Hikvision Exec Is PRC Ministry of Public Security (MPS) Leader

By John Honovich, Published Apr 27, 2016, 05:43am EDT (Info+)

An NVIDIA presentation shows a Hikvision executive is simultaneously a leader within the PRC government's national security ministry.

**** **** ******* ** *********'* ********** that *****-***** *********** ****** *** ****** of *********.

** **** ****, ** ******* *** relationship *** **** **** ***** *** Hikvision *** *** ****** ******.

Executive / ******

* ********* *** ******** ************ ** a ** *******'* ********** (******) **** conference. **** ** *** ********* ********* their *********:

** ***** * *****, ** *** 'privately' **** *********, ** *** ********** owned ******* ********** **** *** *** national ********** ******, *********** ** ****** ********.

Ministry ** ****** ********

*** ******* ******** ** ****** ******** is *****'* ******** ******, *** ** addition ** ******* **** ******* ****** (like ******, ********, *******, ***.), ** in ****** ** *********** '******' ******* the ********* *****.

*** ******** ******** ********* *******, ***** ********:

"*** ******** ** ****** ******** ******** the ********* *******, ********** ****** ********* and ************ ****** ** *********. ******* are *** ******* ** ** ******* during **************; *** ******** **** ** right ** ****** ******, ********* ***** right ******* ****-*************. *********** *** ****** rarely ******** ** ********* ****** *******, and ******** ********* ********** ****** ****."

******** *** ****** ** ******* **** the ********, ******, *** ******** ** be ********** ** ***** *** ** ********** ******:

*** ******** ** ****** ********, *** agency ** ****** ** *** ******, claims **** *** *** ** ******* confessions ********* ** ******* ** ****, that **** ****** *** ***** ****** suspects *** “****** ** *** ****,” and **** ****** ** ******* ******* a “******** ***” ** ****.

********* ** ************** * ***** ****** in *** ********'* ******* ***** *****'* massive ***** ************ ******* ******** * powerful ***** ** ******* *** ******** any ********** ** *** *****.

China ****

*** ***** ************ ***** ** ****, the ******* ********** ********** ***********, ***** is * ******** ** *** ******* government ******* * **** *** ******** / ******** **** ** ********** ********** systems, **** ** *********.

***** **** ************, *** **** **** a ********* ********* ***** ************** ** a ****** ****** **** ********** ************ is **************.

Hikvision ******** **** ***** ********** ********

** ** *** *** **** ********* employee *** ** ************** * ********** official. ******, *********'* ******** ** * Communist ***** ********* ** ********* ** the********* **** ****** ****** (*. **):

**** ********* ****** ** *** **** of **** *********, *** ******** *** the ********* ***** ********* ** ***** Electronics ********** *** ***** **., ***. (中电海康集团, ******) *** ******** ** *** Company [*********]

Upsides *** *********

****** ********* ********* / ******** *** direct *********** **** *** ******* **********, having ***** *** ******* * ******** revenue ******. *** ******* ********** ** the ******* ***** ** ***** ************ in *** ***** *** ****** **** executive ** * ********** ****** *** the ******* ******** ****** ** ***** an ********* *** *** ******** ***** over **** ******.

Refusal ** *******

********* *** **** ** ***** **** they **** *** (** *** ***) address ***** **** ****** ********** **********. This ***** **** *********** ******* ********* ****** *** ***** ********* Party.

Risks *** *** *****

**** **** *** ******* ********** ***** want ** **** *** ***** ** concerned ***** *** ******** ************ ** buying ************ ********** **** * ** company ***** ********** *** **** ** the ** **********, ** *** ***** many ************* ******.

***** ********** ********** ********* ** *********, **************'* ****** ** ****** **** *** Communist *****, ***** ***** ********* *** ** simultaneously * ********** ******, **** ** a **** ****** ** **** *** those ********* ******** ******* ** ********* with ******** ******** ***** *****.

*** **** *********'* ********** ****** *** Ministry ** ****** ********, ***** *** Ministry's ***** ****** ** ******* *** human ****** ******, ****** ******** ***** whether *** ***** ** ******* **** activities.

** ** *** ***** ** ****** be * ******* ********* ** * country, *** ****** ** ***** **** for ***** **********'* *******. ** ** entirely ********* **** * ******* ** part ** **** **********. ********* / China.

Comments (60)

Concerning...

Agree: 3
Disagree
Informative
Unhelpful
Funny

Wake up everyone. Look the aggression of XI in the South China sea

I wonder if the horrible security aspects of their product are intentional to show their love for Mao hehehe

Agree: 1
Disagree
Informative
Unhelpful
Funny: 1

In fairness, saying things like "their love for Mao", who has been dead for 40 years, will only reinforce negative stereotypes about Westerners being out of date / uninformed about China.

Since you reference Xi and the current South China sea issues, obviously you are aware of current events but I do not think Mao comments help.

Agree: 5
Disagree
Informative
Unhelpful
Funny

I believe a very real risk is the fact that we now have million of sensors installed across the US, in homes, businesses, and government buildings that are all running a compiled Chinese firmware that we have no idea of its capabilities or contents.

Even if the current firmware is free of spying capabilities, these sensors will always be at risk during any firmware update.

Is this being overly paranoid? I really don't know. But I do know even the US government was able to infiltrate Iran with Stuxnet and this is the new front of warfare. Each camera is a foreign computer running on your network. The code running on these computers is provided by a foreign government.

Consider if Iran had let the US government install millions of computers running US code on their networks. What would we do? Not use this to our advantage?

Just sayin'.

Agree: 14
Disagree
Informative
Unhelpful
Funny

If you allow a suspected malware infested device on to your network without access restrictions, then any subsequent damages are due to your own negligence.

Agree: 2
Disagree: 3
Informative
Unhelpful
Funny

It is sometimes impossible to see what any device is doing on your network without extensive experience and hardware. Given that these cameras have created a DIY mentality among some customers, that is a very dangerous combination. Heck, many types of malware are UNDETECTABLE today. Let alone that anti virus programs are not looking for camera firmware, ever!

We all know that arrogant customer who know everything. Now take that mindset into an educational institution. Suddenly, a DIY IP camera that can act as a webserver that is transferring files invisibly across a network and the traffic can't be monitored by nation code because you have 2000 Chinese grad students. Only one of them have to be a card carrying PLA member to cause a problem. And if you keep up on the news, you know that is already happening.

Agree: 1
Disagree: 1
Informative
Unhelpful
Funny

It's simple. You drop all traffic to and from the camera that isn't going directly to your VMS server or NVR.

Or, if that's too complex for your firewall, keep the cameras off of an Internet accessible network. You do this by multi-homing your VMS server and don't plug the camera switch into your router/normal network. This way, the outside world could never see the cameras directly and vice versa.

This isn't brain science people.

Agree: 1
Disagree
Informative: 1
Unhelpful
Funny

This isn't brain science people.

Please stop with the "brain science" thing, I've accidentally said it twice in the last week, and I'm afraid it might become permanent :)

Agree
Disagree
Informative
Unhelpful
Funny: 2

This Hikvision thing is being made to be way more complicated than it is. Many, I mean many IP Video networks NEVER hit a router to get out to the Internet anyway.

Agree
Disagree
Informative
Unhelpful
Funny

Do you mean that the cameras subnet don't hit a router, or the cameras and both interfaces/subnets of the NVR never hit a ROUTER to the internet?

Agree
Disagree
Informative
Unhelpful
Funny

To be fair, I feel that some of your assertions need to be clarified:

1) "It is sometimes impossible to see what any device is doing on your network without extensive experience and hardware." --- Actually not true. It security guys (in house or other) do this easily with an SNMP trap. They can capture and analyze any data transmissions across their network.

2) "Heck, many types of malware are UNDETECTABLE today." --- Again, not entirely accurate. Most viruses are known and new ones are merely variants of previous versions. Hackers will target the most valuable/largest targets because they understand that once their virus is identified, the info will be shared across the IT security communities and patches will be applied.

... There is a problem however, but it has less to do with Hikvision specifically (which is the focus of this article) and has much more to do with horrible / lazy firmware coding and updates processing across the entire industry. But I get it; it's more fun to sound like James Bond and talk about government conspiracies. Who gets to be 'Jaws" aka Richard Kiel?

