TRENDnetExposed is supposedly providing a public service: By giving the world one-click access to the private homes of countless strangers, the creators say they hope to push webcam owners to download the necessary security patch. Whatever their true intentions, the creep factor is off the charts. As one io9 commenter noted, "Way back when this story initially broke, I had a moderately interesting time cycling through webcams . . . but it was only when I found myself looking into a vacant child?s bedroom did the reality of this invasion of privacy hit me, and immediately turned my stomach against it."
If this gaping security hole has you worried about your own webcam?s security, first check what model you have and look up whether it has any reported problems. The vulnerability in TRENDnet has existed since this time last year, when TRENDnet took three weeks to respond to the issue with updated firmware. There are now 22 models listed on the TRENDnet homepage as being vulnerable, all produced between April 2010 and February 2012. Although the company has notified all registered owners, they note that many purchasers don?t register their webcams and therefore can?t be warned.
This incident shouldn?t just be a wake-up call to TRENDnet webcam owners, though. Just because your webcam is a different brand, or even built into your computer, it doesn?t mean it?s secure.
Stephen Cobb, a certified information-systems security professional who works as a "security evangelist" for IT security company ESET, tells PM that anyone who wants to use a webcam for an online surveillance system, as many of the vulnerable TRENDnet users do, needs to pay attention to company reputation and security news.
"First, I would look for a webcam that had received great ratings and had no reports of hacking," he says, referencing the fact that TRENDnet?s security troubles have been written about online for over a year. "Then I?d follow the packaging on the device . . . Make a strong password, and, more importantly, register the camera."
That last point is crucial, Cobb says. Many people blow off registering their gadgets, but any device with an IP address will need firmware updates to fix bugs and vulnerabilities. If you don?t register, he says, the company can?t reach you and you might not know your device is at risk. That?s what happened with TRENDnet?s webcams: Even now, a year later, plenty of users haven?t downloaded the firmware patch out of either laziness or ignorance, which is why there are still so many insecure webcam feeds on TRENDnetExposed.
For a webcam that does 24-hour surveillance of your store or home, you?ll have to rely on software protection via firmware updates. But, Cobb says, if you?re not willing to stay on the lookout for news of security failures, you should cover up the cam when it might pick up something personal.
For the average webcam user, these precautions are enough; Cobb says that TRENDnet?s failure was the result of poor quality control at that company and not necessarily an across-the-board danger in using webcams. But anything with a public IP address is subject to attack, so there?s no reason to be careless.
Still, the best solution may be the simplest one: Unplug it. Your webcam can?t be hacked if it?s not plugged into your computer, so USB webcam users should always remember to disconnect when they?re done chatting. Or, if your camera has a built-in webcam, you can cover it with electrical tape when you?re not using the camera. This simple fix might look silly, but you can know for certain that no one will see you in your skivvies.
Melissa Rycroft mega millions Cyber Monday Deals 2012 Sasha McHale Boy Meets World elizabeth taylor chris brown
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.