Should Manufacturers Be Able To Access Your Products Without Your Credentials?

JH
John Honovich
Aug 12, 2016
IPVM

In the old days, it was common for manufacturers to have special accounts or ways to access their products deployed in your sites. This was frequently justified as helping technical support.

Now, with increased security risks, this is less accepted. For example, Pelco recently removed theirs.

What do you think?

Vote:

(1)
Avatar
Ari Erenthal
Aug 12, 2016
Chesapeake & Midlantic

There's something wrong with the poll, I can't see the "hell, no, what is the matter with you???" option. Was forced to vote "no" instead.

(3)
UM
Undisclosed Manufacturer #1
Aug 12, 2016

If there are any remaining secret accounts out there, I sincerely hope they are patched soon.

Avatar
Mark Kirkeby
Aug 12, 2016

have you ever been locked out with no chance of recovery-

so if there is no "reset button" does this change the game

UM
Undisclosed Manufacturer #1
Aug 12, 2016

It's one thing to have a procedure that unlocks a device or database when you have physical access to the device or computer. But a universal username/password that can be accessed across a network - that's a different story.

U
Undisclosed #2
Aug 12, 2016
IPVMU Certified
New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions