Some of you may be aware that last year there was some exposure given to a vulnerability in Trendnet camera firmware allowing access to their consumer webcam devices despite password protection being enabled.
They claimed to have released a patch within a month to solve the issue and to have contacted every customer to advise them to update their devices.
This is (despite the assurances of Trendnet) still a common issue, to help highlight it a real time map was produced showing where such devices were located and allowing you to connect directly to them.
The website has now been taken down thankfully as the goal of highlighting the issue in mainstream media again was achieved.
This is a pretty good demonstration though of just how prolific an issue this can be when Joe Public gets his hands into the pot but it also reminds me of the many poorly secured 'professional' installations I have come across in my time (I'm sure you have too) and it is hopefully a wake up call to some businesses to improve their security practices.
How would you feel if 'XYZ Security - Live CCTV feeds' was the next google map mashup launched showing devices which you are maintaining or monitoring?
Also take note that despite the publicity around the Trendnet devices, they are not the only ones affected. There was a website called Shodan HQ launched some time ago which gives the ability to search devices which are 'web facing' (in other words can be connected to over the internet) and list those matching specific url strings or other flags. This offers much more capability than Google searches for example in highlighting potential 'target devices'.
It is already possible now to list unsecured access points on some very well known 'professional' DVRs and NVRs.
Ease of connectivity is very much a double edged blade. We must remember that many of the devices we use are now starting to utilise built in web servers and connectivity.
How are you ensuring that you are aware when exploits are announced on devices you utilise?
What are your plans to identify, notify affected users and upgrade potentially affected devices quickly and effeciently?
Are you considering these issues when investigating new web facing technology?
How do you measure for and protect against potential built in backdoor access to foreign equipment?
As well as looking outwards at your clients are your own systems secured and protected?
Is technology advancing too quickly to ensure adequate security is deployed?
As always I welcome your thoughts, questions, answers and debate.....