Dismiss this notice
EaseUS Partition Master Professional Halloween 2020 Giveaway - [Only registered and activated users can see links Click here to register]

Dismiss this notice
SoftMaker Office Standard 2021 Halloween 2020 Giveaway - [Only registered and activated users can see links Click here to register]

Dismiss this notice
Advanced Uninstaller PRO Halloween 2020 Giveaway - [Only registered and activated users can see links Click here to register]

Dismiss this notice
O&O Defrag 24 Professional Halloween 2020 Giveaway - [Only registered and activated users can see links Click here to register]

Dismiss this notice
O&O DiskImage 16 Professional Halloween 2020 Giveaway - [Only registered and activated users can see links Click here to register]

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Avast_Threat_ Research: We tested the security of top IP camera apps, and here’s what
#1
Bug 
Quote:
[Image: TVDumYE.png]

Of the 10 apps that we put to the test, the apps that accompany the Blink and Wyze smart cameras proved to provide the best account security measures

Recently, our research team looked into the account security of app companions belonging to ten IP cameras. Each of these cameras have been listed on Amazon’s “hot new releases” and “best seller” categories. 

Avast IoT researcher, Marko Zbirka, looked into whether the apps that accompany smart cameras include a [Only registered and activated users can see links Click here to register] option, send the owner a notification that someone has attempted to log in or has successfully logged in from a new device, especially if the login attempts came from a device appearing to be on the opposite side of the world, and if the length of account passwords was restricted.  

The 10 different IP cameras, all of which have cloud functionality, are as follows:
  • Blink
  • Wyze
  • YI IOT
  • YI Home
  • Wansview Cloud
  • MIPC
  • Jawa
  • CloudEdge
  • Amcrest Cloud
  • iCSee
The apps accompanying these cameras have all been downloaded 50,000 times or more, and four of the ten have been downloaded more than one million times. 

Checking account security

Our team’s researcher downloaded the apps used to connect and control the cameras and created accounts for them. After successfully logging in, he checked for an option to change the accounts’ password and [Only registered and activated users can see links Click here to register] for the accounts. He then used a second phone with [Only registered and activated users can see links Click here to register] to connect to a server abroad, so that the communication from the second device would go through that server and thus anything being sent from the device would appear to be coming from a device located abroad. 

“I intentionally attempted to log in to my own account using wrong passwords more than 10 times to see if any kind of brute force attempts would be detected by the apps. After that, I used the correct login credentials to log in to see if I received a notification about a new login from a different device and location,” said Marko Zbirka, IoT researcher at Avast. “Following this, I checked if the traffic between the app and the manufacturer’s server was encrypted. Of the ten apps I looked at, only two had what I would consider an acceptable level of account security measures.”

The two apps that provided the best basic account security out of the ten, according to Zbirka, were Blink and Wyze. The Blink app requires users to enter a one-time password to add a new device, a one-time password to change the account password, and notifies users in case of brute force attempts or when a login is made using a new device. 
...
[Only registered and activated users can see links Click here to register]
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Recent Posts
No image AGAIN !!!
Due to blocking acce...Toligo technical account — 23:30
CDERR
The forum looks very...Toligo technical account — 23:27
Giveaway suggestions.
Due to blocking acce...Toligo technical account — 23:25
HA HA HA
Due to blocking acce...Toligo technical account — 23:18
USUŃCIE KONTO
Due to blocking acce...Toligo technical account — 23:17

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>