A False Lens of Security
Thinking of buying an IP camera to keep an eye on your home or business when you’re away? Or maybe you‘ve already set up a security camera that you can access remotely? If so, you’ll want to read today’s news from the FTC.
TRENDNet, a tech supplier, has agreed to settle FTC charges that the company didn’t provide adequate security for internet cameras it marketed as a way to monitor “babies at home, patients in the hospital, offices and banks, and more.”
People installed these cameras in areas they wanted to monitor, and then viewed live feeds over the Internet through a computer or mobile device. Sounds handy, right?
Unfortunately, according to the FTC complaint, TRENDnet didn’t provide adequate security for customers accessing their video feeds — online or through mobile apps.
For starters, TRENDnet didn’t encrypt usernames and passwords, which would make it easy for hackers to get them and gain access to private video feeds.
Even worse, a security flaw in the settings for these cameras allowed a hacker to access private feeds — about 700 of them — and then post them online for the world to see. These compromised feeds allowed strangers to view private areas of users’ homes and their daily activities.
As part of the settlement, TRENDnet must notify users of the security problems and tell them how to fix them. The company also must implement a comprehensive security plan.
If you’re in the market for an IP camera, look for security features that will help protect your personal information. Our new article, Using IP Cameras Safely, has tips to help.