Brilliant quote, shows why it won't be solved really:

 

An Otaki homeowner, who asked not to be named, was identified due to a security camera on her property showing a trailer with her phone number on it.

 

"I'm amazed. I'm lucky that I just have [the cameras] outside. Apart from the trailer sitting there, no one would know where in the world it was, because there's not street names, but people could have street names and they could have identifying factors outside their house."

 

What the hell? Didn't the paper just find her because of a sticker on the trailer with her phone number? And she worry about street names?

I am not going to comment on this Stuff article.

freitasm:

 

Brilliant quote, shows why it won't be solved really:

 

 

An Otaki homeowner, who asked not to be named, was identified due to a security camera on her property showing a trailer with her phone number on it.

 

"I'm amazed. I'm lucky that I just have [the cameras] outside. Apart from the trailer sitting there, no one would know where in the world it was, because there's not street names, but people could have street names and they could have identifying factors outside their house."

 

 

What the hell? Didn't the paper just find her because of a sticker on the trailer with her phone number? And she worry about street names?

 

Yeah, I thought this was a bit like XYZ's naked rear end was shown on camera. XYZ was later quoted as saying, "Well, at least my street name wasn't displayed!"

I'm sick of telling people not to set port forwards to CCTV.

As far as I'm concerned these days if you're dumb enough to set port forwards (or employ a security that is dumb enough to configure port forwards for you) you deserve your CCTV feeds to be on the Internet.

Scope for a public service / advertising opportunity? www.geekzone.co.nz/AmISecure (or /IsMySecurityInstallerDumb) to scan the common ports for CCTV, security alarms and other common offenders.

freitasm: The problem is people don't know about port forwarding and network security and they tend to believe what their security installer says. Can't blame this people really.

Yep, totally agree with this. I was more thinking about how to reduce the process of checking to something straightforward. Checking if any ports are open isn't hard, but no-one I know (outside Geekzone) would even know how to begin / what to google for instructions.

Dumb $h!+ I have heard from security installers.

"They would need to know your IP address _and_ the port its on"

"It has a password you set that makes it secure"

"You're safe on a dynamic IP address since it changes all the time"

Edit:

Also now I know that the things I saw on conveyers were kiwifruit. Had no idea and thought it was some form of factory. Lol.

Wonder what facebook group they saw the site with those ones on, I saw it posted on crappy electrical recently and commented. But friends saw it on some others. For a while some of the cameras were getting really choppy so I guess lots of people were looking and thrashing their upload.

I started a blog post about this about a year ago when somebody on here started asking questions..And I updated it about 6 months ago when somebody else was complaining about port forwards and CCTV. Maybe I should actually finish it!

With what little knowledge I have on this other than sorting a few routing issues with a mates NVR, I take it it's referring to cameras offering a cloud connect solution and or single IP units with the dodgy chinese-english firmware that they open up

Rather than a single point such as an NVR being the risky part with its built in password change requirements and NAT and such

We get calls every week from customers because our routers are managed so we have to do the port forwards for them. And their security guy telling them to request the port forwards on 80 and 8080 doesnt seem to know about actual security.  

I see there are now a few of the newer models of DVR on aliexpress now use a cloud system rather than port forwards so I am thinking of getting customers to request cloud connected models now instead of the ones that require port forwards.

I had a cloud one and had a quick play with it.

Saw incoming data from the cloud server just by putting in my serial number without even the password being verified so I am not 100% sure how secure they really are. I know with the xmeye ones you can add the DVR to an account by serial number (which there is nothing to check that you really own it in the process) but that only seems to group them.

Till someone audits the cloud stuff I have zero faith in that either.

Oblivian:

 

With what little knowledge I have on this other than sorting a few routing issues with a mates NVR, I take it it's referring to cameras offering a cloud connect solution and or single IP units with the dodgy chinese-english firmware that they open up

 

Rather than a single point such as an NVR being the risky part with its built in password change requirements and NAT and such

 

It's not just cameras - NVR's are just as risky. The issue also isn't just people seeing your cameras, it's the fact that much of the Chinese hardware has such poor code there are well known backdoors for many brands so is also being utilised for DDOS attacks. 

There was also even a famous hack a few years ago using NVR's for bitcoin mining.

It's a bit like when your building security company installs a card access system and leaves the card encryption key as the well known default,  hmmm