Agree: 3
Disagree
Informative: 1
Unhelpful
Funny

That's the FauxNews effect

Agree: 1
Disagree
Informative
Unhelpful
Funny

I was speaking of anyone (especially that arrogant customer who thinks they can do it all themselves after they see your price) who lacked the resources of an entire IT department and didn't have a clue what a port scanner was.

The fact remains that the hardware in almost any I/P camera these days is basically a web server and malicious code could (and has) easily be inserted in that hardware making it difficult to find.

Again with the IT department "patch? Unlikely to happen in many, especially home environments.

Please don't be condescending regarding Malware. Everyone here knows it is very difficult to detect many kinds of malware, especially rootkits. Stuxnet is a great example of such code and that is ten years out of date. Outside of Kaspersky, show me one AV product that can detect government class or eastern European crime syndicate level malware. YOU CAN"T! Another commenter mentioned inserting "microcode" in the silicon which is completely possible and could be quite malicious.

What "security" department? Again you "presume" there is one when in over 60% of ALL customers there is no such thing!

I am sick and tired of hearing so called professionals offer only their opinion (completely colored by who they represent) on this subject. I think we can be a little more honest than that.

We ALREADY know that some cameras already have come with firmware that mysteriously "phones home" and hardcoded admin passwords. This no conspiracy, it is FACT!

That is enough proof for me that any product that comes from a country that does not respect an individuals privacy and human rights is one I will avoid and advise my clients to avoid. Better safe than sorry.

Agree: 3
Disagree: 1
Informative
Unhelpful
Funny

any product that comes from a country that does not respect an individuals privacy and human rights is one I will avoid and advise my clients to avoid.

In Hikvision's case, they are not simply 'from a county', they are part of the country's government that does these things.

Agree: 3
Disagree
Informative
Unhelpful
Funny

I was trying to be reasonably neutral.

Agree
Disagree
Informative
Unhelpful
Funny

"In Hikvision's case, they are not simply 'from a county', they are part of the country's government that does these things."

I worry in a country like China, whether the company is 'publicly' a part of the Chinese government may be a mute point.

All business in a communist society is subject to the government's dictates. Freedom is an illusion in China (and many other countries around the world).

You of course do have a choice: Comply or Prison (Maybe a firing squad).

Agree: 1
Disagree
Informative
Unhelpful
Funny

Malwarbytes is very effective and probably the best.

If a camera is "phoning home" and you can't see that traffic on your network, then you can't sit here and complain about network security.

So what cameras DO you trust? I doubt you can find many that top to bottom don't include a single China made component.

Agree: 2
Disagree
Informative
Unhelpful
Funny

I doubt you can find many that top to bottom don't include a single China made component.

Hikvision is far far different than every other Chinese company, since it is the only one owned / part of the Chinese government.

Turn it to the US. Surely, many countries mistrust the US. But they would certainly, and rightly, more mistrust a company owned / part of the US government than a company simply based in the US.

Agree: 2
Disagree
Informative
Unhelpful
Funny

I agree with your point, but I was replying to this quote specifically:

"That is enough proof for me that any product that comes from a country that does not respect an individuals privacy and human rights is one I will avoid and advise my clients to avoid. Better safe than sorry"

Agree
Disagree
Informative
Unhelpful
Funny

Case in point. Back in 2000, the NSA promoted a free version of Linux with 'special security enhancements' included.

Almost nobody was crazy enough to use it :)

https://linux.slashdot.org/story/00/12/22/0157229/nsa-releases-high-security-version-of-linux

Agree
Disagree
Informative
Unhelpful
Funny

"That is enough proof for me that any product that comes from a country that does not respect an individuals privacy and human rights is one I will avoid and advise my clients to avoid. Better safe than sorry."

Agreed, but unfortunately, that is increasingly difficult in a world where "If it has a chip in it, it's probably made in China/Taiwan/Indonesia, etc.", or at the very least, it has significant sub assemblies made there and it's very hard to be sure the electronics are 'clean' regardless of who sells it.

Even if you write your own firmware from scratch, how many manufacturers regularly test ALL the chips that are populating the product once it's in full production. There will always be a chance that dormant back doors could be implanted in the code without the manufacturer's knowledge.

There can even be malware/back doors implanted in the software tools used to develop the software, as the recent issue Hikvision had using a 'hacked' version of Apple IOS tools to develop their App. The hacked tools even passed Apple's vaunted security for screening out malicious code before an App is published in the App Store.

As a person who has been actively involved in computer networks and security for over 30 years (and only recently had to learn about security cameras because I inherited the title at my current job), I have long used the mindset of 'assume breach', in other words, expect that you have already been hacked, and work to mitigate what might be at risk instead of assuming you can plug all the holes. Regardless of what it is, if it relies on zeros and ones, it can be hacked if someone wants it bad enough.

In regards to Hikvision themselves being so deeply involved with a government that has invested tremendous resources into hacking into other countries infrastructure, well, if I was providing security cameras to an environment that might provide someone in China with anything remotely useful (as opposed to watching people in the break-room eat their lunch), then I would avoid ANY Chinese branded devices, but I still wouldn't completely trust any companies product and would take as many reasonable steps as possible to minimize the potential breaches.

The big problem (and the one that to me is the real concern) is the vast majority of these devices are being installed in places where there is virtually zero protections in place. The vast majority of those places serve no real purpose to someone like the Chinese government, but when sensors are installed in places with sensitive data (often ad-hoc without the IT department's knowledge), then the prize can be sought out. Automated network scanning can be done at speeds that are hard for the average person to comprehend, and they can eventually weed out the 99.9999% of worthless data to find that needle in the haystack.

A few years back, I read about a group of researchers who were able to insert malicious code into the chip that controlled a webcam in someone's laptop. Absolutely no way that any normal software scanners on the laptop would ever find it, but the camera could be remotely activated and stream the video out.

Even the flash drives that everyone uses has firmware on them that can be hacked (tested and proven) and a small piece of code added that cannot be 'easily' found or removed from the device, and only a few companies (all Chinese) make the controller chips that are in all flash drives, regardless of manufacturer.

My final advice? If your really in doubt, use a pencil :)

Agree: 1
Disagree
Informative
Unhelpful
Funny

There are alternatives for manufacturers. If you look you will see that many of the name brands use Chinese components until they have to comply with certain regulations to sell to the US Government in compliance with the Trade Agreement Act (TAA).

So typically, while the majority of components may come from China when necessary the alternative more expensive suppliers are utilized.

With all due respect I do not believe the majority of the readers understand the complexities of securing an IP camera which is a Linux computer from "professionals" that have nefarious intentions.

One portion of our organization which offers professional services for cybersecurity eat, sleep and drink cyber and the hackers are light years ahead of the ones defending. The unfortunate aspect is the costs of properly defending can be prohibitively expensive.

The casual user can secure basic safeguards but when you get into the sophisticated infrastructures one would not believe what is required in terms of hardware, software, best practices, etc. This is a full time effort. There is a reason that virtually every major retailer and government agency has been penetrated.

Agree: 1
Disagree
Informative: 1
Unhelpful
Funny

The casual user can secure basic safeguards but when you get into the sophisticated infrastructures one would not believe what is required in terms of hardware, software, best practices, etc. This is a full time effort. There is a reason that virtually every major retailer and government agency has been penetrated.

Absolutely, and a company can spend millions of dollars on the most sophisticated security measures, and it can all be unraveled by 1 idiot :)

Agree: 3
Disagree
Informative
Unhelpful
Funny

you hit the nail right on the head. Cyber is an entirely different world. This is probably a discussion for a separate string.

Agree
Disagree
Informative
Unhelpful
Funny

In fact, a very funny story but not so funny. Our organization in conjunction with an integrator had lost a major global account we had for many years which was an overall security initiative - physical and logical security systems worldwide. They went with a low cost local one man company which was beyond bizarre. This organization ended up having been penetrated and all their customers credit card information was stolen and the damage was major. How did the hackers get in - from the guy in charge of maintaining their security having a vulnerability on his end which the hackers used to penetrate the customer!

Agree
Disagree
Informative
Unhelpful
Funny

I wonder if any directors or senior executives of Tyco, Axis, Honeywell and other well-known US security giants had previously work in homeland security and national defense departments.....

A close tie between the businesses and their government is common. That's how you get the fat government contracts.

