Unauthorized remote connections using security camera

papy muzo

10/12/22, 11:20 PM

I installed recently a security camera ( https://www.amazon.com/dp/B08J158TVV?psc=1&ref=ppx_yo2_dt_b_product_details ) I noted the pan was not working properly and I asked for help ( [email protected] ). They answered promptly and asked for camera UID ( AAxx-xxxxx-xxxxx ). Using only this information, no IP or other, they were able to connect my camera and change the settings. As proof of fixing my problem they sent me two pics taken inside my house with my camera.

Question:

How is this possible? I didn't open any port or service.
How can I prevent such action in the future?

I am connected to Internet with a Netgear cable-modem Model: C7000|Nighthawk - AC1900 .

1 + 4

intrusion-prevention

ceejayoz

10/13/22, 2:02 AM

I hope you left a review indicating this experience.

Gerard H. Pille

10/13/22, 10:29 AM

No kidding, @ceejayoz ? I bet if you disable upnp in the country they are made, you're in trouble.

A.B

10/13/22, 1:07 PM

@GerardH.Pille If the camera always phones home, no need for UPnP. IRC, IPSec, openvpn or WireGuard (or HTTP or anything else) don't need UPnP: the home router always allows traffic initiated from inside to outside and will then allow replies. It might not scale as good. But there have been case of p2p networks used by IoT devices in the past. https://www.schneier.com/blog/archives/2016/02/eavesdropping_b_1.html -> https://krebsonsecurity.com/2016/02/this-is-why-people-fear-the-internet-of-things/

papy muzo

10/15/22, 5:38 PM

Thanks for your help Gerard. I closed the "hole".

Score:2

Server

Gerard H. Pille

10/13/22, 1:58 AM

Welcome to the world of UPNP. Your camera told your router to open your house to world + dog. Wikipedia

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Unauthorized remote connections using security camera

TH: การเชื่อมต่อระยะไกลที่ไม่ได้รับอนุญาตโดยใช้กล้องรักษาความปลอดภัย

RO: Conexiuni la distanță neautorizate folosind camera de securitate

RU: Несанкционированные удаленные подключения с использованием камеры видеонаблюдения

VI: Kết nối từ xa trái phép bằng camera an ninh

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.