Hikvision Cybersecurity 'Not Professional'

Morten Tor Nielsen defended Hikvision a few months ago. Now, he is back, post the Hikvision backdoor details disclosure, contending:

if someone suggests using a non-standard port to “protect their installation”, then you know that the guy is not professional (doesn’t mean he’s not paid, just means he’s not competent). [emphasis added]

What is fascinating and ironic is that Hikvision's own hardening guide recommends port forwarding and just that technique:

We agree with Tor Nielsen, port forwarding generally and changing port numbers specifically are not prudent ways to protect an installation.

Port forwarding exposes devices to the entire public Internet, whereas security cameras are generally only intended for a few clients / people to view. Moreover, using a non-standard port is a shallow form of security by obscurity that can easily be overcome by various bots and attackers scanning the Internet.

Where we disagree with Tor Nielsen is the extent of blame on users:

And that’s at the core of this debacle: people that are incompetent, feel entitled to be called professionals, and when they make mistakes that pros would never make, it’s the fault of the equipment and it’s not suitable for professionals either.

Users are making mistakes but they are literally following the directions of Hikvision, who is telling them to do this in a hardening guide.

Login to read this IPVM discussion.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

* ******'* ***** *** ***** ***** ******* *************. ****'* *** way * ******* ***** ******** ****** ****** ******: ******** ****** (the ******** *** ** **-*, ***** ***** **** $**), *** configured, **** *****/** ******** ** *** ****** *** *** **** secured ********** ******* *** ******* *****.

*** **** ** ***. *** ******* ***** **** ** **** port. ** *** *** ******* ******* ** *** ******** **** Routers, *** ******* **** **** ** *** ****.

* ***** ********* ****** *****. *'* ********* ** *** *** GW ** *** **** ****** ** ** ******* *** ***/****** from ******* ****** ******. *** ***** **** **** **** ** the ********. * ******'* ** ********* ** ******* ***** ****** or ******** *****.

*** ****, **** *** ******** * ********** **** *******, *** need ** **** ** **** ****