Should Hikvision Hack Its Own DVR's?

Before it was forced to shutdown, insecam.com had a listing of over 73,000 private cameras, available for viewing by anyone. Hikvision DVR's (and DVR's in general) were especially prized because of their 8 and 16 channel views. Although this site was pressured to close, the lists of unsecured cameras/devices grows, with new sites to view them as well.

Which leads me to a crazy idea. Why not, in an automated fashion, log in to all these devices and leave some calling card that would alert/motivate the owner to change the password. Something non-destructive but visible is needed. How about making all camera titles say "change password - device was accessed from Internet.". Or in an overlay? Ideas?

Going the whole hog and changing the firmware automatically is unlikely to fly in the U.S., but maybe in China it could be done for interests of national security.

Is this an old idea that has already been shot down?

Login to read this IPVM discussion.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

***** *** ***** *** *** ******** *** ******** ************* ** unlikely ** *** ** *** *.*., *** ***** ** ***** it ***** ** **** *** ********* ** ******** ********.

******* ** *** ******* * "******* ****" ***** ****** * major *********, **** ***** ** ****** *******... **** ***** ********* as **** ***** ***** **** **** ***** **** ***** **** them ** **** *******...

...***** ****** * ***** *********...

******, ********* ** *** ****. ** ***** ******, ** *****'* strike ** ** ********* **** ***** *********** **** **** ** hot *****.

* ***** **** **** ** ***** *** **** * ** not ****** *** ****** ******** *** ******** ******* *** ***** devices. * ** ******* ***** *** ***** ** *** ******* that **** ******* **** ********** ** ****** *** *** ********* being ********* ** ****** ****** *** *****,violating ***** ******* *****. This 'hack' would not involve any human interaction or retrieval of any video or any information at all.

** ***** ** ****** **** ** ***** *** * ********* precedent, *** * *** **** ***. *** *** ***** * am **** **, ** * ******* *** * ****** **** was ************ ********** ** *** ******** *** ****** **** ******* it *****, * ***** **** ** ****, ******'* ***?

***** *** ** ****** ** **** *** ******* *** ***'** being ******* ** *********?

*'* ** ********* **** *** ************ ** ** ****** ***** enough ** ***** ** ** * ******** ******. * **** the ****. *'* ** ****** *** ** *** **** ** a ******* **** **** ** ** ***** *** ****** ** they ****** **** ***** "*******" ** **** ***** ******* :)

****, ***** ********** **** *** ******* ***** *** **** **** me ***** ** *** **:

** **** ******* *** ***** ** **** **** **** ***** that ** *** *********; ** ****** **** * ******* ** help ****** ****** **** ****** * **** *** “******” ****** at *** ******.I ****** ** **** *** **** ****** who unwittingly opened a digital window to view into their homes, so * ***** ** ***** **** **** ******** ****** ****** **** *** ***** ** ******* **** ****** *** ******* ******** *** ********. It is their lives and their cameras to do with as they think best, but “best” surely doesn’t include using a default username and password on those cameras so that families provide peep shows to any creep who wants to watch.

*** **** ***** *** ****** ************, ******* ***** *** ********, time ****, **** *** *****. *** ******* *** **** ****** are **** ************* ********** **** ********* *** ******** ** ****** Maps. **** *** ** ****** ** ******* ******* ******, ****** into, ********* ** ****** *****, **** ****** **** ** ***** of ****** ** ******* ** **** **** * ******* ***** look-up. **’* ******** ****** ** **’* * ******** *** *** see * **** ** * ********.There *** ** ** ****** ***, as it was slow and frustrating.

*, ******* ** ** '*******', *** ******'* **** * **** marketing ******...

* ***** ***** *** **** ************* *** ******* **** ** a *******. ** *** **** *****, **** ***** ****** ** as * *******, ****** **** **** *** ******* ******.

******, ** *** ******, *** **** ******** ** * *******, make ** *** *******, ***** ****** ** *** ***...

*, ******* ** ** '*******', *** ******'* **** * **** marketing ******...

** ****** *** ** * ****** ** '*******' ****** **** would ******* ****** ** *** **** ** ***** **** **** out. ***** ****** ** **** ** ********** **** ******. :)

* ******'* **** ******** ********* ***'* *** ******* *******.

****** *** ***** **** ** ** ***** ** ***** *** I ***** ** ******* ******** ***** ********** ******** **** ** being ********** *** *** ******* ** ***.

***** **** ** ********** ******* *** *** ********, * ** not ******* ** ***** ** **** ********. ****'* * ******** example ** *** **** ** * *** ****:

** *** ***** **** * **** *** ********** ****** **** * ******* ** ******** ** * ****** **** employer **** * ***** ** ******** **** * *** ****** printer. *** ******* **** ****** ** ** ***** ****** *** everyone **** ************** ** *** ******** ** ** ********** ****** thinking **** *** **** ****** ***** ********* ***. ***** ***** ***** ********* *** *** ******** ******* ** net ****! * ***** *** ********* **** **** ********* ** a **** ****** ***** ** ********* **** **** ******.

*** ******* **** ****** ** ** ***** ****** *** ******** from ************** ** *** ******** ** ** ********** ****** ******** they *** **** ****** ** *** ********* ***.

***, * ******* **** ** ***** *** ** **** ******** by ****. ****** ** **** *******, ********** *** ******** ** people ********* *** ******* **** *** ********* ***** *** ****** of *** ******* ** **** *******, *** ********* ***** **** see *** ******** ******. ** **** **** ** ***** ** more **** *** ******* *** "*** ********** ************ *** ********* ***".Still **** ***** ****** **** ********** *** ***** **** ******* ** *** *******.

** *******, ***** *** ****** ***** **** ******* **a **** ** *** ********* ******* **** ** ******** ******* *** *** ******. The user would change their password at once and direct any negative energy to ***** ** *** ********, *** **** **** *** ********** ****.

*** *****'* **** ** ** ** *** ****, ****** ******** ** ** ****, ****** ** ***** ** * *** of **** *** *** *** ********* **********. **'* ***** ******* but ***** ** ******* ******** *** ** **** *** **.