Home security cameras are anything but secure

 

Click to follow
The Independent Tech

I've never felt quite so aware as I do these days. The volume of stuff being slung at us every day seems to push our capacity for awareness to its limits. And thanks to the feverish competition for that awareness, we've become only too aware of the phrase "raising awareness" and the attention-grabbing activities attached to it – the Ice Bucket Challenge being a notable recent example.

But just when you thought you were incapable of further awareness, look! A website featuring live feeds from security cameras, many of them positioned inside people's homes, facilitated (somewhat ironically) by lax security on the part of the camera manufacturers and the people using them. What's the excuse given for this breach of our privacy? Raising awareness.

Earlier this week, Vice reported that this site carries feeds from over 150 countries including some 1,700 cameras from the UK. They show people going about their everyday business, most of it dull, some of it not, all of it unnecessarily voyeuristic. The pastime, known as IP Cam Trolling, has actually been going on for years – in fact, ever since home security cameras had internet access. Most items connected to the internet can be accessed by someone with enough ingenuity, but in these cases all it takes is to use the default camera login and password (frequently "admin" and "1234") which, in an echo of the phone-hacking scandal, the owners haven't seen fit to change.

Suddenly, the camera that's been so carefully positioned to observe intruders nabbing your silverware is now used to transmit images of you in your pants to some giggling hacker in Seattle. You in your pants on the internet might conceivably raise awareness, but let's face it, the aim of the hack was primarily to see you in your pants.

This somewhat conflicted ethical stance is nicely summed up at the beginning of a YouTube video compilation of hacked security cameras, in which the video's creator bemoans the decreasing number of video feeds available as security is tightened and owners wise up. "I started uploading these videos to make people aware of the security problems with inappropriately configured camera systems," he states, "but it's also sad to see a great source of LULZ coming to an end."

We'd evidently be foolish to ascribe much noble purpose to that person – or, indeed, to anyone who uses online tools to find and tamper with other unsecured stuff connected to the internet, from traffic lights to security control systems for banks. The LULZ – the laughs, to you and I – would seem to be the primary motivation.

At the same time, exposing our lax security to highlight our lax security can serve a useful purpose. Back in 2010 the website Please Rob Me made people think more carefully about publicly announcing their location on Twitter when out and about, as it also announced to the world that their home was unoccupied. Weaknesses in USB security were highlighted at a Las Vegas conference this summer, but a far bigger noise was made last month when someone publicly released the code used to exploit it, forcing manufacturers to take action. Last month was, apparently, Cyber Security Awareness Month in the USA, but that high-profile mischief-making will always generate more headlines, more fuss and more awareness than any carefully orchestrated campaign.

Spare a thought, however, for the person who remains unaware, whose pants are currently visible on a live web feed, suffering in ignorance so that the rest of us benefit, and be thankful that it's not you.

Comments