[Message Prev][Message
Next][Thread Prev][Thread Next][Message
Index][Thread Index]
Re: CCTV DVRs
--047d7b33cd7c30588e04f79fb0a9
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Max,
wow, that does make for an interesting read. I'm not sure how to react
though, so if I don't buy swann, but buy 'x' that runs from the same base
system, or if I buy 'y' that has the same flaws, but no-one has written it
up, am I any better off?
Obviously having the device on the internet has great benefits, but as you
point out this may come at great cost.
Regards
Simon
---
"I rejoice at your word like one who finds great spoil" (Ps.
119:162).
Treasure just waiting to be enjoyed every morning.
On 22 April 2014 10:52, Max Hodgson <max@xxxxxxx> wrote:
>
>
>
> On 22 April 2014 10:45, Simon McCaughey <simonmcc@xxxxxxx>
wrote:
>
>>
>>
>> Our Geovision system died a few months ago, and I haven't got
round to
>> replacing it yet. I was thinking of going for one of the Swann
Trublue
>> systems from maplin, as they seem of a reasonable spec and they
are not =
too
>> expensive.
>>
>> Had you considered them, or do you think the others are a lot
better? (I
>> know they might not tick all your boxes)
>>
>>
>>
> Hi,
>
> Before looking at Swann stuff I would recommend looking at this:
>
>
> http://console-cowboys.blogspot.co.uk/2013/01/swann-song-dvr-insecurity.h=
tml
>
> Edited Highlights: "tl;dr; A whole slew of security dvr devices
are
> vulnerable to an unauthenticated login disclosure and unauthenticated
> command injection."
>
> If you are thinking of having one accessible to the internet, I would
> probably think twice...
>
> Max.
>
>
>
>=20
>
--047d7b33cd7c30588e04f79fb0a9
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<head>
<style type=3D"text/css">
<!--
/* start of attachment style */
.ygrp-photo-title{
clear: both;
font-size: smaller;
height: 15px;
overflow: hidden;
text-align: center;
width: 75px;
}
div.ygrp-photo{
background-position: center;
background-repeat: no-repeat;
background-color: white;
border: 1px solid black;
height: 62px;
width: 62px;
}
div.photo-title=20
a,
div.photo-title a:active,
div.photo-title a:hover,
div.photo-title a:visited {
text-decoration: none;=20
}
div.attach-table div.attach-row {
clear: both;
}
div.attach-table div.attach-row div {
float: left;
/* margin: 2px;*/
}
p {
clear: both;
padding: 15px 0 3px 0;
overflow: hidden;
}
div.ygrp-file {
width: 30px;
valign: middle;
}
div.attach-table div.attach-row div div a {
text-decoration: none;
}
div.attach-table div.attach-row div div span {
font-weight: normal;
}
div.ygrp-file-title {
font-weight: bold;
}
/* end of attachment style */
-->
</style>
</head>
<html>
<head>
<style type=3D"text/css">
<!--
#ygrp-mkp {
border: 1px solid #d8d8d8;
font-family: Arial;
margin: 10px 0;
padding: 0 10px;
}
#ygrp-mkp hr {
border: 1px solid #d8d8d8;
}
#ygrp-mkp #hd {
color: #628c2a;
font-size: 85%;
font-weight: 700;
line-height: 122%;
margin: 10px 0;
}
#ygrp-mkp #ads {
margin-bottom: 10px;
}
#ygrp-mkp .ad {
padding: 0 0;
}
#ygrp-mkp .ad p {
margin: 0;
}
#ygrp-mkp .ad a {
color: #0000ff;
