this post was submitted on 02 Jul 2023
18 points (100.0% liked)

Ukraine

10633 readers
257 users here now

News and discussion related to Ukraine

Matrix Space

Community Rules

πŸ‡ΊπŸ‡¦ Sympathy for enemy combatants is prohibited.

🌻🀒No content depicting extreme violence or gore.

πŸ’₯Posts containing combat footage should include [Combat] in title

🚷Combat videos containing any footage of a visible human involved must be flagged NSFW

❗ Server Rules

  1. Remember the human! (no harassment, threats, etc.)
  2. No racism or other discrimination
  3. No Nazis, QAnon or similar
  4. No porn
  5. No ads or spam (includes charities)
  6. No content against Finnish law

πŸ’³ Defense Aid πŸ’₯

πŸ’³ Humanitarian Aid βš•οΈβ›‘οΈ

πŸͺ– Volunteer with the International Legionnaires

See also:

!nafo@lemm.ee

!combatvideos@SJW

founded 3 years ago
MODERATORS
lisko@sopuli.xyz
doo@sh.itjust.works
Burstar@sopuli.xyz
Tuuktuuk@sopuli.xyz
18
Any news on the Chinese cameras security risk in Ukraine? (www.kyivpost.com)
submitted 2 years ago* (last edited 2 years ago) by HowRu68@lemmy.world to c/ukraine@sopuli.xyz
5 comments fedilink hide all child comments
 

"Before the war broke out, Ukraine had just rolled out "Safe City" across the country: an extensive network of video surveillance. The cameras, often with an internet connection, appear to come largely from Chinese state-owned companies and are easy to hack. Is Russia watching?"

This text was translated from a trustworthy dutch newspaper indepth article NL volksrant article Chinese cameras in Ukraine risk

Unfortunately, I couldn't get the full English translation online.

you are viewing a single comment's thread
view the rest of the comments
[–] IsoKiero@sopuli.xyz 2 points 2 years ago* (last edited 2 years ago) (3 children)

I don't know about state wide spying of these devices, which is of course an possibility, but as a rule of thumb they shouldn't be connected on the public internet at all. Regardless of manufacturer or even if you're using cameras or other IOT devices. It's pretty generally known that their security is questionable at best and practically nonexistent at worst.

Dahua cameras are quite decent for their price, but I wouldn't trust mine to be accessed from anywhere in the world, so they're firewalled on their own network and since they can't communicate to outside nor anyone can't get in (without connecting to my own VPN) I'm quite happy with them.

I've seen my share of CCTV and other equipment floating around and all you need is to login as admin/admin. At that point the manufacturer isn't really the one to blame.

[–] HowRu68@lemmy.world 1 points 2 years ago (2 children)

" I've seen my share of CCTV and other equipment floating around and all you need is to login as admin/admin. At that point the manufacturer isn't really the one to blame. "

Well, I don't know about your cctv experiences mean to you, but yes many people are lazy and don't read manuals etc.

But, I don't think that when countries, institutions and governments in the Americas & Europe have been warning users about the potential risks of Chinese camera's, that they are actually talking about something like "please don't use admin as passwords". But, I'm no expert on hacking.

I did find this link consumer bond advise 2020 in English ; a quote:

" Risks: Users of these cameras run several risks. A possible hacker can: watch with the camera, change the password, adding the camera to a botnet, crash the camera, find out the location of the camera; access other devices in the home network.

The latter depends on the protection of those other devices: photos behind the firewall of a Windows computer are well protected, but photos on a NAS may be at risk.

Problem: Predictable UIDs These types of devices broadcast a unique license plate on the internet, so that you can easily log in to the camera, for example with an app. The problem with the license plates or ' UIDs ' of these cameras is that they are too predictable."

etc...

[–] IsoKiero@sopuli.xyz 1 points 2 years ago (1 children)

" Risks: Users of these cameras run several risks. A possible hacker can: watch with the camera, change the password, adding the camera to a botnet, crash the camera, find out the location of the camera; access other devices in the home network.

The advice doesn't mention Dahua spesifically and the rest applies to every device you might connect to your network with poor security. It might be a camera or a tv, fridge, dishwasher, thermostat or a light bulb to mention a few. Most of those are just a small (often linux-based) computers which can do a lot of things, as computers in general do. Their security is just garbage and if a malicious actor gains access they can do whatever a compromized computer could do on the network.

On CCTV spesifically the worst ones are the devices which work only with some cloud-based messenger app. It's like connecting your home security to whatsapp (altough whatsapp itself is somewhat secure on that matter), but way worse.

Dahua, Axis and loads of other camers don't broadcast to internet by default and your NVR needs to connect to them (often, but not always) via RTSP. If your network is properly firewalled (NVR included) there's very little risk of attacker gaining access to that camera and using it as a general purpose computer to spy on you and hacking your devices trough it.

The 'predictable UID' and 'license plate on the internet' is mostly praising FUD and while it is true for certain type of cameras (the kind you'll connect over the internet directly either via a cloud service or a messaging platform) it's not a blanket statemet which would be valid for each and every camera manufactured at China.

It's certainly possible to run those devices securely and with Dahua you can run them entirely off the internet if you decide to do so (with some tradeoffs of course). The major problem is the people, who just buy cheapest things around and plug them into the network without any worries about any kind of security.

Of course there's at least some influence from the governments around the world to promote the 'we can spy you trough this but it's really convinient to setup' kind of devices, but if you either pay attention by yourself or get yourself a companion who'll set your hardware in a secure manner the problem doesn't exist anymore.

And that applies to everything with internet connectivity. Philips HUE lightbulbs have had vulnerabilities as a load of other 'smart' appliances, Ring and Nest included. And leaving anything connected straight to public internet has risks, some more manageable than others.

[–] HowRu68@lemmy.world 1 points 2 years ago

Thanks for your elaborate reaction. I'm certainly not knowledgeable in security matters the way you are. I do agree and can see, that certain systems, soft & hardware platforms can be more vulnerable, regardless their origin.

Also, yes , Duhua wasn't mentioned as a risk. And, although it is possible to set up more secure systems, apperantly it has simply not often or sufficiently been done in the past, either by governments or end consumers. Ofcourse, in the end of the day everything is hackable, if not offsite, then surely onsite.

The issue according to many media has been the unsecure cameras, especially in Ukraine ( but also in many other countries) . So, I'm just hoping that this information leak is being tackled, in a correct way.

But, what you have said, has made it even clearer to me, how vulnerable we all actually are.