fenderman
Staff member
- Joined
- Mar 9, 2014
- Messages
- 36,854
- Reaction score
- 21,299
Last edited:
@fenderman thanks for your sharing here, for the using of dahua devices, do you have any idea for protecting the system not been hacked? Dahua right now has a team for this part, so they can release a new firmware to upgrade. So i ask dahua to make a firmware lists for the old models, if any guys want to update, i can do some support no matter where they buy, but Chinese hacked ones, i can't help~
so maybe the cheap models on amazon will be more dangerous???Its only going to get worse as time go on and researchers are peeling back the onion and finding these exploits. I can only wonder what they will find in all the smart appliances like refrigerators.
Not sure what you mean but I have never bought a refrigerator on Amazon.so maybe the cheap models on amazon will be more dangerous???
That's encouraging, and oddly will enhance their reputation.Dahua Response Improving
Dahua's response to this vulnerability report has been handled better than similar vulnerabilities in the past. They have been responsive to questions from IPVM for details, and have updated their Security Notification as they have progressed through evaluating the vulnerability. To their credit, this also happened fairly quickly after the vulnerability was published, as ReFirm only notified Dahua 2 days in advance of their release, unlike some disclosures where vendors are given 30-45 days advance notice of publication to prepare a response.
Dahua is not Chinese state company, a private guy is the boss, Hikvision is belong to the Chinese Gov, we called State company. They are little hard to communicate, lol .From the ipvm.com report:
That's encouraging, and oddly will enhance their reputation.
Hikvision please note.
Realistically, never gonna happen to any reliable degree. Nature of the beast. The only practical response is to lock them all down to the extent that you can and not trust anything about any of these and other similar devices. Between most having a near full OS and lots of potential connectivity, they're inherently vulnerable. Just a matter of time before there's another and that just becomes more likely as things become more complex and connected.It's obvious, Dahua needs to step it up big time doing Quality Control on firmware, period.
Don't break things, when fixing others for example.