News:

Registered a URL and setup a forum as the IPCam stuff really needed its own site vs my irregular blog posts about IPCam hacking at http://www.computersolutions.cn/blog

Poll

Would you build a house on sand with no supporting foundation?

Yes
0 (0%)
No
0 (0%)

Total Members Voted: 0

Voting closed: August 12, 2016, 11:56:22 am

Author Topic: How To Easily Purchase And Operate A Substandard Network IP Camera System  (Read 5832 times)

  • ***
August 13, 2015, 11:56:22 am
1. Only buy Network IP Camera "Gray Market" equipment that has no official warranty from the manufacturer or official future firmware support from the manufacturer. Including but not limited to Network IP Cameras, NVR's and DVR's.

Share with direct link to this: http://www.openipcam.com/forum/index.php/topic,1190.msg4643.html#msg4643 shorter version and link to it can be found in my second post here. Which includes much more extensive details directly from Hikvision as well.

2. Believe everyone and anyone that says and states the above is "Best Practice", while they try to convince you it's such an intelligent thing to do. As they say "Misery loves company".

3. See if you can quickly and exponentially increase your current risks of being exposed to "Identity Theft" and spending time cleaning up the aftermath, afterwards. By rolling the dice on using "Grey Market" Network IP Camera devices, that required kludged firmware to be purchased and/or installed in them ("Not created by those devices manufacturers") prior to your purchase. By those "Grey Market" Network IP Camera device sellers. In order for those "Gray Market" Network IP Camera devices to properly operate in your preferred language. At your time of purchase.

Which those "Grey Market" sellers may have knowingly or unknowingly installed in your "Gray Market" Network IP Camera devices, with "Value Added" malware. This is because Network IP Camera equipment "Gray Market" sellers. Rarely have the smarts themselves, to create their own kludged firmware for their "Gray Market" Network IP Camera devices nor do they normally have the smarts themselves to do a thorough analysis of any kludged firmware they purchase and/or installed from others, in their "Gray Market" Network IP Camera devices. Making sure that firmware has no malware included with it.

Most likely the "Grey Market" seller of Network IP Camera devices went with the lowest bidder willing to provide that kludged firmware ("Not created by the manufacturer of the Network IP Camera device") and the creators of that kludged firmware could have very different agendas. Which is why they might make a low bid for the lowest price on creating that kludged firmware for the "Grey Market" seller of Network IP Camera devices. Or even be willing to do it for free.

Any agendas which a kluged firmware provider might have when offering "Gray Market" sellers the custom firmware they need and require to provide "Gray Market" Network IP Camera devices which will work in your preferred language. May have never included worrying about any potential repeat kludged firmware business income from that "Grey Market" seller of Network IP Camera devices. Or even making much income on any low bid or free offer they make to the "Gray Market" seller selling that Network IP Camera equipment. Since any malware added to that kludged firmware could easily generate more income than any potential repeat kludged firmware income, could or would have. From that same "Grey Market" seller of Network IP Camera devices.

Point being, even if you stay on the initial kludged firmware which was pre-installed by your "Gray Market" seller prior to your purchase. Which was not created by the manufacturer of your "Gray Market" purchased Network IP Camera device. Because you're not the type of person who ever does a firmware upgrade anyway. That kludged firmware not supplied by the actual manufacturer. Which will now always be residing in your "Gray Market" Network IP Camera device, could be harboring malware that could spread to other devices in your local network and/or other devices you use to communicate with your "Gray Market" purchased Network IP Camera device remotely.

Note: Some ("Wanna Be Experts") will make false statements which include "As long as you don't expose your Network IP Camera device to the Internet. Then it can't harm anything even if it's harboring malware". Which is a egregious fabrication of the facts. Many types of malware can hunt for and find local devices in their local networks on their own, query data and information located on other devices they find and infect other devices. Which they find in their own local networks. Without any need to be exposed remotely to the Internet. Odds are good some of the most valuable data and information you have is located on devices, in your local network.

If the above were to happen. Then you could have more to lose than simply exposing Network IP Camera device User credentials and any FTP and Email User credentials stored in that Network IP Camera device. You could be exposing many other additional devices in and outside of your local network and the data and information they contain, to any malware residing in any kludged firmware ("Not supplier by the manufacturer") installed prior to your purchase by a "Gray Market" seller. Some malware is designed to propagate from one device to others as well. So you could also be literally infecting other devices with malware from this single initial source of malware.

Will the above actually happen to you personally when or if you purchase "Gray Market" Network IP Camera equipment from a seller which required that "Gray Market" seller to use kludged firmware to be used vs. the manufacturers standard firmware to be able to operate properly in your preferred language prior to your purchase? Who knows.

Could the above actually happen to you personally now or in the future by purchasing "Gray Market" Network IP camera equipment from a seller who installed kludged firmware in Network IP camera equipment you purchased. Which was not provided by the manufacturer of that Network IP Camera equipment. Absolutely it can or could. Can anyone accurately predict what the odds are that this could or can happen to you personally? No, they can't. If they say they can, they're lying.     

4. Never worry about trying to remaining current with firmware provided by the manufacturer for Network IP Camera devices in the future. Which you would have been easily able to do. But you might not be able to do with "Grey Market" Network IP Camera devices.

Because the actual manufacturer of the Network IP Camera equipment you purchased on the "Gray Market" may not allow standard firmware provided by that manufacturer which is using your preferred language, to be installed on any of their Network IP Camera devices which were purchased on the "Grey Market".

This can mean that when/if major security issues are fixed, major bugs are fixed or new features are added by the manufacturers latest firmware. That your "Grey Market" Network IP Camera device might not be able to successfully install that firmware that does operate in your preferred language. Because a manufacturer won't allow the firmware upgrade to complete successfully for "Grey Market" Network IP Camera devices, which are using preferred languages they were not intended to support. 

This is currently taking place today!
 
Some of these same ("Wanna Be Experts") will say and tell you that "You don't need to worry about or do that IF your Network IP Camera device ("Seems to be") currently working OK". Worse when/if you locate new firmware provided by the manufacturer which is in your preferred language. That you can't successfully install, because your Network IP Camera equipment was purchased on the "Gray Market". These same ("Wanna Be Experts") will quickly inform you that no matter or whatever that new firmware says it includes. From security to other bug fixes, to new features is not needed by you. Go figure!

------------------------------------

If you need to stay within a budget and any specific Network IP Camera equipment you would like to purchase, can't be purchased to be within that budget without using the "Gray Market". Please look for other Network IP Camera equipment vs. trying to take the substandard "Gray Market" path, to build any serious Network IP Camera system. Long term, it's a losing proposition and is not the deal you may be told ("By some") it is.

It's well documented fact that many Network IP Camera equipment manufacturers are changing strategies on how to complicate using their Network IP Camera equipment purchased on the "Gray Market" with languages they were not intended to be used with in other areas and you don't want to become a victim of those changing strategies, now or in the near future.

If a deal seems too good to be true and/or this is the first time you have dealt with a specific seller of Network IP Camera equipment. Always ask the questions below and get a response to all of them, in writing. Prior to you actually purchasing Network IP Camera equipment from a seller that you have never dealt with before:

1. Will the Network IP Camera equipment I purchase from you be shipped with the original firmware which was installed by the manufacturer and work and function in my preferred language ("Insert preferred language here")?

2. Will I be able to upgrade firmware provided by the manufacturer of the Network IP Camera equipment I purchase from you, using the firmware the manufacturer releases for my preferred language ("Insert preferred language here")?

3. Will the Network IP Camera equipment I purchase from you, be covered by the manufacturers warranty?

If you fail to ask these question above prior to your purchase. You may need to pay for return shipping for any Network IP Camera equipment you purchased to be able to have your purchase be credited back to any account you used for your purchase. Which may not be cheap.

Also by not using proper return shipping methods, such as not using "Return Receipt" and not using insurance with your returned item. A seller can claim your returned item was never received or that it was received but was damaged when received.

Even if your payment provider, deems that the seller had not provided you the Network IP Camera equipment they said they would. Many if not most "Gray Market" Network IP Camera equipment sellers know you will need to actually return any item you purchased from them and can use this as a tactic to make it more likely that you will simply keep what you purchased from them because you feel it would be too expensive and/or time consuming to ship back.

