If you want to learn how to reverse engineer or exploit embedded systems and mobile devices, we can show you!
"We basically have complete control of the camera as if it was our own computer," said Stephen Ridley, founder of security startup Senrio in a phone call with Motherboard.
Read the full article at Vice.
The problem wasn’t specific to Axis, which seems to have reacted far more quickly than competitors to quash the bug. Rather, the vulnerability resides in open-source, third-party computer code that has been used in countless products and technologies (including a great many security cameras), meaning it may be some time before most vulnerable vendors ship out a fix — and even longer before users install it.
Still, there are almost certainly dozens of other companies that use the vulnerable gSOAP code library and haven’t (or won’t) issue updates to fix this flaw, says Stephen Ridley, chief technology officer and founder of Senrio — the security company that discovered and reported the bug. What’s more, because the vulnerable code is embedded within device firmware (the built-in software that powers hardware), there is no easy way for end users to tell if the firmware is affected without word one way or the other from the device maker. Read the full article |
Archives
August 2018
Categories |