critical infrastructures.

(6)
UD
Undisclosed Distributor #3
Mar 07, 2016

Contact Kevin Coleman, he was a founder of Netscape. I met and interviewed him years ago and he could really tell you what China is doing. Very scary stuff..

(1)
(4)
JH
John Honovich
Nov 11, 2016
IPVM

Bump. This comment from Genetec's CEO 8 months ago about 'untrustworthy sources' has more meaning given that Genetec has now expelled Hikvision cameras.

(2)
UM
Undisclosed Manufacturer #4
Nov 11, 2016

....should have a poll....

UE
Undisclosed End User #5
Nov 11, 2016

John,

So what makes Hikvison's equipment more unsafe than any other companies? Specifically! I read the article. A lot of accusations, with zero to back it up.

"Stuff that is more worrisome is there is unsafe equipment being brought in from Asia and put into sensitive parts of our critical infrastructure." "people are just bringing in all kinds of stuff into your network, and some of it is actually crap. But worse than that are purchasing people, when they’re buying cheap stuff, and they don’t care or are not conscious of what kind of vulnerabilities they might be bringing into the system."

(1)
New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions