Push To Hack: Reverse Engineering an IP Camera

New submitter tetraverse writes: For our most recent IoT adventure, we've examined an outdoor cloud security camera [the Motorola Focus 73] which like many devices of its generation a) has an associated mobile app b) is quick to setup and c) presents new security threats to your network. From the article: This blog describes in detail how we were able to exploit the camera without access to the local network, steal secrets including the home networkâ(TM)s Wi-Fi password, obtain full control of the PTZ (Pan-Tilt-Zoom) controls and redirect the video feed and movement alerts to our own server; effectively watching the watchers.

So, if one actually wanted to RTFA...

[bbsguru]

Where would one look?

Re:

[Sinister Stairs]

Probably this:
http://www.contextis.com/resou... [contextis.com]

Re:

[Anonymous Coward]

http://www.contextis.com/resources/blog/push-hack-reverse-engineering-ip-camera/ [contextis.com]

Re:So, if one actually wanted to RTFA...

[Frederic54]

It's at the right of the title
http://www.contextis.com/resou... [contextis.com]

Re:

[antdude]

Why did they put that there? Sheesh.

Behind the shield

[Okian Warrior]

On the right hand side of the title text, behind the thing that looks like a shield and the thing that looks like a dashpot connected to a screen door, is a link. It's there.

http://www.contextis.com/resou... [contextis.com]

(On my terminal the link is actually behind those two icons. I'm sure the icons are useful for something, but I'm not exactly sure what. The icons also partially obscure the "from the whatchamacallit dept" text, and I'm not exactly sure what that's good for, either.)

Slashdot is a classy site!

Re: Where?

[slazzy]

Possibly while sitting on the toilet.

Content

[josiahgould]

Well, in case anyone was interested - http://www.contextis.com/resou... [contextis.com]

Why people do not fight back...

[martiniturbide]

..cloud exclusive hardware? It is not only about security but also as control of the hardware you paid for. http://martin.iturbide.com/201... [iturbide.com]

Re:

[gstoddart]

Because all people give a shit about these days is "ZOMG, I can get an app for my phone!!".

Things like security or having the device become obsolete at the whim of the company are meaningless.

Welcome to the world, now with 150% more cloud. This way you can keep paying for the same stuff over and over until we decide to take it away.

Re:

[NotInHere]

"Cloud only hardware". Must remember this phrase, really sums up the current trend.

Re:

[Obfuscant]

"Cloud only hardware". Must remember this phrase, really sums up the current trend.

Yeah. I just bought a Cisco MS220 switch. I get thirty days of free access to the cloud web management to set it up, then I'm supposed to pay for a license on a yearly basis. The local management options are limited, including the wonderful fact that it will not change it's interface from 1.1.1.100 to the IP address I configure it for, nor will it stop reporting details of my internal network to Cisco unless I block it at the router. Which I did.

It's a damn switch -- a piece of hardware. Why does Cisco

Re:

[Mr. Haplo]

Inquiring minds want to know. You know all of this about your switch and you've not returned it yet? What compels you to keep it? Does it whip up a tasty mocha latte on the side?

Re:

[Obfuscant]

What compels you to keep it?

1. Once it gets over the fact that Momma isn't going to respond to it, it does work as a switch.

2. It has a healthy PoE capability, which is the only reason I bought it instead of another HP managed switch.

Need at least basic M&M security

[silas_moeckel]

M&M security is not great (hard candy shell soft middle) but it's at least something. I've got plenty of CCTV IoT etc etc but they can not access the internet with a singular exception and thats pretty much an application specific firewall. The rest is all easily accessible via a VPN.

We keep getting gear that wants to up upnp to open up ports to the world. Only is useful while talking to cloud control gear. Meaning it's not very useful at all.

Re:

[bobbied]

"Yesterday I couldn't spell Engineer, today I are one!"

The E in STEM stands for "Engineering" not "English" you know..

Re:

[rlh100]

Mr asshole, please keep your spell checking fascism comments to yourself. As someone who has struggled all my 50+ years of my life with spelling and writing, I know how shaming your "helpful" comments are. Rather than helping they are more likely to shut the writer down. Silencing their voice. To include profanity in your "helpful" comment you double down on silencing their voice. So next time keep your unhelpful comments to yourself. If you really can't control your impulses, then please leave the pr

Re:

[thegarbz]

Do you get paid to write words? No? Then you get a free pass.

The "editors" on Slashdot on the other hand don't.

You need to put the U back into URL!

[Daniel Matthews]

How hard is it to have an story submission process that checks the integrity of inputs? Missing or hard to find story links seems to be a regular problem of late.

Local or Wan exploit?

[Zaphoddd]

Correct me here.. Did the fw portion of the hack happen on the lan or wan? It seems to imply wan, but some statements seem like they used their physical access to the camera.