51
submitted 10 months ago* (last edited 10 months ago) by throws_lemy@lemmy.nz to c/technology@beehaw.org
top 11 comments
sorted by: hot top controversial new old
[-] tal@lemmy.today 11 points 10 months ago

Man, I hadn't thought of that as being a threat.

There are probably zillions of brands of inexpensive, insecure cameras out there from companies that have gone out of business and which were poorly-set-up or configured. Usually not a huge issue, but for military operations in urban areas, it's gonna be a pain.

Countering that is going to be tough.

Maybe disallow security cameras above the third story or something like that, so that any one camera can only see so much. If you can break into one way up and rotate it, which it sounds like they did, then you have good odds of being able to see a lot.

Or disguise the military hardware, which also helps address humans who might be spying.

[-] tesseract@beehaw.org 3 points 10 months ago

Are you kidding me? Governments are trying to expand surveillance on us plebs by expanding their own coverage and forcing access to private ones. We wouldn't have such cameras if they cared about our privacy or safety.

PS: This case should be considered as a slap in the face for those "I don't need privacy because I have nothing to hide" people

[-] jlh@lemmy.jlh.name 2 points 10 months ago

I believe the GDPR covers surveillance cameras. At least, Sweden's version of the GDPR does cover cameras. It is illegal to film public places without approval from the police. If I want to put up a camera, it needs to only film my property, with no sight lines of public space.

https://www.imy.se/privatperson/kamerabevakning/fragor-och-svar---privatpersoners-kamerabevakning/

It's also been illegal to publish aerial photos of the horizon in sweden for a long time, for security reasons. If you publish a photo of the horizon, there is a possibility that there is military base or other secured object in the photo, and you could be in serious trouble. So you need to get approval from the government before publishing the photo.

https://www.lantmateriet.se/sv/spridningstillstand/undantag/

[-] jarfil@beehaw.org 3 points 10 months ago

Sweden's version of the GDPR does cover cameras. It is illegal to film public places without approval from the police

That is not correct, you just need to follow the GDPR guidelines regarding data handling and legitimate purpose:

https://www.imy.se/privatperson/kamerabevakning/att-vara-personuppgiftsansvarig/

illegal to publish aerial photos of the horizon in sweden for a long time, for security reasons. If you publish a photo of the horizon

https://www.lantmateriet.se/sv/spridningstillstand/undantag/

This ties into the "legitimate purpose" of the previous point: you are not forbidden from publishing photos "of the horizon", but an "aerial photo that goes up to the horizon" is likely to go way beyond any legitimate purpose, also showing your neighbor's property, any nearby public roads with people (aka: personal information) on them, along with any possible strategic infrastructure.

The review process is for strategic infrastructures, but in this case it's a double whammy, where you also need to comply with the GDPR.

[-] jlh@lemmy.jlh.name 1 points 10 months ago

As a private person, IMY's page states this requirement for setting up a surveillance camera.

att kameran inte fångar en plats dit allmänheten har tillträde

But yeah, GDPR isn't very restrictive unless you're capturing personal information without a valid reason. Usually the police/myndighet permits are just to make sure that you have a valid reason.

[-] tal@lemmy.today 2 points 10 months ago

I think that part of the problem here was that the person who compromised the cameras was able to robotically rotate them to look at something else. So it's not just what they're aimed at, but what they can be remotely-aimed at that matters for this.

[-] A1kmm@lemmy.amxl.com 1 points 10 months ago

Maybe a good countermeasure would be a lot of honeypot fake cameras that actually just play old video on a loop, or AI generated fake video. Then they might struggle to work out which cameras are real, and waste their time on fake intel.

[-] megopie@beehaw.org 10 points 10 months ago* (last edited 10 months ago)

I remember a while back stumbling arose a forum or web page or something that was just a list of web cams that had ip’s anyone could connect to through a browser, part of it was people playing a sort of geo guesser game and figuring out out exactly where the camera was.

Always felt super weird and surreal, like, I remember two in particular, one was probably a cam in some officer building in Japan. I sat there and watched this guy work on his computer for a like a minute and realized this dude probably had no idea he was being watched by some random weirdo.

Another was a camera on what was probably a Venezuela oil rig, this one had little in built servos so it could pan left right up and down, the inputs for this were open along with the video feed. I wiggled it up and down a bunch out of fascination for like a minute, then a guy I. A hard had and a high vis fest was walking by, he froze and looked at the camera. I stoped moving it and then slowly nodded it up and down. He just started and I closed the page, feeling a little freaked out.

To this day I refuse to have a web connected camera uncovered in my home, I put post its or tape over anything I can’t physically get rid of.

[-] Kerb@discuss.tchncs.de 6 points 10 months ago

you can even google unsecured webcams with querries like: inurl:/view.shtml

and thats just the easy way,
people are constantly portscanning all over the internet.

if you have any device that is publicly reachable,
people know it exists, and will try to hack it

[-] jarfil@beehaw.org 7 points 10 months ago* (last edited 10 months ago)

https://www.shodan.io/search?query=webcam

Geolocalized for easier browsing, currently showing 64 webcams in Kyiv, some with funny things like RDP access.

I always suggest everyone to check their own IP in Shodan, lots of surprises await.

[-] sub_@beehaw.org 6 points 10 months ago

I remember Mirai botnet that scanned for default password on IoT cameras.

They could definitely become a weak link.

this post was submitted on 06 Jan 2024
51 points (100.0% liked)

Technology

37754 readers
314 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS