1. Never heard of Duhua before this thread.

2. I'd trust all these companies plugging the Internet of Things about as much as I trust Trump.

A company I just got a quote for a security system quoted on this brand of cameras and I always understood they were good. Maybe I just won't have it connected to the internet so it only stores data locally.

Dahua is the second largest supplier of CCTV gear in the world. Like Hikvision (#1) they've faced security issues in part because of sloppiness, and in part simply because they have so many devices in use.

While some of these exploits are very bad, they're made worse by people who continue to leave devices accessible on the internet, and those who don't understand the risks of port forwards. IMHO you should have to complete a course and sign a waiver before you're allowed to get firmware to enable port forwards in a router!

Dahua make great gear, but many of their issues in part are the huge parallel supply chains of "hacked" firmware that exist. Because they sell different products in the Chinese market as well as International markets at different price points many Aliexpress sellers (as an example) sell Chinese hardware with dodgy 3rd party firmware that allows the Chinese hardware to have English menus. This hardware has no update path and can't have official Dahua firmware loaded on it.

Where is the best place to source them from, as consumers don't know if NZ retailers are just buying them direct from China or the like. 

DarthKermit:

1. Never heard of Duhua before this thread.

mattwnz:

Where is the best place to source them from, as consumers don't know if NZ retailers are just buying them direct from China or the like. 

sbiddle:

Dahua make great gear, but many of their issues in part are the huge parallel supply chains of "hacked" firmware that exist. Because they sell different products in the Chinese market as well as International markets at different price points many Aliexpress sellers (as an example) sell Chinese hardware with dodgy 3rd party firmware that allows the Chinese hardware to have English menus. This hardware has no update path and can't have official Dahua firmware loaded on it.

 

 

neb:

sbiddle:

 

Dahua make great gear, but many of their issues in part are the huge parallel supply chains of "hacked" firmware that exist. Because they sell different products in the Chinese market as well as International markets at different price points many Aliexpress sellers (as an example) sell Chinese hardware with dodgy 3rd party firmware that allows the Chinese hardware to have English menus. This hardware has no update path and can't have official Dahua firmware loaded on it.

 

 

 

They also don't sell to, or deal with, end users in any form. The preponderance of dodgy grey-market Dahua gear is driven by this, unfortunately, if you want the real thing (Dahua-branded Dahua gear) you need to go through either ridiculously expensive Dahua-approved resellers/installers, or source it on the grey market.

This isn't really any different to the business model of most big security companies.

The issue is also compounded by them selling non Dahua branded OEM gear which is exactly the same product but at a cheaper price.

sbiddle:

 

Dahua is the second largest supplier of CCTV gear in the world. Like Hikvision (#1) they've faced security issues in part because of sloppiness, and in part simply because they have so many devices in use.

 

While some of these exploits are very bad, they're made worse by people who continue to leave devices accessible on the internet, and those who don't understand the risks of port forwards. IMHO you should have to complete a course and sign a waiver before you're allowed to get firmware to enable port forwards in a router!

 

Dahua make great gear, but many of their issues in part are the huge parallel supply chains of "hacked" firmware that exist. Because they sell different products in the Chinese market as well as International markets at different price points many Aliexpress sellers (as an example) sell Chinese hardware with dodgy 3rd party firmware that allows the Chinese hardware to have English menus. This hardware has no update path and can't have official Dahua firmware loaded on it.

 

 

 

With regards to port forwarding -- isn't there a bigger risk with routers having UPnP enabled by default?

amanzi:

With regards to port forwarding -- isn't there a bigger risk with routers having UPnP enabled by default?

amanzi:

 

sbiddle:

 

Dahua is the second largest supplier of CCTV gear in the world. Like Hikvision (#1) they've faced security issues in part because of sloppiness, and in part simply because they have so many devices in use.

 

While some of these exploits are very bad, they're made worse by people who continue to leave devices accessible on the internet, and those who don't understand the risks of port forwards. IMHO you should have to complete a course and sign a waiver before you're allowed to get firmware to enable port forwards in a router!

 

Dahua make great gear, but many of their issues in part are the huge parallel supply chains of "hacked" firmware that exist. Because they sell different products in the Chinese market as well as International markets at different price points many Aliexpress sellers (as an example) sell Chinese hardware with dodgy 3rd party firmware that allows the Chinese hardware to have English menus. This hardware has no update path and can't have official Dahua firmware loaded on it.

 

 

 

 

With regards to port forwarding -- isn't there a bigger risk with routers having UPnP enabled by default?

 

Yes and no. While Dahua supports UPnP it's not enabled so won't pose a risk even if the router has it enabled.

mattwnz:

 

Where is the best place to source them from, as consumers don't know if NZ retailers are just buying them direct from China or the like. 

 

For Dahua the most popular seller appears to be Andy at Empire Technology. Aliexpress and Amazon (does not ship to NZ). He supplies them unbranded, or you can wait for branded products.

Andy is a great guy. If you're wanting to go down the path of buying cameras from Aliexpress he's the only person I'd recommend. Genuine English Dahua or OEM products.

sbiddle:

 

Andy is a great guy. If you're wanting to go down the path of buying cameras from Aliexpress he's the only person I'd recommend. Genuine English Dahua or OEM products.

 

 

 

Does he supply new firmware version if camera's purchased from him? Or a case of using some google-fu.