Note: I have no doubts or confusion, that ("Wanna Be Experts") will say and continue to say otherwise. Again, because "Misery loves company" and/or because they install Network IP Camera equipment, for others using ("Gray Market") Network IP Camera equipment. But that's the price one pays for giving real and truthful "Best Practice" advice, on this subject matter.

About Me -- Free methods to access, display and control you Network IP Cameras securely for your private use or for public use in web pages on websites

Don
« Last Edit: March 12, 2016, 12:24:15 am by TheUberOverLord »

  • No avatar
  • *****
August 17, 2015, 02:46:00 am
hmmm, yeah, I can see the intention was good ....

BUT ... do you really think that someone is going to read that? It would be hard enough in regular English but with your extravaganza of using fullstops in between sentences   ...  I doubt it.

nothing personally, I appreciate your effort in the field of aftermarket software for this little devices.

  • ***
August 17, 2015, 06:55:33 am
Share with direct link to this shorter version: http://www.openipcam.com/forum/index.php/topic,1190.msg4648.html#msg4648

hmmm, yeah, I can see the intention was good ....

BUT ... do you really think that someone is going to read that? It would be hard enough in regular English but with your extravaganza of using fullstops in between sentences   ...  I doubt it.

nothing personally, I appreciate your effort in the field of aftermarket software for this little devices.

Short version of prior post here ("Meant for generally less technical audience than first post here is") and for those that want or need a shorter version.

Recent Quote From Hikvision - Received By Me Via Email On August 18, 2015:

"At Technical Support, we trace every serial number of product to it source and deny service accordingly. These sources are reported back to HQ in China who will stop selling to violators of their re-sale agreement. Other changes are coming to the Domestic China products which will make them less desirable (and unhackable) for the  International English market.

From: Bob Germain

Hikvision - Director of Product Management"

Actual Email of the above - Click on image below for larger image of same


Another Hikvision statement on this:



That said. Their statements above, don't even deal with any sanctity of any custom firmware installed by all "Grey Market" sellers being totally free of malware since unless they create their own custom firmware which is certified by their technical firmware in-house developers as malware free or always can be trusted to thoroughly check firmware provided by 3rd parties for malware that create any firmware they need installed ("Prior to shipping") for their Hikvision "Gray Market" products they sell which are required to operate in your preferred language, in many if not most cases.

More extensive details on this subject matter provided directly from Hikvsion on August 7th, 2015 ("10 days ago") can be found here. Again, proving that they are changing strategies and that not every "Gray Market" seller will survive those constantly changing strategies. Now or even in the "Near" future let alone, the long term:

http://www.saveontelephonebills.com/camera/Hikvision%20and%20Authorized%20Distributors%20080715.pdf

If anyone reading this, doesn't care what Hikvision is ("Currently saying within the last 10 days") a link to that information can be found at the above link. That's your business, not mine.

That said. Some Network IP Camera equipment owners and those looking to purchase Network IP Camera equipment value knowing what a manufacturers recent statements are on products they produce being sold on the ("Gray Markets") prior to purchasing "Gray Market" Network IP Camera equipment.

About Me -- Free methods to access, display and control you Network IP Cameras securely for your private use or for public use in web pages on websites

Don
« Last Edit: March 12, 2016, 12:23:29 am by TheUberOverLord »

  • ***
September 03, 2015, 01:25:22 pm
A new report was released today ("September 3, 2015") by Rapid7. Which focuses on "Baby Monitors".

While I'm not trying to suggest that every Network IP Camera equals a "Baby Monitor". It's noteworthy that virtually all Network IP Cameras and even Network IP Camera NVR/DVR equipment do share many of the same issues which the report below highlights. That their owners should be aware of. Including the importance of being able to upgrade firmware, using new firmware released by the manufacturer, as needed.

This is relevant to this topic because some "Gray Market" Network IP Camera equipment is sold with custom counterfeit firmware installed and may not be able to be upgraded using new firmware released by their manufacturers because of that.

The report is a good read:

https://www.rapid7.com/docs/Hacking-IoT-A-Case-Study-on-Baby-Monitor-Exposures-and-Vulnerabilities.pdf

Note: The report above clearly shows that isolating Network IP Camera equipment to local network access only, does not exclude all forms of abuse.

Don
« Last Edit: September 03, 2015, 02:22:07 pm by TheUberOverLord »