Genetec CEO Warns Against Insider Threats

By: Brian Karas, Published on Sep 21, 2017

With Dahua and Hikvision cybersecurity issues becoming indisputable, a new counter has emerged.

Just put them behind a firewall, buy cheap cameras, and sleep well.

However, Genetec's CEO is warning that untrustworthy and insecure devices do not become trustable and secure simply by doing so.

In a guest post on Axis' blog, CEO Pierre Racz outlines the risk of insider threats and how this impacts cyber security. We examine the claims, pros and cons, inside.

**** ***** *** ********* cybersecurity ****** ******** ************, a *** ******* *** emerged.

**** *** **** ****** a ********, *** ***** cameras, *** ***** ****.

*******, *******'* *** ** warning **** ************* *** insecure ******* ** *** become ********* *** ****** simply ** ***** **.

** ****** **** ** ****' blog, *** ****** **** outlines *** **** ** insider ******* *** *** this ******* ***** ********. We ******* *** ******, pros *** ****, ******.

[***************]

Insider ******* **** **********

******* ******* *** *** of *** ******* ******** risks *****, ** * number ** ********-******** ************ have ******* ***:

******:******** *** *****’* ******* security ******
******* ******** ******:*** ******* ************* ******* Are ****** **** *******
** ********:*** ******* ******: *** biggest ****** ** ******* cyber-security

**** **** ******* ******* behind *********, ** ** completely ******** ******** **** no ******** ****** ******* the ****** ** ******. However, **** ***** ** incomplete, ** ** ******* the ********* *** ****** attacks, ***** *********** ****** the ********.

*******'* *** ******** *** 'inside' *** '*******' *** no ****** ****** ********:

**** ** **********, *** Internet ** ******, *** bring-your-own-device-to-work ***********, *** **** between ****** *** ******* an ************ ** *** as ***** ** ** used ** **.

*******, ** ******:

**** ** *** ******** devices ** *** ******** networks, ** *** ** longer ****** *** ******* inside *** ******** ** secure.

************, **** ********, ** other ********** ******* *** create * *** *** 'outsiders' ** **** ****** to *** ****** *******, opening ** *** ********* for ****-***** ******* ** that *******.

Password ***** *****, ********* ******** ******* ******

** ***** ************, ******* that ***** ********* ** be ****** ***** ***********-**** *******,********** ********,*******-***** *****, ** ******* ***** make ** **** *** malicious ******** ** **** over ***** *******. ******* for **** ******** ********* the ***** ** ***** devices *************.

Question ***** ** *********

*******'* *** ********* *** network ***** ** ******** by *** ******* ** that *******:

******** ** *** ***** building * ******* ** trust. **** ** ***** to ******* ******* ** your *******, **** ************ must *** ******* ********* about ******* ** *** the ************ *** *** organization ********** *** ****** are ***********.

** ********* *** ********* both *** *******, *** the ******/************ ********** ****, to ********* *** ******* potential ** ****** *** network. ** ******** ***** to *********** *** ****** of *** ******** ** the ******, ****** ***** the ************(*) ****** *** software ******** *** ******, and ** **** *** trustable ****** ** ****** on *** ******** *******:

[*]*** ******* ***** ** put * ****** ** your *******. *** ****** ask: “*** *** ***** the ******** ********?” ********* speaking, *** ****** **: “No.” ****, *** *** whether *** **** *** person ** ****** *** wrote *** ******** *** this ******. ***,if *** ****** ** “***,” *** ** *** ******* ** * ********/********** ****** ** * ***-********* ***** ** **** **********, **** *** ****** ***** ***** ***** ******* *** ****** ** **** *******. [emphasis added]

Impact ** *********

*** ********* ** "* military/government ****** ** * geo-strategic ***** ** **** government" ** ******* ********* to *********, ********** **** *********** ******** from ***** *******. *********, *** ***** top **********, **** ***** claimed **** ******* *** devices ** ******* ******** removes *** ******* ***** by ********** ******** ***** security *****, ***** ******* the **** ** ******* attacks.

*********** *** **** ** inside ******* ********** ************* devices **** ****** **** more ********* ** ******** security, ** ** *** in ** ********. **** would ***** ********* ********** to *** *** ** Hikvision ******** ** *********/********** markets, ***** ********* **** to ******.

Smaller ***** *** *** ****

******* ***** *** **** likely ** **** ***** insider ****** *****, ************ when *** "********" *** limited ** * **** small ****** ** *********, many ** ***** *** not **** **** ******* access ** *** **** of ***** ****** ******* or ***********. ********, ******* users ***** *** *** as ******* ** ****** can '*** ***** *******' or ****** ***** ********.

*****, ***** ************* *** face ***** ** ********* can **** ****** ** their ******** ******* (**** as ******* ****), *** utilize **** ****** ** attack ****** **** *** transaction ****, ********** *******, or ******** ***** ***** information ****** ***** ** used *** ******** ***** purposes.

Vote / ****

Impact ** ******** *********

******* ******* *** * real ****, *** ***** have ****** ********* *** exploit **** ******* *******, as ** ** **** harder ** ****** ********* internally ******* ********* *** ability *** *****/********* ** do ***** ***. ** will ****** ** **** time ****** **** ** adequately ********** *** ********* for ******** ******** *******, but ** ***** ******** awareness *****, *** ******* vulnerabilities *** ***** ** security ********, *** ****** threat **** **** **** to ** ********* *** doing ** **** ********* involve ********** *** ************ of ******* ** *** network.

Comments (48)

Undisclosed Integrator #1

09/21/17 03:58pm

***,if *** ****** ** “***,” *** ** *** ******* ** * ********/********** ****** ** * ***-********* ***** ** **** **********, **** *** ****** ***** ***** ***** ******* *** ****** ** **** *******. [emphasis added]

*** *** ********* ** the"geo-strategic ***** " that we asked to loan us $1.102 trillion dollars to keep our government afloat? Is this the same 'rival' we are seeking aid to stop North Korea?

