Arecont and SIA Failing Cybersecurity Efforts

By John Honovich, Published Jul 22, 2016, 09:01am EDT

Do as we say, not as we do.

The effective motto of the Security Industry Association and their cyber board member Arecont Vision. Today, the two companies issued an interview where they talked cybersecurity [link no longer available].

Ironically, though both companies fail following their own guide.

The *****

*** ****** ************** *****. ** ** ****** straightforward, ********* ********** *************** like:

******* ** *****.

******* ******* *********.

SIA *******

***'* *** *******, ****://***.****************.***/ **** *** ******* ** HTTPS. 

**** **********, ***'* ***** page **** *** *** HTTPS ***** **** ***'* users ** **** ** getting ***** ********* ******:

[******: *** *** *** fixed ***** ***** **** to *** *****]

*******,*** ****** **** * C** *** *** **** server ******:

Arecont *******

******* ***** ** ******** levels.

***, ******* ******* ** not ******* ***** ** all. ***** ***** ****? Not ** ***. *** even ** ******. (*******: **** ****** ******* ******* Out ** ******)

***, *******'* ***** ****, like ***, **** *** support *****:

[******: ******* ****** *** now **** ***** ****-****, including *** ***** ****.]

*****,******* **** ****** **** a *** *** *** **** report.

****** *** ******** **** seriously, ******* ******** ** no ******** ** ***. Or ** ******* ********* *****:

******* ****** ******* ** not **** **** ************** enabled

"Thought **********"

******, *** *** ******* will ************ ********** ** being '******* *******'. *** would ***** '**********' *** be ******** ** **** followed ***** ***** ********** themselves? Does *** *** ******** deserve ****** **** ****?

*** *** **** ***, in **** **********, **** Arecont ** *** ************* board **** ******* ***** at ******** *********** ****** in ***** *** *****. Do ***** ****?

Comments (7)

U1: I tell you what! All these shady Chinese crap companies.....

U2: They aren't Chinese bruh

U1: WHAT?

U2: They are American?

U1: (blank stare)

Agree
Disagree
Informative
Unhelpful
Funny: 5

Did that make you feel better? ;)

Agree
Disagree
Informative
Unhelpful
Funny

Maybe this is an opportunity for an independent organization to create a rating system on the security of all web enabled cameras, NVR's, DVR's, access control, alarm systems, home automation......deep breath, commercial controls, wireless access point, switches and routers. Some sort of Penetration Test Rating that at the time of Manufacturing a random independent penetration test was conducted. Of course with all the zero-day exploits coming out all the time the rating could go up and down for model #'s.

The organizational model that comes to mind is the IP Code rating on outdoor rated technology. For example granted that IP66 is good enough for most outdoor installations, but if your national security or 100's of lives are at stake then you may want to use IP69. At least you know you did the best you could given whats available to you.

This would create a lot more clarity in the market especially sales people that are up against the out of the box camera system that can be streamed to a smartphone (Very impressive I know). Just ask these people "Does it concern you that there are self learning autonomous servers running 24/7 scanning for your public facing network weaknesses and exploiting them for no reason besides that's what they are programmed to do?" then they will ask for proof and well this is where a White Hat rating system would be a great to reference to cite.

Agree
Disagree
Informative
Unhelpful
Funny

Update: SIA has fixed their login page issue, Arecont still has not.

Agree
Disagree
Informative
Unhelpful
Funny

Update: Arecont Vision has now gone HTTPS site-wide, including the login page.

Agree: 1
Disagree
Informative
Unhelpful
Funny

IPVM making industry manufacturers websites more secure, one HTTPS site at a time!

Agree
Disagree
Informative
Unhelpful
Funny: 1

IPVM, the fly on the butt of the Old Dog known as the security industry.

Agree
Disagree
Informative
Unhelpful
Funny: 1
Read this IPVM report for free.

This article is part of IPVM's 6,961 reports, 927 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now
Loading Related Reports