New Research Finds Potential Security Risk in Internet Based Home Monitoring Cameras

A new study found that some popular home security cameras could alert a tech savvy burglar whether you are home or not. The researchers claim they could tell not only if someone was home but perhaps even what they are doing by looking just at the data uploaded by the camera and not even the actual footage.

The study was conducted by Queen Mary University of London and the Chinese Academy of Science. They used data provided by a large Chinese manufacturer of IP security cameras. Consumers use the cameras to remotely monitor their homes via a video feed over the internet.

The study found that the unencrypted data upload increased when a camera was recording movement. And that they could even tell by the data—and not the video feed itself—if someone was sitting or running for example.

While researchers were quick to note it would take a fairly technically savvy criminal to passively monitor this data it isn’t out of the question that someone could create and sell a software program that takes away the need for technical know-how.

The researchers also noted that they found no evidence that this was happening regularly or at all but it is a potential loop-hole in internet based home monitoring cameras. Someone could potentially collect and compare data to decide when someone is least likely to be home. Researchers suggested companies might want to inject random data into the stream to make it more difficult to make the data useful to criminals.

As of know these cameras aren’t very “smart” (to keep costs down) and record everything. In the future cameras might be able to decide when to record or when not to. For example, pet owners would probably want to set their cameras to ignore their pets’ movements.

Passwords

Yes, another article about passwords. There seems to be new breaches every week of major sites where passwords are compromised. The Victor crew wants to bring home some information about this.

Only 29 percent of consumers change their password for security. The reason most people change their password is because they forgot it. In an interesting study, Type A and Type B personalities offer different insights.

Type A
Bad password behavior stems from their needing to be in control. They believe they are organized but this puts them at risk. 35% of them reuse passwords because they want to remember them all. Detail oriented people have a system to remember passwords (maybe not such a bad thing).

Type B
Their bad password behavior comes from convincing themselves that their accounts matter little to hackers. They prefer a password easy to remember.

Many people know their password is bad yet they use it anyway. Many were found to include initials, names, pet’s names, important dates, and other information readily available on social media sites.

The longer and more complex the password, the harder it is to crack.

The Victor crew

https://www.helpnetsecurity.com/2016/09/29/risky-password-practices/