Arecont and SIA Failing Cybersecurity Efforts

By: John Honovich, Published on Jul 22, 2016

Do as we say, not as we do.

The effective motto of the Security Industry Association and their cyber board member Arecont Vision. Today, the two companies issued an interview where they talked cybersecurity [link no longer available].

Ironically, though both companies fail following their own guide.

The *****

*** ****** ************** *****. ** ** ****** straightforward, ********* ********** *************** like:

******* ** *****.

******* ******* *********.

SIA *******

***'* *** *******, ****://***.****************.***/ **** *** ******* ** HTTPS. 

**** **********, ***'* ***** page **** *** *** HTTPS ***** **** ***'* users ** **** ** getting ***** ********* ******:

[******: *** *** *** fixed ***** ***** **** to *** *****]

*******,*** ****** **** * C** *** *** **** server ******:

Arecont *******

******* ***** ** ******** levels.

***, ******* ******* ** not ******* ***** ** all. ***** ***** ****? Not ** ***. *** even ** ******. (*******: **** ****** ******* ******* Out ** ******)

***, *******'* ***** ****, like ***, **** *** support *****:

[******: ******* ****** *** now **** ***** ****-****, including *** ***** ****.]

*****,******* **** ****** **** a *** *** *** **** report.

****** *** ******** **** seriously, ******* ******** ** no ******** ** ***. Or ** ******* ********* *****:

******* ****** ******* ** not **** **** ************** enabled

"Thought **********"

******, *** *** ******* will ************ ********** ** being '******* *******'. *** would ***** '**********' *** be ******** ** **** followed ***** ***** ********** themselves? Does *** *** ******** deserve ****** **** ****?

*** *** **** ***, in **** **********, **** Arecont ** *** ************* board **** ******* ***** at ******** *********** ****** in ***** *** *****. Do ***** ****?

Comments (7)

U1: I tell you what! All these shady Chinese crap companies.....

U2: They aren't Chinese bruh

U1: WHAT?

U2: They are American?

U1: (blank stare)

Did that make you feel better? ;)

Maybe this is an opportunity for an independent organization to create a rating system on the security of all web enabled cameras, NVR's, DVR's, access control, alarm systems, home automation......deep breath, commercial controls, wireless access point, switches and routers. Some sort of Penetration Test Rating that at the time of Manufacturing a random independent penetration test was conducted. Of course with all the zero-day exploits coming out all the time the rating could go up and down for model #'s.

The organizational model that comes to mind is the IP Code rating on outdoor rated technology. For example granted that IP66 is good enough for most outdoor installations, but if your national security or 100's of lives are at stake then you may want to use IP69. At least you know you did the best you could given whats available to you.

This would create a lot more clarity in the market especially sales people that are up against the out of the box camera system that can be streamed to a smartphone (Very impressive I know). Just ask these people "Does it concern you that there are self learning autonomous servers running 24/7 scanning for your public facing network weaknesses and exploiting them for no reason besides that's what they are programmed to do?" then they will ask for proof and well this is where a White Hat rating system would be a great to reference to cite.

Update: SIA has fixed their login page issue, Arecont still has not.

Update: Arecont Vision has now gone HTTPS site-wide, including the login page.

IPVM making industry manufacturers websites more secure, one HTTPS site at a time!

IPVM, the fly on the butt of the Old Dog known as the security industry.

Read this IPVM report for free.

This article is part of IPVM's 6,538 reports, 881 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now

Related Reports

"He Is An Idiot!" Exclaims SIA Director John Mack on Mar 23, 2020
Here is another inside look into the "leaders" of the security industry. SIA...
SIA: "Refrain From Working With Companies And/or Products That Are Implicated In Human Rights Abuses" Like Dahua and Hikvision on Aug 17, 2020
The US (Security Industry Association) SIA has taken a stand, declaring that...
SIA Coaches Sellers on NDAA 889B Blacklist Workarounds on Aug 05, 2020
Last month SIA demanded that NDAA 899B "must be delayed". Now that they have...
Wyze Fails To Deliver Own On-Board Analytics, Launches Novel Name Your Own Price Service on Jul 24, 2020
While Wyze failed to deliver their own onboard analytics to replace the...
School District Admits Not Following FDA Guidelines With 144, No Blackbody, Hikvision Fever Cameras on Aug 21, 2020
The Baldwin County School District has admitted it is not following FDA...
Wrong Dahua Australia Medical Device Approved on Jul 20, 2020
Dahua's body temperature system is now in Australia's medical device...
Dahua Taunts Australian Government, Continues To Sell Illegal Fever Cameras on Aug 10, 2020
Dahua is effectively taunting the Australian government by continuing to sell...
Axis Compares Fever Camera Sellers to 9/11 on Sep 18, 2020
Axis Communications, the West's largest surveillance camera manufacturer, has...
Don't Deceive. Lessons From Scott Schafer on Mar 20, 2020
Deception is bad. We can learn some important lessons from Scott Schafer, a...
Avigilon Social Distancing Analytics Tested on Aug 26, 2020
Avigilon released its social distancing analytics in response to the...
Hikvision Hides Xinjiang R&D Activities on Apr 22, 2020
Hikvision has systematically deleted evidence showing their R&D base and...
ISC West 2020 Finally Cancelled on Jun 25, 2020
ISC West has now been cancelled for the third time, now for all of...
Genetec CEO Declares "We Don't Negotiate Payment With Patent Trolls" on Aug 11, 2020
Are patent trolls like terrorists? Genetec's CEO is coming out strongly...
Fever Cameras Are Medical Devices, Per The FDA, Dahua, Feevr, Hikvision, InVid Contrary Claims Are False on May 28, 2020
Fever cameras are medical devices, despite what euphemisms various sellers...
Dynamic vs Static IP Addresses Tutorial on Apr 16, 2020
While many cameras default to DHCP out of the box, that does not mean you...

Recent Reports

New Products Show Fall 2020 continues tomorrow with Genetec, Milestone, Avigilon, Microsoft and more! on Sep 29, 2020
IPVM's sixth online show continues tomorrow and will feature New Products...
Avigilon / Motorola VS Virtual ISC West on Sep 29, 2020
ISC West has historically been so dominant that no player would think of...
Dartmouth College Deploys K3 Temperature Screening on Sep 29, 2020
While Dartmouth College has a $6+ billion endowment, the College has bought...
Hanwha AI Object Detection Tested on Sep 28, 2020
Hanwha has added detection and classification of people, cars, clothing...
Favorite Access Control Manufacturers 2020 on Sep 28, 2020
200+ Integrators told IPVM "What is your favorite access control management...
OnTech Smart Services Partners With Google and Amazon To Compete With Integrators on Sep 25, 2020
A pain point for many homeowners to use consumer security and surveillance is...
The Future of Metalens For Video Surveillance Cameras - MIT / UMass / Immervision on Sep 25, 2020
Panoramic cameras using 'fisheye' lens have become commonplace in video...
Hikvision Sues Over Brazilian Airport Loss on Sep 24, 2020
Hikvision was excluded from a Brazilian airport project because it is owned...
China General Chamber of Commerce Calls Out US Politics on Sep 24, 2020
While US-China relations are at an all-time low, optimism about relations...
Verkada Disruptive Embedded Live Help on Sep 24, 2020
Call up your integrator? Have someone come by the next day? Verkada is...
IP Networking Course Fall 2020 - Last Chance - Register Now on Sep 23, 2020
Today is the last chance to register for the only IP networking course...
Drain Wire For Access Control Reader Tutorial on Sep 23, 2020
An easy-to-miss cabling specification plays a key role in access control, yet...
Norway Council of Ethics Finds Hikvision Human Rights Abuses "Ongoing" on Sep 23, 2020
Hikvision's involvement in "serious human rights abuse" in Xinjiang is...
IPVM Camera Calculator User Manual / Guide on Sep 23, 2020
Learn how to use the IPVM Camera Calculator (updated for Version 3.1). The...