Brian Karas

IPVM | In reply to Undisclosed Integrator #1 | 09/21/17 04:22pm

****** ********* *** ******** security ******* *** ****** two ****** ********* ******.

* ****** ** ********* hold ** ****. ***** actually ***** **** **** China *********. ***** *** strategic ******* *** ***** countries ** **** **** debt, *** ******* *** the ** ** ***** debt ** ***** *********.

**** ** *** ****/****** economics ******* **** ** for *** **** **** Hikvision ******** **** **** plagued **** ******** ***************, which ****** *** ******* integrity ** *** ******* they *** ********* **, firewalled ** ***.

John Honovich

IPVM | In reply to Undisclosed Integrator #1 | 09/21/17 05:02pm

** **** *** **** 'rival' ** *** ******* aid ** **** ***** Korea?

**. **** ** *** US '*****' *** ** the******* ******* ******* ** North *****. **** ** *** US '*****' *** ******* North ***** ** * buffer *** ******* ** South ***** *** *** US. **** ** *** US '*****', *** ***** with ***** *****, *** two ** ***** *** cyber ********* ** *** US.

**** ** **** *** US '*****' *** ** the ***** ** **** business ******* - *********** ********* ******* ********** Co. ***.

**** ** *** ******'* Republic ** *****.

Undisclosed Integrator #1

09/21/17 05:22pm

******? ****** ********* *** any ****** ***** *** of * *** ********* on * ******* ****** a ******** (** *** stated) ******* * ******** risk *** ** **** history **** ** *** of *** *******? ******* of * ***** ****** like (********* ** *** company ** ***** *** firmware ******) ***'* **** today, ***, ****** ********* and ******* ** * technical ***** *** **** Hikvision ******* *** * 'risk' *** ****** *** not, ** *** *********, thank ***.

Undisclosed Manufacturer #3

In reply to Undisclosed Integrator #1 | 09/21/17 08:01pm

** *** ***'* **** to *** ** *** will ***** *** ** no ****** *** **** times *** ******* ***. Head, ***** *** **** are ***** **** ****** to ****...

Undisclosed #2

09/21/17 06:58pm

Michael Gonzalez

In reply to Undisclosed #2 | 09/21/17 07:22pm

******, * ******* *** same *****. * ******* his ******* ******, ******* misguided ** *** **** to ****** *** *****'* drank *** ***** *** Hikvision ****-***.

Undisclosed Manufacturer #4

In reply to Michael Gonzalez | 09/21/17 08:36pm

***** ** *** ******* news, * ***** **** drink ** ******* **** and **** ******.

********* *** **** ***** are **** ***. *** drinks ****** ************ ** the *********** ******. **** you **** ****, *** bad **** *** ** put ***** ***** ** your *** *****. *************, Hikvision *** ***** ** not **** ** *** attention. ** **** *** bought * ******* *****, they ***** *** ******* so **** *********.

Undisclosed Manufacturer #5

In reply to Undisclosed #2 | 09/21/17 11:52pm

****** ***'* ****** *** Marty, **'* ******** ** didn't **** ** ***. It ***** ** ******* hackers ****** ** **** the **** *****.

** ** * **** trying ** **** *** team ******** *** **********.

*******, ***** **** *** who ****'* ****.

Undisclosed Integrator #6

In reply to Undisclosed Manufacturer #5 | 09/22/17 12:15am

****, ** ** ********** that ** ***** **** in **** ****** *********** after ***** ** ******* IPVM ** *** *********** posting. **** ** ****** it ** * "***-********** experiment".

John Honovich

IPVM | In reply to Undisclosed Integrator #6 | 09/22/17 12:19am

*********, *********, ****** ** home :)

Undisclosed Integrator #6

09/22/17 12:32am

** ** ********** **** Genetec ***** **** * bold ****** **********. ***** are ***** *** **** are, ************, ****** *** opposite ******** *** ********* lower **** ******* ** let *** ****** ******* sales **** **. ******* really ******** ****** *** being ** ***** ** the ***** ** ****.

Christian Laforte

In reply to Undisclosed Integrator #6 | 09/25/17 02:02pm

* ***'* **** ** impressive - **'* ****** business ********. ********* ** one ** ***** ******* threats ** *** ********* side. ****** *** *** Hikvision ****'* ****** ** be **** ******* ********* anyway.

John Honovich

IPVM | In reply to Christian Laforte | 09/25/17 02:07pm

********* ** *** ** their ******* ******* ** the ********* ****.

**** ********* **** **** about **** **** ** knowledge ***** *** ********* side **** ********* ** Genetec, ***** * ** pretty **** **** **** that ** *** *** case.

******: ******* **** *** even **** ** ** a ****** ** ******* camera *****, ********* *****, where ********* ** ******. And ** *** **** end, ***** ******* ** strong, ********* ****** ** recorder / ********** ****** anywhere *****.

Christian Laforte

In reply to John Honovich | 09/25/17 02:26pm

**, * ***** **** Hikvision ***'* *** ** the ***** ***** ** have ********* **** ** our ****** *** ********** with. *** ** ********* is **** *******'* ****-**** competitive ****** ** **** cheap/free ********* ******** ********* to ******* ** *******, making *** ***** ******** more ************, *** **** it ************ **** *** Genetec ** ******* * premium *****.

********* ********* *** ****** of * ******** ** continue ********* ***** ******** and ******** ** *******-**** with *******. *'* **** that **** ** ***** projects ** ***** (**** untold ********* ** *******) have **********-***** ********. * know *****-**** **** *** quality ** ******* ******** isn't ** *** **** North ******** *********, *** if ********* ****** ****** to, **** ***** ******* hurt *******'* ****** ****. I ***** ****** **** and *** **** *** being (******) ********* ** raising ********* ****** ***** market - ****** ** less ****** **** ********* will ** ***** ** and ******** ** ***** on ****** ****. ;-)

*********

Undisclosed Integrator #6

In reply to Christian Laforte | 09/26/17 05:46pm

*** ** ********* ** that *******'* ****-**** *********** threat ** **** *****/**** recording ******** ********* ** improve ** *******,

*** *** ****** *** assumption **** ******* ** not ******* ********** ***** product ** *** *******.

Undisclosed Manufacturer #5

In reply to Christian Laforte | 09/26/17 05:50pm

***** *** **** **** Source ******** **** **** Office *** * **** time *** *** ********* has ******* ***** ***** to * ************ *** they ******** ** ****. They *** ***** *** Enterprise ****** *** *******.

Corey McCormick

In reply to Undisclosed Manufacturer #5 | 09/28/17 11:36pm

* ** *** **** I ***** ***** **** is ** ****** ** apple *******. ** ****** Novell **** ***** ** changing *** ********* **** they ******* ********** **** their ********* ****** *** a **** *** ****. Once **** **** ****** raised ****** ***** *** network ****/****** ******* **** exceed ******** ****** **** charged (********* *** *********).

**** ****** ** *** all **** ***** **** and ** ******** ***** to **** * ****** something ***** ***** *****. They ***'* **** ** know ********. **** ********** do *** **** **** to *** *** **** extension ****** ***** ** how **** ********* ****** to ****** *** ******* apps. ** ****** **** Office **** ********... * really **** **** ****** was ****** ** *** vendors/markets **** ******* ***********. WordPerfect ****** *** *** last **** ********** *** they **** *** ********** and ********* ** ** who *** ** ********* job ******** ******** *** squashing ***** *********** **** a ********* *****, *** excellent ******* ***** **** to *** **, ******* integration *** ********** *******. In *** * *****, in *** * *****...

** ** ******** ** a ************ ******* **** can't **** *** *** model **** *******. **** folks ** *** **** the **** ******* ** Office *** *** **** skipping ****. **** ****** hurts *** ** ****** line. **** **** ****** to **** ****** ****** to ***** ***** *** to **** ******* ****** their *** ** **** them ******* **** ******* something *** ****** **** or *** **** ****. It ** *** ***** products, ** ** ***** making ***** *** *** still *****.

**** ** $*.**...

John Honovich

IPVM | In reply to Christian Laforte | 10/01/17 03:16pm

*** **********:**** ********* **** ******* In *** ********?

Undisclosed Distributor #7

09/22/17 05:40am

***** ***** ******** **** apply ** **** **** Chinese *********, ** ******* everyrhing ************ ****** ******* borders?

* ****, *** *** intercepted ********** ********* ** transit, *** ******* ************ is ******** ******* ** the ****.

** **** ***** ** we **** **** **** and ***** ***** ***** on? ** ******* *** concerns *** ******* ***** security **** ** ****, but ******** ***** ** intentionally **** **** ** another *****.

******* **** *** ****-*** HikVision ***** *** **** to **** ******** ** other ******* ****, **** them ******** **. *********, this ** ******* ********..

Undisclosed Manufacturer #5

In reply to Undisclosed Distributor #7 | 09/22/17 06:18am

**** **** *** *******!

******* ******** *** ******** posted * **** ****** way ** ****** *** disable *** ******* **** aren't ******* *** **** latest ********, ****** **** OEM/ODM ****** ** ****.

**** ********** *** ******** postings ** * ********* discussion, **** ****'* ** the "*******" ********** **** what * ****.

**** ****** *** ***** the "*** *****" ******** many **** *** *******'* warning **** ******** *** gate ***** ****** *** refrigerator ********** *** ***** already ****** ** ****.

***** ***** ** ** benefit ** ********** *** use ** *** ***** of ****** *** *******, except *** ***** **** they ****** ***'* ***** into *** ********** ******. Do *** ******* **** have **** ******* *** this *** **** ******?

*'* **** ** ******* manufacturer ****** ** ** HIK's ***** ****** *** security ****** *** *****'* disclose **** ***** ******, Genetec **** ****** ** that ** ****, ********** of ****.

Undisclosed Distributor #7

In reply to Undisclosed Manufacturer #5 | 09/24/17 11:35am

** * ******, *** correct ** ** *'* wrong ****, *** **** you *** ********* ** cannot ** ********* ** being ** *********** ********.

*****, ***** ** * clear ********** ** ******** in ********** *** *********** backdoors **** * ************. Its ****** *** *********** backdoors ***** ** ******** more ******* **** **** has **** *********.

************* ***** ** * high *********** ** * big ****** ** **** days ** ******** *** software ****** *** ***** in **** ********. ** far ********* *** *** a **** *** ***** record, *** ******** **** become **** ** ***** soon ******.

John Honovich

IPVM | In reply to Undisclosed Distributor #7 | 09/24/17 11:57am

** *** ********* *** had * **** *** track ******, *** ******** will ****** **** ** class **** ******.

#*, **** ***** *** to ******* ********* **** become '**** ** *****' at ************* '**** ******'?

Undisclosed Distributor #7

In reply to John Honovich | 09/24/17 05:30pm

******* *** ********* *** their ******* ******** ************* relies ** ***** ** least ** *** **** the ***********, ** *** levels.

******* ***** ***** ******* bad **********, *** ***** culture *** ********* **** western ****, ***** ** par **** *** ******* if **** **** ** reach ***** *** ***** term ***** *** *********.

******* ******* **** *** company ***** ******** ******* in *** **** *** the ********* ******* ** development, ********** *** **** organization. *** **** ******** is *** **** ***********, nor ** ** **** steps ****** *** *********** established ************.

"**** ******" ** * relative ****, *** * suspect **** ** ***** the ******** ** ********.

Michael Gonzalez

In reply to Undisclosed Distributor #7 | 09/25/17 10:24pm

#*, **** ** ***-**** perspective, * **** ***'** right. **** **** * long *** ** ** to ** ** ***, and ** **** ****** way ** ** **** in *****. ***** ***'** right, *** **'* ***** to **** **** ****** if **** **** ******* people ** **** ******* boards **** ******** ***** on ***** ********* *********** rather **** ******* ** work ** ***** ******. I'm **** **** ***** is ****, *** **** to *** ******* ** we *** ***** ** love *** *****. :)

Corey McCormick

In reply to Undisclosed Distributor #7 | 09/29/17 05:22am

* ** *** **** doubt *** ****** ******* to ******* * **** term ****. (**** ** how *** ****** ******* supercomputers ** ****** *** Intel/AMD **** *** *** use ***** **** **** home *****.)

**** ** *** ** the **** ******* ************* tasks *** ***** **** on ***** ******** * modern *** ** * Supercomputer, *** ******* **** years ** **** ****, massive **********, ****** *********, corporate *********, ** *****, economic ********, ***... **** have ****** ****** ** from ***** **** **** 50 ***** ****** ** tech ** ***** **-** years.

Corey McCormick

In reply to Undisclosed Distributor #7 | 09/29/17 05:21am

* ***** *** ***** actor ***** ** **** a ********* ** ***** a ********* ********** ********* backdoor **** ***** **** some ************* ******** ** them. *** **** ***** they ***** **** ** to **** *** ***** plausible ***********.

**** ***** **** ******** "accidental" ********, **** **** everyone **** ******* ******** to **** ** *****.

* **** ** *********** as ** *** **** are *****, *** ***** is ** ****** *** not ****** **** **** discovered.

Undisclosed Distributor #7

In reply to Corey McCormick | 11/09/17 08:39pm

* ***** **** *** point ** ***** ***** have ** **** * plausible ***********. * ******* such ******* ***** ** different ** *** ******* "childish" ******** ********* ****** because **** *********** ****** the ****** ** ***** sold ***** ****, ***** being *****************.

Igor Falomkin

AxxonSoft | 09/22/17 06:00am

*'* **** **** * camera ******** ****** **** be *****, *** * think **** ** ** attacker ******** ****** ** an ******** **** ******* then **'* **** ****** not ** *** ** hack * ******, *** just ** ******* *** network ******. *** ******* the *** *** ****** intensive ********* *******. **** with * ***** ****** may **** ** *********** of *******, **** **** packages (*** ********* ** video) *** ** **. Or ****** ********** ** devices **** ** ********* that ********** *** ******* ones. *'* **** **** an *********** ** ************* may ******* **** **** ideas :)

Igor Falomkin

AxxonSoft | In reply to Igor Falomkin | 09/22/17 06:33am

* ***** **** **** of **** (** ** easy ** ***** * CCTV ****** *** ********** of *** *******) *** be ******* *********** ********* article **** *** **** team (****** * *** for **** ********!).

Undisclosed Manufacturer #4

In reply to Igor Falomkin | 09/22/17 07:13am

** * "*** ***" gains ******* (****** ** the ********* ******, *.*. Telnet) ** *** ****** in **** *******, ** can ** **** ******.
******* *** **** **** be ** **** ********** to *** *** ****** for ******** ******* ******* more *********** *******. *** camera ** **** * tool/relay *** ********** *******.

** *** *** *** camera ** **** ******* of ********* ** **** network. ** *** ** not **** * **** or ********* *******, ******* control ***** ***-******* ***** be **** ***********, *** example.

** *** ****** ******* in **** *******.

** *** ******* *** spoofing (*****://**.*********.***/****/************) ** ******* the **** ** **** in **** *******. **** way ** ***** ******** the ******* ******* * computers ******* *** ****** and ** *** *** the ****** ** ****** all *** ******* ** analyze ** *** *.*. find *********.

** **** ******* :-)

*********: ******* ** ** ARP ******** ******
*** ***** ********* ****** ARP ******** ** ** exploit *** **** ** authentication ** *** *** protocol ** ***************** ******** **** *** LAN. *** ******** ******* can ** *** **** a *********** **** ** the ***, ** **** an ********'* ******* **** is ********* ******** ** the ****** ***.
*********, *** **** ** the ****** ** ** associate *** ********'* ******* *********** ***** ********* * **********, ** **** *** traffic ***** *** *** target **** **** ** sent ** *** ********'* host. *** ******** *** choose ** ******* *** packets (******), ***** ********** the ******* ** *** actual ******* *********** ** avoid *********, ****** *** data ****** ********** ** (***-**-***-****** ******), ** ****** *******-**-******* ******** ******* **** ** all ** *** ******* on *** ******* ** be *******.

Undisclosed #8

09/22/17 07:38am

**'* *** **** ****** cameras **** ********** ** insider *****, ** *** also ** *** *** as **** ** *** Mirasys ****.

Undisclosed #9

09/22/17 08:19am

*** ****** ***: “*** you ***** *** ******** yourself?” ********* ********, *** answer **: “**.” ****, you *** ******* *** know *** ****** ** people *** ***** *** software *** **** ******. And, ** *** ****** is “***,” *** ** was ******* ** * military/government ****** ** * geo-strategic ***** ** **** government, **** *** ****** think ***** ***** ******* the ****** ** **** network.

*******: *** ***, **** a ****** ********* *** you ****** * *** let *** ******* **** device. *** *** ***** the ******** *** *** camera ********?
***: * **** ***. And ** *** * real **** ***** **** you, * ***** * whole *** ** **** new *.***+ ***** *****, but ** *** **** something **** *****...
*******: ****'* *** **?
***: * ***'* *** any ** **** ****, its * ******** ****. I'm ********* ** *********, read-only ***** ***** *** the **********, ******** **** protected ******. **** ** closer ** *** ***** that ***.
*******: ***. **** ********, are *** ******* *** a ******** ** ********** agency ** * ***-********* rival ** ******** ******* we *** ********* **?
***: *** ***** ** just ***** ** ** was * ***...