text-decoration: none;
}
-->
</style>
</head>
<body>
<!-- **begin egp html banner** -->
<br><br>
<!-- **end egp html banner** -->
<div
dir=3D"ltr">Max,<div><br></div><div
style>wow, that does make for an i=
nteresting read. I'm not sure how to react though, so if I
don't bu=
y swann, but buy 'x' that runs from the same base system,
or if I b=
uy 'y' that has the same flaws, but no-one has written it
up, am I =
any better off?</div>
<div style><br></div><div style>Obviously having
the device on the internet=
has great benefits, but as you point out this may come at great
cost.</div=
><div style><br></div></div><div
class=3D"gmail_extra"><br clear=3D"all"><d=
iv>
<div
dir=3D"ltr">Regards<br><br>Simon<div>---</div><div><span
style=3D"colo=
r:rgb(51,51,51);font-family:'lucida
grande',tahoma,verdana,arial,sa=
ns-serif;line-height:17px">"I rejoice at your word like
one who finds =
great spoil" (Ps. 119:162).=C2=A0</span></div>
<div><span
style=3D"color:rgb(51,51,51);font-family:'lucida
grande'=
,tahoma,verdana,arial,sans-serif;line-height:17px">Treasure just
waiting to=
be enjoyed every
morning.</span><br></div></div></div>
<br><br><div class=3D"gmail_quote">On 22 April
2014 10:52, Max Hodgson <spa=
n dir=3D"ltr"><<a href=3D"mailto:max@xxxxxxx";
target=3D"_blank">ma=
x@xxxxxxx</a>></span> wrote:<br><blockquote
class=3D"gmail_quote" =
style=3D"margin:0 0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
=20=20=20=20=20=20=20=20
<div>
<br><br>
<div dir=3D"ltr"><div
class=3D"gmail_extra"><div
class=3D""><br><div class=
=3D"gmail_quote">On 22 April 2014 10:45, Simon McCaughey
<span dir=3D"ltr">=
<<a href=3D"mailto:simonmcc@xxxxxxx";
target=3D"_blank">simonmcc@gmail.=
com</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px
0px 0.8ex;border-=
left:1px solid rgb(204,204,204);padding-left:1ex">
<u></u>
=20
<div>
<span>=C2=A0</span>
<div>
<div>
<div>
=20=20=20=20=20=20
=20=20=20=20=20=20
<p></p><div dir=3D"ltr">Our Geovision system
died a few months ago, a=
nd I haven't got round to replacing it yet. I was thinking of going
for=
one of the Swann Trublue systems from maplin, as they seem of a reasonable=
spec and they are not too expensive.<div>
<br></div><div>Had you considered them, or do you think
the others are a lo=
t better? (I know they might not tick all your
boxes)</div><div><br></div><=
/div><div class=3D"gmail_extra"><br
clear=3D"all"></div></div></div></div>
</div></blockquote><div><br></div></div></div>Hi,<br><br></div><div
class=
=3D"gmail_extra">Before looking at Swann stuff I would
recommend looking at=
this:<br><br><a href=3D"http://console-cowboys.blogspot.co.uk/2013/01/swan=
n-song-dvr-insecurity.html" target=3D"_blank">http://console-cowboys.blogsp=
ot.co.uk/2013/01/swann-song-dvr-insecurity.html</a><br>
<br></div><div class=3D"gmail_extra">Edited
Highlights: "tl;dr; A whol=
e slew of security dvr devices are vulnerable to an=20
unauthenticated login disclosure and unauthenticated command
injection.&quo=
t;</div><div
class=3D"gmail_extra"><br></div><div
class=3D"gmail_extra">If =
