IP cameras Foscam by default broadcast to the network, every third owner of this is unaware

Often in the modern world the desire for simplicity leads to sad consequences. Here, for example, in the field of high technology - simplicity and convenience almost always jeopardizes the privacy and confidentiality of the user. It can be both WiFi routers, going by default without a password to the wireless network, and mail services allowing the user not to bother with the complexity of the password to be set. Such manifestations of simplicity and convenience often suffer not only from private data of a private individual, but also from large companies, led by their top, middle, and sometimes low-level managers, who are 123 convenient, and the standard Microsoft password policy is too complicated. Today I want to talk about how simplicity and convenience transform the lives of thousands (or even tens of thousands) of people into a reality show.

Motivation

Last autumn there was an addition in my family and, among other obligatory acquisitions, the question arose of observing a sleeping child while I was at work and my spouse in another room. As a true IT person, to the bone of the spouse’s offer to buy an all-in-one radio babe, I just sniffed contemptuously and went on the Internet to look for a more versatile device. The result was the purchase of a WiFi camera with feedback from the Chinese manufacturer Foscam, model FI9821w.

The thing turned out to be very useful, convenient and easy to handle, minus the mediocre quality of the picture. And now about the unpleasant for the average person who loves things that work out of the box.

People put doors in order to keep them closed.

(c) my uncle.
The manufacturer has designed the software for these cameras so that the owner of any level of literacy can quickly install and enable them to work. Of course, this approach also has a reverse side: at the time of the appearance of the picture, most of the inhabitants are stopped by all the activities for setting up. And in vain.
')
By default, the security of Foscam IP cameras is very, very bad:

-Configured 2 accounts: Admin, Operator. No passwords.
The camera, when connected to the network, is immediately automatically registered on a unique dynDNS written on the bottom of the camera. The link to control / view is as follows: ab1234.myfoscam.org:88, where ab are arbitrary characters of the Latin alphabet, 1234 is a number in the range 0000-9999.

One eye

For the sake of curiosity, I conducted an experiment: without hesitation, I fed brutter hydra to the excel list of 10,000 possible hosts on myfoscam.org, starting from the dyndns address of my camera. The result was a list of several hundred cameras that answered 88 ports.
Further studies have shown that 1/3 of the responding cameras admit under the admin username, 2/3 of the remaining ones - under the login operator.
A quick search on the Internet showed that there are many variants of letter prefixes in the domains of the cameras, which indicates a huge spread of cameras of this, as I thought, manufacturer's know-how. Taking a couple more ranges, I just confirmed the previous findings - almost half of the cameras registered via dyndns allow themselves to be viewed with the default credentials. And even in those cases when the owner is determined to change the password of the admin account - the operator account remains, about which everyone forgets. Taking into account the fact that the camera is controlled, as well as transmits sound, a useful thing in everyday life can be a big privacy problem for those who, from the settings, limited themselves to turning on the camera in the network.

Do not misunderstand me

This article is not written for the delight of fantasy lovers pry, but for information to those who are going to buy or already owns the cameras of this manufacturer. This is not anti-advertising - products are quite at the level of money that they ask for, but like everything else in our world, it requires careful handling and the right approach.
Actual for cameras Foscam 8XXX and 9XXX series.