Jon Dillabaugh

Pro Focus LLC | 09/24/17 12:59pm

**** ******* ***** ** over ******** *** ****** I **** ***** **** times. * **** **-********** it **** *****.

** ****** ** ******* attack, *** ***** ****** put *** ****** ******* on * ********** ******** network. **** ***** **** they ******'* ***** * firewall, ******* *** ******** network ***** ***** **** see * ********. ** would *** **** * gateway. ** ***** *** have * **** ** the ********. ** ***** be ***** ***** ** every *****.

** ****, *** **** connection ** *** ******* world ** *** ******* would ** **** **** VMS ******(*) ***** **** a ******* ********** ** this ******** ******* *****. No ***** ***, ************, IoT *******, ** *** other **** ***** **** physical ******.

** *** ***** ** have ****** ** *** VMS ******(*) *** *******, you ***** **** ** additional *** ********* ** connect **** ****** ** the ********* ***. ** no ***** ***** *** two ******** **** * single ***** ** *******.

** **** *****, *** only ****** ****** ** the ****** ******. ** if ** **** *******, this *** ** ****** that ** *** *** STILL *** ****, **** it ** *** ****** ITSELF **** ** ****** vulnerable.

** *** ** ****, what ******, ** ***, could ** ******** ****** do ** **** ********** separated ******* **? ** cannot ******* *** **** "home". ** ****** *** other *** ** ***** corporate ******* ****. ** is ***** ** *********, unless **** **** * way *** **** ****** to **** ****** **** another ******.

****** **** **** ** that **** ******** **********, networks ********** *** *** servers **** *** ********* are *** ****** *******, not *** *******.

John Honovich

IPVM | In reply to Jon Dillabaugh | 09/24/17 01:03pm

*** ***** ******* ** see** *** ****** ****** this ** ****, ** **** ** rewrite *** ****** **********.

Undisclosed #9

In reply to John Honovich | 09/25/17 08:22pm

*** ***** ******* ** see ** *** ****** debate ****** ****, **** **** :)

Undisclosed #8

In reply to Jon Dillabaugh | 09/24/17 02:36pm

***** *** ***** **** issues **** **** ********** of ******** ******** **** there's * **** ****** of *******:

********* * ********** ******** network **** **** *** share *** *******, ********* or ******* **** ******** else ** **** ********* unless *** **** **** a ****** ** *******, and ** *** ** the ***** ******* ** use ** ******* ** no ***** ******* ***** the ******* ********** ** network ************** ** ****** in **** ********* ***** to ** ***** ****** or **** ******* **** to ** *********.
** ************ *** ** Internet ********* **** ***** that ********* ******* *** accurate ****** **** ***** extra ******, ** **** compromises *** ** ****** for *************.
** *********** ********** ** distributed *****, *****'* ****** a ******** ******* ************* team ** ********* ** the *********, ******* **** site *** ***** ***. Getting ****** *********** ** a ******* *** *** be ********* **** ** you ***** ******* *** price, *** *** ******** of ******** *** ** it ******** ** *********** in *** *** *** tiniest ** *************. ***** network ******** *** ********** - ******* ** **** are - **** ************* to ****** ******* ** data **** *****'* ****** to ****.
** **'** ******* ******* insider *******, * ***** also ***** ** *** network ***** *** ** minimum ****** *** *** a *** ******* *** gets ******** ****** ** switches. ******** *** **** guy *** ****** *** physically ******** ************ *******, or **** *** ******* who ****** *** ******* door *** ***. ******** security *** ********* ********** is ****** **** **** there's * *** ** people ********.
*** ******* ***** **** as **** *** ******** will ** *** *** defeat **** ********** ********. An************* ****** **** ** office ******** *** ********* cameras *** ******* *** realizes **** ***** **** need ***** ****** ** the ****** ******* - the ********, ****** ***-********* approach - ** **** in ***** **** ******** network *** ** *** right ***** ** ******* own *** ******** ** just ***** ******. *** they **** *** ** to *** ** ********, sweet **** *** *** to *** **** ****** a ********** ****** ******* cable ** *** ********* switching ******* **** *** reception *** *** ***** too **** **** *****. All ************** **** ** ** is ** **** ** the ******* *** **** it **********, *** **** could ** ** ** many ***** ** ****** to ****** *******, ****** without ****** *********** **.

**** *** ********** ******** exploits **** *** ******* involved *** *** ** motivation *** ******* ** overcome *** ******* ******* with *** ********. * grave ******* *** *********** *** ********* *** and ********* ** ** is ******* ********* **** makes ****** ****** ** the ****** **** ** them ** **** ** not. ** **** *** tell **** **** ** the ******* ***** ** be ******, ** ****** the ***:

***** **** ****'* ******** robbing * ******** **** warehouse ******, *** ***** Jane *** ******* ** the ****** *** *** second ******* ** *** new *** ** *** waybill *******, *** *** just ***** ******* **** about *** **** ***** of ******** ** ******** services *********** ** *******, and **** *** * headline ***** ** **** hack ** ******* *******. As * ** ********, she *** ********** **** computers *** * *** naïve, *** ********* **** the ****** **** *** kept ******** *** *********** at *** *****, *** it *** **** ****** the ****** ** *** way ** *** ********. After *** ***** *** yielded ** *** *********, planted * *********** ** the ******* *** ******* the ****** *** *** electronic ***** *** ********** broadcasting ** *** *******. Sitting ** *** ****, seemingly ******* *** **** idly ****** ****** *** network **** *** ******, she *** ********** ** harsh *******: *** ******* password ****** *** *** could *** ****** *** locks *** *** **********, disable ******* ** ****** and ** **** ***** things ** **** *** tracks. *** **** *** was **** ** ********, but *** ******* ** was ****** ***.
**** ******** **** ***** she **** ****** ******* a ******** **** **** her **********. *** ***** ten ** ** ******** and ***** ***** **** she **** **** - one ** * **** - ****** **** ** for ** ******, *** thinks. *** ** ***** still *** *** ***** master *** ** **** to ******* ** *** needs ****.

