US Army Base Specifies 70+ Outdated Hikvision Cameras (Cancelled)

By John Honovich, Published Feb 22, 2018, 08:06am EST

A US Army base has specified 70+ Hikvision IP cameras, a month after the WSJ reported a different Army base removed Hikvision IP cameras.

While this is a positive for the Chinese government-owned Hikvision's expansion into the US military, this raises security concerns. Moreover, US Army's Hikvision specifications are so low-end and outdated that it raises concerns about the security of the base.

In this note, we examine the specification and the issues involved.

[UPDATE March 2018: the RFP was canceled.]

US **** **** **** **** ********

*** ********* ** ***** cameras ****** ****, * ***** ********* base *** *** ** Army. ***** ** ** example ** * **** fire ******** ********* ** *** base:

Solicitation / ************* ********

*** ************ ********************* **--**** ********* **** ******* **** *** **** ***** listed ** * ***** document ****** "***********************.****" (*** **** ****).

*** ****** ** *** 4 ********* (****, ****, 4401, & ****) *** consists ********* ** ******* Watchdog ******** (*** ******* Optix ***), ** ******* 5MP ******** ("** *****") cameras *** ** ********* ("or **********") *******.

******** ** **********  ** each *** ****** ********* Wide ***** **** *******. Must ** ********** **** watchdog ******** *** ***** monition **** *********.

    ***** ****** */*” *********** scan **** ***. ************ 0.19 ***@**.*, *** ** 0 *** **** ** Shutter **** */*** ~ 1/100,000s **** *** @**.*, angle ** ****: **.*° (2.8mm, ***, **** ********) Lens ***** *** ***** adjustment ***: *° ~ 355°, ****: *° ~ 65° ******* ***** ********* 3D *** **** ******* range ******* *** *** & ***** ********* *********** *.*** / MJPEG *.*** ***** ******* Main ******* *** **** 32 **** ~ ** Mbps **** ****** ***Image ***. ***** ********** **** × **** ***, **** configurable ***** **** ****: 15fps (**** * ****), 30fps (**** × ****),***** (1280 * ***) ***** settings **********, **********, ******** adjustable ******* ****** ******** or *** ******* *** ******* ******* *** ***** trigger ****** *********, ********* alarm ********* ***/**, ****, DHCP, ***, ****, ***, RTSP, *****, ****, ***, SNMP, *****, ***, ***.**, Qos ****** ************* *****, PSIA, *** ******* *************** User **************, ********************** ********* * **** 10M / **** ******** portal ********* ********** -**°* ~ 60°C (-**°* ~ ***°*) humidity **% ** **** (non-condensing) ***** ****** ** VDC ± **%, *** (802.3af) ***** *********** ***. 5W (** **** *** on) ****** ********** ********-*****, 50J; *******, ** ** IK10 ******* ********** **** / **** ** ***** approx ** ** ** meters **********Φ*** × ** ** Weight ****

Hikvision ***** ********* **********

*************, **** ** ** *** *** common *** *** ***** from * ************ *************.

*** *********** ******* *** 'Value ******' ********* **-********-**, ****** * ***** old, **** ***** ********* ***** **** sheet. ********* ****** *** numerous ****** ******* *** equal ** **** *****, e.g., *** **-**********-* **** *.***+, longer ** *****, '***********', etc.

** ****, *** ***** not ********** ******* **** in * ********, ***** as **** * ***** US **** ****.

*******, *********** **** *********'* 5.5 ******** *******, **** model **** *** ******* PSIA (** ********* ******* it). **** ** *** a ********* ** ********* (since **** ** ***********) but ** *** ********* who *** *** ****** specifications **** *** ********** and *** ********* ****** selection.

*******

**** ** ********* ******** for *********, ******* *** ********-******* marketing ******** ** ****** off.

** *** ***** ****, much *** ** ******* in ******* **** ********* specified ***-*** ********* *******, it **** ***** ******** both *** *** ************* of *** **** *** the ******* ** ************ the ** ********** ** using.