you are thinking of having one accessible to the internet, I would
probably=
think twice...<span class=3D"HOEnZb"><font
color=3D"#888888"><br>
<br>Max.<br><br></font></span></div></div><div
class=3D"">
<br>
<br>
<div width=3D"1"
style=3D"color:white;clear:both"></div>
</blockquote></div><br></div>
<!-- **begin egp html banner** -->
<br>
<br>
<!-- **end egp html banner** -->
<div width=3D"1" style=3D"color: white; clear:
both;"/>__._,_.___</div>
=20=20=20=20=20=20
=20=20
=20=20=20=20
<!-- Start Recommendations -->
<!-- End Recommendations -->
<!-- **begin egp html banner** -->
<br><br>
<tt>
<*> Join the Automated Home Forums<BR>
<a href=3D"http://www.automatedhome.co.uk/vbulleti=
n/">http://www.automatedhome.co.uk/vbulletin/</a><BR>
<BR>
<*> UKHA_D Mailing list in association with:<BR>
<a href=3D"http://www.automatedhome.co.uk";>http://=
www.automatedhome.co.uk</a><BR>
<BR>
<BR>
</tt>
<br><br>
<!-- **end egp html banner** -->
<!-- **begin egp html banner** -->
<img src=3D"http://geo.yahoo.com/serv?s=3D97476590/grpId=3D1109639/grpspI=
d=3D1705041992/msgId=3D164814/stime=3D1398165136"
width=3D"1" height=3D"1">=
<br>
<!-- **end egp html banner** -->
=20=20
<!-- **begin egp html banner** -->
<br>
=20=20=20
=20=20=20=20=20
=20
<!-- **begin egp html banner** -->
<div id=3D"ygrp-vital" style=3D"background-color:
#f2f2f2; font-fam=
ily: Verdana; font-size: 10px; margin-bottom: 10px; padding:
10px;">
<span id=3D"vithd" style=3D"font-weight: bold; color:
#333; text-tr=
ansform: uppercase; "><a href=3D"https://groups.yahoo.com/neo/groups/ukha_d=
/info;_ylc=3DX3oDMTJldjBzOGNwBF9TAzk3MzU5NzE0BGdycElkAzExMDk2MzkEZ3Jwc3BJZA=
MxNzA1MDQxOTkyBHNlYwN2dGwEc2xrA3ZnaHAEc3RpbWUDMTM5ODE2NTEzNg--"
style=3D"te=
xt-decoration: none;">Visit Your Group</a></span>
<ul style=3D"list-style-type: none; margin: 0; padding: 0; display:
in=
line;">
</ul>
</div>
<div id=3D"ft" style=3D"font-family: Arial; font-size:
11px; margin-top: 5p=
x; padding: 0 2px 0 0; clear: both;">
<a href=3D"https://groups.yahoo.com/neo;_ylc=3DX3oDMTJkY3ZrazB1BF9TAzk3ND=
c2NTkwBGdycElkAzExMDk2MzkEZ3Jwc3BJZAMxNzA1MDQxOTkyBHNlYwNmdHIEc2xrA2dmcARzd=
GltZQMxMzk4MTY1MTM2" style=3D"float: left;"><img
src=3D"http://l.yimg.com/r=
u/static/images/yg/img/email/new_logo/logo-groups-137x15.png"
height=3D"15"=
width=3D"<? ol var!Pref.EmailFooterLogo.FullFeatured.Width
?>" alt=3D"Yaho=
o! Groups" style=3D"border: 0;"/></a>
<div style=3D"color: #747575; float: right;"> •
<a href=3D"https://i=
nfo.yahoo.com/privacy/us/yahoo/groups/details.html"
style=3D"text-decoratio=
n: none;">Privacy</a> • <a href=3D"mailto:ukha_d-unsubscribe@yahoogrou=
ps.com?subject=3DUnsubscribe" style=3D"text-decoration:
none;">Unsubscribe<=
/a> • <a href=3D"https://info.yahoo.com/legal/us/yahoo/utos/terms/";
st=
yle=3D"text-decoration: none;">Terms of Use</a>
</div>
</div>
<!-- **end egp html banner** -->
</div> <!-- ygrp-msg -->
=20=20=20
<br>
<!-- **end egp html banner** -->
<div style=3D"color: white; clear:
both;"/>__,_._,___</div>
</body>
</html>
--047d7b33cd7c30588e04f79fb0a9--
UKHA_D Main Index |
UKHA_D Thread Index |
UKHA_D Home |
Archives Home
|