Remove the web browser from IP cameras and make them 100x more secure.
Reasons to Keep Browser:
- No need to install applications to access device.*
- Remote (WAN) configuration.
- Advanced device configuration beyond IP address etc.
*However ActiveX is quite a big install, and can also cause version problems with devices.
Reasons to remove
- Mostly* just IE browser support requires an ActiveX plugin
- Security on device for easy to find exploits will be removed.
- Plain text passwords, or simple encoded passwords
- Web forms showing data parameters usernames.
- Weak session IDs, local cookies in plain text.
- Performance of device without a web service running has to be positive.
*To date who can stream H.265 plugin free on any browser from any known IPC or NVR?
Expand the almost always supplied scan tool could be expanded to cater for all devices. And also can be simpler to bulk setup multiple devices in a mouse click. This has to be a better viable option.
There is consideration Onvif uses some web services, however this is mostly done via a separate application on device as it's own service. (Hikvision last update tells you this much)