Take the 10 question quiz on Dahua and Hikvision backdoors.
Goal is to help people understand the specific technical issues and risks involved.
Feel free to post results, questions and feedback below.
Take the 10 question quiz on Dahua and Hikvision backdoors.
Goal is to help people understand the specific technical issues and risks involved.
Feel free to post results, questions and feedback below.
Hi John,
Hikvision Europe has issued a "Hikvision Security Advisory" press release and emailed an e-newsletter with the advisory.
You cover this in your own personally written article.
https://ipvm.com/reports/hik-wave-cyber
Question 6 gives some sentiment about how Hikvision handeld it, but I can not select the answer you yourself have provided proof of.
Question 6 reads:
Which of the following has Hikvision done to notify impacted users?
Other than this, the questions you ask are good, the test the level of knowledge and challange the reader to be aware of what is happening.
Just question 6 is a little off :)
Good eye, you are right! I changed it to a specific fact based question on the Hikvision May 2017 ICS-CERT advisory.
I don't consider these kind of "tests" as work, neither "wannabe research" as I perform them on my free time to improve my own "skills".
...I perform them on my free time to improve my own "skills".
To what end?
That's funny.
Related, scores so far are overall quite low even on basic questions like how the vulnerabilities work. I do think that's an issue for the industry as knowing (high level) how these things work would make people better understand risks and avoid the simplistic and wrong excuse that 'anything could get hacked so everything is all the same'.
If most ppl would keep up readings of these kind of "news" about this kind of stuff, it would be >95% and not <40%.
But, unfortunately I'm not surprised.
If most ppl would keep up readings of these kind of "news"
Well, interestingly, people read the news heavily, e.g., Dahua Backdoor Uncovered, Hikvision Backdoor Exploit, etc.
The problem seems to be going through the technical details. I think a lot of people gloss over the technical details in these articles.
Might be the truth, I don't know, and now crawling back to my cave for a while with more ARM ASM.
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.