Agree: 5
Disagree: 5
Informative
Unhelpful
Funny: 1

Previous is different than current.

Being primarily owned by the government is different than getting government contracts.

Agree: 9
Disagree
Informative
Unhelpful
Funny

US government and Chinese government, all work for their nation, community and people, from management point, they are the same, it's a government, has their duty.

A company or a person as a contractor, working for the government is normal. nothing wrong with it.

Agree
Disagree: 11
Informative
Unhelpful
Funny

Sorry Frank, you're wrong. I actually live in China and can tell you that the so-called 'government' here works ONLY for the Party. Any crumbs left over go to keep the people quiet.

Wake up.

Agree: 1
Disagree
Informative
Unhelpful
Funny

I can't tell you how many integrators we talk to that are actively installing Hik cameras on military installations...

Agree: 1
Disagree
Informative: 6
Unhelpful
Funny: 4

How many Chinese PCs run Windows, use Google, etc?

Agree
Disagree
Informative
Unhelpful
Funny: 1

Jon, please elaborate on your point.

Agree
Disagree
Informative
Unhelpful
Funny

It's very simple to create secured networks these days that can contain even rogue devices. You can limit what can get in and out of the secure camera network (VLAN or physical). By securing the network, you also contain the potential for damages.

Agree
Disagree: 2
Informative
Unhelpful
Funny

Jon, I still don't understand know how this relates to Google and Microsoft, which is what you started with.

6 below has already given you detailed feedback based on local China knowledge.

Agree
Disagree
Informative
Unhelpful
Funny

Sorry, I was working on 4 hours of sleep and had a different post in mind when I replied.

Agree
Disagree
Informative: 1
Unhelpful
Funny

Chinese PCs mostly run Windows XP, and Windows 7. because:

1. XP needs only a serial number is needed to work. And is considered free.

2. Windows7 to them seems very modern!! And also simpler serial protection hack.

3. Google unless you been living under a rock is blocked in China, for normal internet users.

4. Blocked also is Facebook, Youtube, Anything Google, that's even like google fonts for websites, google maps, google translate API etc.... Blocked also is Vimeo, Twitter, Messanger (facebook) Instragram, Tinder, Snapchat... etc... Anything which is social, and there is a poor copy clone by one of the larger chinese companies would be block in a flash!!! Even apple ibooks has just been removed, because it needs a partner for electronic media publishing!

For how many PCs if you say PC then that's everyone, except the MAC owners.

Reference: More than 97 Percent of Computers in China Now Running Windows, Mostly Pirated

Agree: 4
Disagree
Informative: 2
Unhelpful: 1
Funny: 1

When I mentioned Google, I was referring to Android as an OS. Is Android blocked too?

My point is, OK so China has a few cameras in US military installs. Not that big of a deal. But the US has a very large monopoly on OSs. Between Microsoft and Google, I would assume they cover a very large majority of devices worldwide.

Wether they pay for a license is irrelevant. The fact that they run US based code on a vast majority of devices is much more important.

Agree: 1
Disagree: 1
Informative
Unhelpful
Funny

Whether they pay for a license is irrelevant. The fact that they run US based code on a vast majority of devices is much more important.

Ok dokey, I get you now. You're saying they got their malware, we've got ours, eh?

How do I open up my "God's Eye" dashboard and take a look?

Agree
Disagree
Informative
Unhelpful
Funny: 1

As a point of reference China has Internet "censorship" and blocks what it feels like. So for example Google is blocked in China as the Chinese Government protects Baidu. The Chinese government also blocks the popular VPN programs as well. So the difference between a Democracy and Communist government.

With respect to Windows while it is not directly related but there are probably more pirated versions of Windows running in China than legitimate ones, which addresses another serious issue with China which is the inability of foreign companies to enforce their IP.

Agree
Disagree: 1
Informative
Unhelpful
Funny

I can't tell you how many integrators we talk to that are actively installing Hik cameras on military installations...

That's fine with me, as long as they're in China. ;)

Agree: 3
Disagree
Informative
Unhelpful
Funny: 3

A camera is a node on a network. How many Chinese laptops, desktops, servers, switches (printers maybe?) are also installed? Why aren't you equally (or more so) worried about those?

