The Architects Room: What goes on when Neo isn’t getting lectured presented at LayerOne 2013

by Dan Tentler,

Tags: Security

Summary : People put webcams on the internet. They think since they didn’t tell anybody, their webcam is private. They think that their grow room, laboratory, their home, office or other places they put webcams remain private – but what they’ve done, unknowingly, is built a gigantic wall of screens that anybody on the internet can watch. “Oh, so you found some webcams”, you’ll say – well yes, yes I did. But the relationships between the cameras, timezones, and whats ON the cameras start to surface once you reach a certain density. Ever see that horrible movie eagle eye? It’s kind of like that. I’ll also be talking about the approach of how to identify common vulnerabilities, explaining how to unroll firmware and how to use what you find to find more public cameras. Many camera vendors share a codebase – so if one is vulnerable, all of them are. I’ll also explain some basic network security concepts that one can employ to take a webcam from one of these vendors and make it safer. Webcams by and large are a great example of products made by companies that simply don’t care about security. Let’s highlight that.