*** ********* ******* ***** is **** ******** ***** on ******* - ****** in ******* ******** *** even *****. ********* **** scenarios *** ** ******** in ******** *** ** details ** ****, *** the ****** *** ******, the **** ****** ******* will *** **, *** some ******** ***** *** actually **** **** ****** than **** ***** ** be - ** ** know.

Jon Dillabaugh

Pro Focus LLC | In reply to Undisclosed #8 | 09/24/17 02:51pm

******** ******** ****’* ********* or *********** **** *********. You ***** **** *** same ****** ** ******* ports.
**** *** ***** ** this ** **** *** camera ******* **** ******? That ******* ** ******** updates, ****** *******, ***. You **** **** ** remote **** *** *** server ** **** ***** changes.
* ***’* *** **** “centralized **********” ********. *** you ****** **** **** security **** ****** ******** manage ****** ******** ********? Or *** *** ****** the ***** ** **** won’t ** **** ** follow ********* ********* *** separate ********?
*** ** *** ******* to *** ***** ***** we ***** *** *** with *** ***** ***** or **** ** ***** to ****** * ****** instead ** ********* *** server **** ******? **********, really.
*** ******** ***** ** outsider **** ***** ****** to *** *** ** going ** ** ******** for *** ********* ****** on * ********** ******** network? *** ******’* ***** he ***** **** *** something ** *** **** network ** ***** ****? Wouldn’t *** ***** **** Hikvision ****** ***** ********** still ****** ******** *** damages ********, **** ** Tom ****** ****** **?

John Honovich

IPVM | In reply to Jon Dillabaugh | 09/24/17 02:57pm

******** ******** ****’* ********* or *********** **** *********. You ***** **** *** same ****** ** ******* ports.

********** ***** **** (********* ** ********* ** Video ******** **********) **** ******** ******** are **** ********* *** more ********* *** ******, multi-site *************.

Undisclosed Integrator #1

In reply to Jon Dillabaugh | 09/24/17 04:18pm

***- ** ***** ** difference. ** ***** ***** a ********* ******, **** it ** *** ****** of *** ******* ***** with ** *********** *** there **** ** ********** that ***** ** ** Hikvisions ***** *** *********, anything, ** ***** ****.** has ****** ** *** point ***** ***** ****** sense ***** ** ********* in *** ******* ** downplay ********** ******** ********* of *** ********.

** ** *** ***** the **** ** **** comment *******, ******** *******, denouncing ** ********, ***. are *** ***** ** the ***, **** ****.

Undisclosed #9

In reply to Undisclosed Integrator #1 | 09/24/17 05:27pm

...********** ** ********, ***...

*'* ***** ********** ** myself, ** ************ ***** stick ********!

Brian Karas

IPVM | In reply to Undisclosed Integrator #1 | 09/24/17 06:09pm

** ***** ***** * Hikvision ******, **** ** in *** ****** ** the ******* ***** **** no *********** *** ***** will ** ********** **** swear ** ** ********** fault *** *********, ********,it ***** ****.

** *** ** **** and **** ** ******* covering ********* ***** ******** issues, **** ********* **** strongly **** ******* *********** of ********/*************** ******** ** Hikvision ****, ***** ********, hardware, ***.

*** *** ******* **** "it ***** ****", ***** is *********'* ***** *** their **** ***** ********.

Undisclosed #8

In reply to Jon Dillabaugh | 09/24/17 04:27pm

*'* *** ****** ** cannot ** *********** **********, *** ***** ***** you **** *** **** of *** ******* ***** physically ********? ******** *** other **** **** ******** too. ** *** *** 20k ***** ** ****** over * ******* ******* or ******* (*'* *** talking ***** **** **** small ****** ****), ****** managing *** ******** ** not *******. ** *** be ***** **** ***** of ********** **** ** you ****'* ******** *** actual *******. * ****** agree ** ***** ** good ** **** ******* security *** **** *** it ***** ** * cost.

** ******* ***** ******* that *** ** *** security ******* **** ** airgapped, ** ***** ***** very ****** ******, ** in ******** ***** ******** connect ******* ******* *** typical **** **** *** other ******** ***. ***** networks *** ** ******* and ******* ** *** best ****** ********, ****, but ********* ** ** so **** ** ****'** often *** **** ***'* hope. *** ***** ****'** managed **** **** * few ****** ** **** office ******.

****'* *** ******* (****, found **** ****** ***** search) ** * ****** security ******* ******* * vulnerable *** ***** ******** the ********** *** **** might ** * ****** store *** ***** ******: http://www.mikkelinvartiointikeskus.fi/media/Valvomo_uusi.JPG. * ****** *** their ******* ** *********** and *** ************** ******** the ******* ***.

***** *****'* **** **** in *** *** *** as ***** ********* ** rob **** ******, **** though *** **** **** themselves *** ***-***** ********** with **** * ******* guarded *** ** ***** the ******** *******'* *** to ******* *******. *** also ****** *** **** SD *****.

***** ******** *** ******, yes, **** ******** ***** do **** **** ** well, **** **** ******* on ***** **********, ********* and *** *** ***** is *******. ** ** certainly****** ******** *** ******* and * ********* ***** to ****, *** *'* saying ** **** **** can't ** ********** ********** with ******** ********** ** networks ***** ** **** industry ******** ********* ******** because ******* ***** *********. Not ****** *** *** to ** ******** ** everything ** **** ****, just ******** **** ****** that "** *** ***** ever **" ******* ******* will.

***** *** ***** *** being **********, * ****** with **** *** **** to * ******** ** typically *** *** ****** administrator *** ***** ** entirely ************ ** **** context. **** *** ***** of *** *****'* ****** more ****** *** ** a ******** ** ******* any **** **** ****** if **** ** ****. If **** *********** ***, say, * ******* ********** people *** * ****** of ******* **** *** allowed ******* ****** ** the *******, **'* ***** plausible **** ********** ******* could ** ****** **** shouldn't ** *****, ** only ** ************ ******* unencrypted **** *** ******* to ***** ***, ** to **** *** **.

*** ****** *** ******* would ****** *** ****** instead ** * *** for ******* *** ** that ****'** ****** *** interested ** **, ***'* want ** ***** ***** logging ******* ** ****, and **** **** *** camera(s) ** ******** ** to ***** ** *** convenient **** ** **** to **** *** ******* carefully. **** '********* ****** data' ** ***** *** as ****** ** **** doing * ****** ******* to * ****** ******. Another ********** ******* ****** be *** ***** *** recordings *** ********** ** typically ******* ** *** filesystem.

****** ******* ** *** image ***** *** ******* monitor ***** ******* ** night (**** ***-************** *********)******* **** ** ******** to **** ***** ****** monitoring **** **** *****, because ** *** *************** **** ********** ********* *** ******** *** night ***** *** **** choose ** ****** *** admin ** **** ******, regardless ** ******* *** cameras *** ****** *** walls ** **** ****, or ** ******* **** of *** *****.

** ** * ******* representation ** * ******** "insider" **** - ** my **** - ***** it *****'* ****** ****** how **** **** ** it ** **** ** a ****** **** ** broken. **** **** *** VMS ****** ***** **** be ****** ****** ** the ****** *****'* ********, where **** ******* ***** brilliant ******** ****** **** the ******** ******* **** the ******* ****** ** a ****-**** ****, ******** the ******* **** * relative ********. ******* ******* are ******** ******** **** they ***'* *** **** scrutiny.

Undisclosed Manufacturer #5

09/24/17 04:40pm

**** ** ******* ****** up * ***.

******* ***** *** ****** responsible *** ******** *** data ******** ** * medical ******** ********** ******** by ****** ****** *********, who ****** *** ******, and **** ** ** provided ****** ** *** network.

***** **** ******** ***** dorm ***** **** *** computer ******* ******, **** on *** ****** *******.

* *** **** *** and ** ****'* **** the ***** ** **!

Undisclosed Integrator #1

09/25/17 02:30pm

*** ** *** ********* are ******* ****** *********** and ****** **** ***** that ** *** *** us. **** ** *** need ** **** **** we ** ** **** do **** *** *******, and **** **** *** everyone *** **** *** Hik *****

Undisclosed #8

In reply to Undisclosed Integrator #1 | 09/25/17 03:26pm

***'** ****** ** ****** stop ********** ******* ******* altogether ******* ******* ***** get *****? * ****** cringe **** ****** ******* ignorance *** ***** ** sand. **'* ****** **** a *** ** ** seems ** ******** ** the ******** ********, ***** that ***** ******** *******. Perhaps ******* ******* ***** discussions ** ********* ******** to *** ***** **** just ******** ***** ** their *******.

Undisclosed Manufacturer #4

In reply to Undisclosed #8 | 09/25/17 10:15pm

* ***** ***** **** you!

* *** **** *** security ******** ****** ** think ***** **-********!

**'* **** *** * change ** *** *******. If *** (****** ** these *****) ** *** agree, **** ****** ***** about ** **'* **** to *** **** ******* colleagues **** **** *** IP-Projects!

Corey McCormick

09/29/17 04:55am

****** ********, ***** *** supported ******** ******* *** a *** ***** ***+ site ************, ** *** it ** *** * big **** ** ****** separate ********, ** ** no *** ********. ** you ***** ** *** the **** **** ** straightforward ** *** ***, you ****'* *** ******** a **** ******.

*** ******** ******** ** not *** ****** **** any ***** ******** ** their *** ********.

**** * ******* *** security ***** ** ******** that **** ** *** close **** *** **** ever ****** **** *********** contribute *** ***** ** all **** ** **** society *** ******** ********. There *** ****** ****** parties ** **** ****, not **** *** ******** published ****...

********* *** ***** ***** trump *********** ** ******* design **** ***** **** I *** *****. ******** Security ******* ** *** of *** ***** *********** of ** *** ******** which *** * ******** reputation ** *** ** I *** ***. (** me ***** ****** ******, motion ******, **** *****, lighting **********, ***.. ** a ****** ** *** IOT *****, ******* **** physically ****** *** ******, IP, ****, **-***, ***..) If ** *** ** managed ** *** ** mismanaged/exploited.

** ** ********** **** to ** **** ******** network ********* ****. * have ***** ** ** various ****** **** **** folks ******* **** ** and ****** ***** *** results ********* *** ***** wanting.

******** ** ***** *** inverse ** *********** *** always **** ** ** design. *** ***** *** making ******** ********* *** manageable ****** *** ***** and ****** ******** ********* have *** **** ******* yet *** ***** *** for * ***** ** ever. ******** ** * process, *** * *******, but ****** **** ** BUY ******** **** ****** who **** ********. **** isn't ****** ********, ** cameras ** ***.

*** ***** ******* **** isn't ******** ******, **** is **** ******* * different ******* *** *****. IT *** *** **** sort ** **************/**************** ******** environment ***** ****** * was *****. ******** ** the **** ** * part ** **. (**** it ****** ***, *** the "*" *** ****** video, ** ** *** counted ***********, *** ** wasn't ****** ********* **** either.)

** ***** ** **** the **** ****** ******* things ** ********** **** secure, *** ****** **** nearly *** ** *** recent ******** **** **** via **** ****** ** large **** *******. ** wasn't ** * **** server ** * ******** company ******. **** ** just * ******* ******** for ******* ** *** for **** *******. **** do *** ** ******* deliver * ****** ******* value **** ** *** past. **** **** ***** a *** *** ** create ****** ****-** **** contracts ******* ** *********** feature *****.

********** ***** **** ** because *** ***** *** predictable *** ***** ** advance. **** *****'* ********** make *** ******* **** or *********/********. **** ****'* as ********* ** ******* particular ********* ** ********.

***** *** ********* **** their *** ******** ***** seriously *** ****** *** vendors **** ******** ** provide ***** **** *********, are ********** *** ******* the ****** ****** ** security *** ******** ******** for ********** *****, * do *** *** **** changing.

**** **** ************** ** seem ** ** ********* as * ******* ** humans, *** * **** that ** ****** ***** with **'* ********* ***** to ****** (**** *** bad). **** ** ********** of *** **** **** the ***** ** ** IP ****** ******* ** falling **** * **** while *** ***** *** storage ***** ****** ** the ***. (******* ******* vs. ******* *******)

*** **** * ***** job **** ********, *** the ******* ******* ** not ** ******. ** also ** ******** ** us ** ********* *** us ** *******. **** the **** ********* ************ are ****** **** ****** cap, ***** *****, ********* sales *******, *********, ********* bonus *******, ****** *****, etc... ** ****** ******** is ** ***** ****** the *****...

*** *** ************* *** more *********** *** *** people ****** **** ***** it ****** ** **** with ***** ******* ** either *********... ** ******* we **** ****** ********* to ****** ** ******** else ***** *** ** the ********* *******, ***** options, ***.. *** ***** on **** ** ******, but ******* ******** ** not ******* *** ** their ********.

*** *** *** *** market **** ****** ***** who *** ** *****, but * *** ** will *** **** ** the ****, ******* *** buyers ** *** ********* select *** **** **** is ** ***** **** term **** ********. ****** are ********* ******** ** the ***** ******* ** well, ** ***** *** metrics *** ********* ******** are * *********** **** of *** ********* *** salaries, *******, ******** **********, future ******, ***... * do *** *** *** this *** ******.

***** ****** ** ** neighborhood *** ** *****, I ******* *** *** only * *** ***** with **** **** *******... No ****** *** **** we *****, ***** **** didn't *** **... ** only *** ****** **** the ****** ******* ******* things ** ******* ******* and ****** ***** ** learn * ****** *** more **** **** ****** to **** ** ***** latest ******. **** **** at ***** * **** step ******* ******** ** a *******.

** ******* *** ******** tone **** ******* *** with, * ***** ***** is ****, *** *** until *** ******** ******. Denying *** **********, ************** and ********** ******** ** solving **** ** **** perpetuating *** ****...

***** *** "...** *****'* matter *******..."... ** **** matter * *** *** so **** **** *** the ******** ******** ***** and ** *** ****** ANY ******* **** *** vendor.

Login to read this IPVM report.

Why do I need to log in?

IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Most Recent Industry Reports

Access Control Job Walk Guide on May 22, 2019

Significant money can be saved and problems avoided with an access control job walk if you know what to look for and what to ask. By inviting...

ASCMA / Monitronics Declares Chapter 11 Bankruptcy on May 22, 2019

Monitronics is entering into Chapter 11 bankruptcy. The company, also called Ascent Capital Group Inc., aka ASCMA, aka Brinks Home Security,...

US Considers Sanctions Against Hikvision and Dahua on May 22, 2019

The US government is considering blacklisting "up to 5" PRC surveillance firms, including Hikvision and Dahua, Bloomberg reported, with human...

Dahua USA Celebrates 5 Years of Errors on May 21, 2019

Dahua USA is, in their own words, 'celebrating' 5 years in North America or as trade magazine SSN declared: Dahua Technology finds success in...

Axis ~$150 Outdoor Camera Tested on May 21, 2019

Axis has released the latest in their Companion camera line, the outdoor Companion Dome Mini LE, a 1080p integrated IR model aiming to compete with...

Covert Facial Recognition Using Axis and Amazon By NYTimes on May 20, 2019

What if you took a 33MP Axis camera covering one of the busiest parks in the US and ran Amazon Facial Recognition against it? That is what the...

Amazon Ring Public Subsidy Program Aims To Dominate Residential Security on May 20, 2019

Amazon dominates market after market. Quitely, but increasingly, they are doing so in residential security, through a combination of significant...

LifeSafety Power NetLink Vulnerabilities And Problematic Response on May 20, 2019

'Power supplies' are not devices that many think about when considering vulnerabilities but as more and more devices go 'online', the risks for...

Facial Recognition Systems Fail Simple Liveness Detection Test on May 17, 2019

Facial recognition is being widely promoted as a solution to physical access control but we were able to simply spoof 3 systems because they had no...

Inside Look Into Scam Market Research on May 17, 2019

Scam market research has exploded over the last few years becoming the most commonly cited 'statistics' for most industries, despite there clearly...

Genetec CEO Warns Against Insider Threats

Comments (48)

Undisclosed Integrator #1

Brian Karas

John Honovich

Undisclosed Integrator #1

Undisclosed Manufacturer #3

Undisclosed #2

Michael Gonzalez

Undisclosed Manufacturer #4

Undisclosed Manufacturer #5

Undisclosed Integrator #6

John Honovich

Undisclosed Integrator #6

Christian Laforte

John Honovich

Christian Laforte

Undisclosed Integrator #6

Undisclosed Manufacturer #5

Corey McCormick

John Honovich

Undisclosed Distributor #7

Undisclosed Manufacturer #5

Undisclosed Distributor #7

John Honovich

Undisclosed Distributor #7

Michael Gonzalez

Corey McCormick

Corey McCormick

Undisclosed Distributor #7

Igor Falomkin

Igor Falomkin

Undisclosed Manufacturer #4

*********: ******* ** ** ARP ******** ******

Undisclosed #8

Undisclosed #9

Jon Dillabaugh

John Honovich

Undisclosed #9

Undisclosed #8

Jon Dillabaugh

John Honovich

Undisclosed Integrator #1

Undisclosed #9

Brian Karas

Undisclosed #8

Undisclosed Manufacturer #5

Undisclosed Integrator #1

Undisclosed #8

Undisclosed Manufacturer #4

Corey McCormick

Login to read this IPVM report.

Most Recent Industry Reports

Member Login

*****: * ARP