Agree: 4
Disagree: 2
Informative
Unhelpful: 1
Funny

Agree X 10

Agree: 1
Disagree
Informative
Unhelpful
Funny

(printers maybe?) are also installed

This is IPVM, we cover the physical security market, not the printer market or the laptop market, etc.

Do you really not understand what we cover?

Agree: 1
Disagree
Informative
Unhelpful
Funny

Who Owns Dauha? How about the other 5000 companies inside China that make every conceivable type of electronic device know to man and sell everything under the sun (counterfeited or not) on the world market every day? Should we chase all of those down and point out the owners as crooks too?

What about UNV? Who owns those folks?

To be completely honest I am more concerned who Bill Clinton will be chasing around the White House if Hillary gets elected than losing sleep over this 'HikVision debacle'.

I propose we consider and immediate review of the suppliers that we all deal with every day as the real crooks that are snaking away our profit margin instead of 'chasing a wild goose' posing as Sherlock Holmes investigating every move of HikVision over in Shanghai, China!

Agree: 4
Disagree: 1
Informative
Unhelpful
Funny

What about UNV? Who owns those folks?

American investment firm Bain Capital founded by Mitt Romney.

Who Owns Dauha? How about the other 5000 companies

We have found no evidence of government ownership of any other Chinese video surveillance manufacturer. If anyone has evidence, please share.

investigating every move of HikVision over in Shanghai, China!

Hikvision is based in Hanghzhou.

Agree
Disagree
Informative: 3
Unhelpful
Funny

We have found no evidence of government ownership of any other Chinese video surveillance manufacturer. If anyone has evidence, please share.

HiSilicon?

Agree
Disagree
Informative
Unhelpful
Funny

HiSilicon is a semiconductor company, not a video surveillance manufacturer. HiSilicon is owned by Huawei.

There are lots and lots of companies owned by the Chinese government. Huawei may be one of them.

But, when it comes to video surveillance manufacturers, Longse, Sunell, Dahua, UNV, etc., etc., there is no evidence.

And, equally importantly, there is no evidence that any other video surveillance manufacturer has executives that are leaders within the Ministry of Public Security.

Agree
Disagree
Informative: 2
Unhelpful
Funny

HiSilicon is a semiconductor company.

Yes.

...not a video surveillance manufacturer.

Not of finished goods; They make video surveillance camera modules, SOC - system on a chip, arguably the heart of any IP camera. Would you agree that most IP cameras sold today use their SOC?. They list their Surveillance and Security products first on their website.

And this silicon is no commodity chip like a memory wafer. Little is needed besides the SOC and imager/lens and a box.

But, when it comes to video surveillance manufacturers, Longse, Sunell, Dahua, UNV, etc., etc., there is no evidence.

And, more to the point of u9's original rhetorical question, "should we chase down all of those?"

Yes. I urge IPVM to chase down HiSilicon. It may be more dangerous to the industry and to the U.S. than Hikvision.

Why?

Because it's the fundemental intelligence of the system. It's micro code is embedded before Hik or Dahua even get a chance to load their own firmware.

And at least with Hik or Dahua products you could read the label or OEM label, but who know's which products are HiSilicon?

And because treating them as just a "semiconductor company" and ignoring their pervasiveness in the majority of products is unwise.

Agree: 3
Disagree
Informative: 2
Unhelpful
Funny

Chase down Hisilicon based on what?

I have no objection or concern about 'chasing down' anything but there needs to be some evidence.

As you know, Hisilicon's parent company Huawei is not owned by the Chinese government like Hikvision. Hikvision, as this post's exec examples shows, is essentially a division of the Chinese government.

There are absolutely suspicions and concerns about Huawei and its founder but is it anything close to the level that Hikvision is?

I do agree that there is a lot of potential exposure from who provides SoCs (e.g., Hisilicon) but what evidence can be brought forward like has been done for Hikvision?

Agree
Disagree
Informative
Unhelpful
Funny

What are you talking about microcode? Do you understand this Silicon on it's own does nothing, it's a ARM CPU wrapped inside lots of other shit.

These cameras are using Linux kernel OS to operate. HiSilicon provide a SDK and some drivers to enable the use of the H.264 encoding and configurations etc... I think you find their part don't do much in so far as it don't start sending out packets of IP data, when it does not even have this knowledge about the system. You need to understand how Linux works, I am sure others can help you!, perhaps do a google search.

