TRENDnet Camera Vulnerability Left Users Exposed

By Rory Lidstone September 06, 2013

A common reaction that many people had to webcams when they first became popular was concern – concern that one of those little cameras could act as a window into their household. It’s a fair concern, but one that’s largely unfounded, since most webcam makers tend to put security measures in place to prevent such incursions.

Unfortunately, fears of privacy invasion were proven accurate recently as the Federal Trade Commission discovered earlier this week that certain monitoring products from TRENDnet had in fact been used to spy on households. The FTC has already taken action to prevent further privacy invasions, starting with penalizing TRENDnet for what it says are “lax security practices.”

Indeed, although TRENDnet advertised its products — meant for home security and baby monitoring purposes — as secure, the devices were in fact compromised. The first time a hacker exploited the security flaw in these devices was back in January 2012. That hacker then posted links to the live feeds, which displayed the everyday lives of families that owned the at-risk devices.

Obviously, this is a startling reminder that security oversight should be stricter with such devices. This is especially true now that M2M technology and the Internet of Things are rising to prominence.

That said, people have been warning of the danger of unprotected endpoints for some time, with many saying M2M as a whole needs a security assessment. Frost & Sullivan, for example, released a report earlier this year which states that security solutions should be looked into before new infrastructures become active.

“The Internet of Things holds great promise for innovative consumer products and services,” said FTC chairwoman Edith Ramirez in a statement. “But consumer privacy and security must remain a priority as companies develop more devices that connect to the Internet.”

As for TRENDnet, the FTC stated that the company has been transmitting customer login information over the Internet in readable text, without encryption. Meanwhile, the TRENDnet mobile app, which enables remote control of its cameras, also did not properly protect user credentials. When it became aware of these flaws, TRENDnet released a software update to its website to remedy them.

The company has agreed to sanctions including a 20-year security compliance auditing program.

Edited by Alisen Downey

IoTevolutionworld Contributing Writer

Related Articles

5G Progresses Despite COVID-19, Data Says

By: Ken Briodagh    7/2/2020

5G progress in connections and deployments continues despite the COVID-19 pandemic and resulting economic downturn, according to 5G Americas and resea…

Read More

Keyfactor and PrimeKey Partner on Scalable PKI for IoT and Enterprise

By: Ken Briodagh    6/30/2020

Keyfactor and PrimeKey have entered a partnership and integration designed to simplify and automate PKI for large-scale enterprise and internet of thi…

Read More

The Future of IoT: Small is the New Big

By: Arti Loftus    6/30/2020

The commercial availability of 5G-ready, transitional chipsets designed specifically for low power and low bandwidth IoT applications are now availabl…

Read More

Eseye Incorporates floLIVE to Expand its Global IoT Connectivity

By: Chrissie Cluney    6/26/2020

floLIVE has supplied Eseye with a virtual connectivity infrastructure in new regions. This infrastructure comes with complementary management and repo…

Read More

Cisco to Acquire ThousandEyes

By: Chrissie Cluney    6/24/2020

According to a recent announcement, Cisco intends to acquire privately held ThousandEyes, Inc.

Read More