** **** ******* *** to **** **** *** will ******* **** ******* as *** ************ ********.

Comments (17)

I wonder how many of these are just the results of somebody getting excited about the new funding increase and dusting off old quotes from two years ago without looking at it too closely. 

About funding / pricing, one thing atypical here is that its being conducted as a reverse auction:

An Offeror may submit a series of pricing bids, which descend in price during the specified period of time for the aforementioned reverse auction. 

At this point I have to ask: does the US military ever use anything other than Hikvision?

I am not sure if that prospect excites or scares you :)

It's a good question. I've asked one of our team members to research more systematically. Hopefully, in 2 weeks or so, we can provide more information from different solicitations and government documents.

I am not sure if that prospect excites or scares you :)

Neither, I don't sell Hikvision and don't work on US military bases.  I do question their decision making and/or knowledge level.  I think we should all use our 1 month IPVM invites and send to US military email addresses.

This appears to be a symptom of not caring what the product is as long as it is cheap with no further research done.

Yes, but they've been on a pretty tight budget for the past several years. Some program managers have been getting creative. 

Well we did do a wireless surveillance installation at Ft Riley in KS some years ago, using Bosch IP cams (at the client's request). A rather bizarre deal in which the client had us install an eight-channel D/A converter at the end of the chain so they could continue to use their ancient analog recording setup :-(

The document is titled "Salient_Characteristics.docx" and does not even specify Salient products. There is some sad irony in that.

Not uncommon for public agencies to take years to actually get a project approved (from the time of specification to procurement) so you see this type of old equipment being requested more often than you'd think. It sure helps to complicate public contracting!  That's all regardless of the obvious challenges with whats being requested in this particular case...

Working on one that started in 2014. With all the processes in place, I can understand why some don't go through redesign after the funding is finally approved. 

Yikes...I expected this from the Marines...they're too busy licking windows to read specs, but the Army...say it ain't so!

In 2018, you would not reasonably specify this in a pizzeria, might as well a major US army base.

Yes, indeed.

We have reached out to Fort Sill and will respond with updates as the solicitation proceeds.

Perhaps offering them a 30-day membership as was suggested above would be a good idea.

I look forward to your updates.

Good to see that useless specifications are a global phenomenon.

I thought government agencies dusting off antiquated specs and putting out a request was "normal" (for some depressing value of normal.)  I've seen this sort of thing before with access control (well after PIV was allegedly mandated govvies seem to spec all sort of junk.)  Is this a new phenomenon or simply the same old bad problem, using this specific vendor as an example?

Many times a unit that needs a security upgrade will get a local area security company to come out and give them an estimate based on a quick site walk. This unfortunately becomes the basis of their budget and the subsequent RFP that goes out so they can get their required three bids. Generally the RFP that goes out will reference a lot of guidelines and regulations that are supposedly relevant to the project.  There is usually an approved products list and that depends on which agency or branch generates the RFP.  Most approved lists I have seen are very outdated and include a lot of obsolete equipment that you couldn't even find on eBay anymore.

Also, developing the approved products lists is another bureaucratic endeavor which just takes a lot of time.  By the time a product gets on the list it could be two or three years old.  Getting something off the list is challenging.

Companies that work in this space are very savvy in ways to work around these types of problems. 

That's what they taught me back in the day when you could get two tin cans and a piece of string procured as long as you somehow wrote up paperwork on how it was "GOSIP compliant networking equipment".  And there were "beltway bandits" who were highly skilled at this dark art.

This would suggest there's a treasure trove of outdated / weird items being requested many perhaps as questionable as Chinese-sourced cameras.  Because the beltway bandits are still around...

 

Update: The RFP was canceled on March 9th. The Army has not explained why it was canceled nor if it will be re-bid. If or when we receive more information, we will update accordingly.

Read this IPVM report for free.

This article is part of IPVM's 6,814 reports, 914 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now
Loading Related Reports