Huawei is private owned company, staff do not and can't use phones in office, there are security cameras everywhere. Except the LAV. and no pictures are to be taken, by anyone visitors etc.

I love the words fundamental intelligence! something some people lack.

Agree
Disagree
Informative
Unhelpful
Funny

You need to understand how Linux works...perhaps do a google search.

Thanks for the suggestion! I did, and I learned some things I never knew, like Linus T. was named (and therefore Linux itself) for the Peanuts character!

Anyway, your turn now. Wikipedia on Microcode.

Microcode is "a technique that imposes an interpreter between the hardware and the architectural level of a computer."As such, the microcode is a layer of hardware-level instructions that implement higher-level machine code instructions or internal state machine sequencing in many digital processing elements. Microcode is used in general-purpose central processing units, in more specialized processors such as microcontrollers, digital signal processors, channel controllers, disk controllers, network interface controllers, network processors, graphics processing units, and in other hardware.

and

A processor's microprograms operate on a more primitive, totally different, and much more hardware-oriented architecture than the assembly instructions visible to normal programmers. In coordination with the hardware, the microcode implements the programmer-visible architecture.

You may think that your getting down close to the metal with the OS, but to a systems programmer your still at 20,000 feet.

So it could do whatever it wants, it's lower level than Linux. And it even though might not "know" anything about the Linux system running on top of it, it certainly "knows" about the camera system, i.e. the imager, the physical network.

And, (and this is the whole point) it could easily stream every frame that it is already processing right out the Ethernet PHY that it controls. And Linux would be about as clueless about it as Linus. The one from Peanuts.

I love the words fundamental intelligence. something some people lack.

You'll get no argument from me on that :)

Agree: 3
Disagree
Informative
Unhelpful
Funny

This is really off topic of a post about Hikvision's relationship with the Ministry of Public Security.

If either of you want to discuss this aspect, feel free to create a new discussion.

Agree
Disagree
Informative
Unhelpful
Funny

interesting

Agree
Disagree: 1
Informative
Unhelpful
Funny

Not surprising, Chinese government officials and money.

No different than the steel industry, solar panels.. Unsustainable fast growth per industry sell for cost to destroy competition and then push prices up.

It's all ok until the labour rate rises in China and the boom will go bust very fast!

Agree
Disagree
Informative
Unhelpful
Funny

Humor/ How do the IP address range of the Chinese OPM hackers compare with the IP address range from Hikvision? Enquiring despots want to know! /Humor

Agree
Disagree
Informative
Unhelpful
Funny

How do the IP address range of the Chine OPM compare with the IP address range from Hikvision?

Impossible to tell since Hikvision cleverly runs everything from their cameras and their cameras have no IP address, so...

Agree
Disagree
Informative
Unhelpful
Funny: 1

Didn't mention anything about the camera, just the IP ranges. The Feds have the logs, we know where the country codes correspond.

What about the rest? Given the "Great Firewall", IP ranges are fairly static there.

Agree
Disagree
Informative
Unhelpful
Funny

What happened to the rest?

What happened to the "/Humor" ?

Agree
Disagree
Informative
Unhelpful
Funny

What's with all the CSI technol rubbish.

Hiding a IP address is trivial, just go get a VPS hosting service, everything can be paid with bitcoins or paypal, registers the account from a VPN non logged provider, there are easily 50+ of these.

Run a shadowsocks installation on your WPS, pipe your data throught this, even the most basic setup takes less than 30minutes, and nobody can trace you!

Making a IP address appear from another location is nothing tricky is it. If you can get on backbone of internet, which often can also be conprismed you can take over IP address routing and DNS resolution, often used indeed by chinese goverment.

Anyhow so far off topic from the title of this article!

Unless there is concreate edivance for anyone regarding Hikvision IP address packets of data flying outside their devices, or even less unlikey the fairy tale of micro code from hisilicon SoC then people need to wake up and smell the coffee.

Agree: 2
Disagree
Informative
Unhelpful
Funny

...people need to wake up and smell the coffee.

Or tea.

Agree: 1
Disagree
Informative
Unhelpful
Funny: 1
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports