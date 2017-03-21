Burglars Can Easily Make Google Nest Security Cameras Stop Recording (helpnetsecurity.com) 21
Orome1 quotes a report from Help Net Security: Google Nest's Dropcam, Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor security cameras can be easily disabled by an attacker that's in their Bluetooth range. The vulnerabilities are present in the latest firmware version running on the devices (v5.2.1). They were discovered by researcher Jason Doyle last fall, and their existence responsibly disclosed to Google, but have still not been patched. The first two flaws can be triggered and lead to a buffer overflow condition if the attacker sends to the camera a too-long Wi-Fi SSID parameter or a long encrypted password parameter, respectively. Triggering one of these flaws will make the devices crash and reboot. The third flaw is a bit more serious, as it allows the attacker to force the camera to temporarily disconnect from the wireless network to which it is connected by supplying it a new SSID to connect to. If that particular SSID does not exist, the camera drops its attempt to associate with it and return to the original Wi-Fi network, but the whole process can last from 60 to 90 seconds, during which the camera won't be recording. Nest has apparently already prepared a patch but hasn't pushed it out yet. (It should be rolling out "in the coming days.")
By smashing them (Score:3)
with the same blunt instrument they used to break in your windows/doors.
Impressive work. (Score:4, Insightful)
If you aren't sanitizing your inputs against that one; what are you sanitizing?
Smart Burglars (Score:2)
Having said that, it is probably not the common or garden variety burglar taking advantage of this kind of bug.
Re: (Score:3)
But if you could package this attack into a smartphone app and sell it to a burglar... they wouldn't have to be all that bright, would they?
You know the first way an experienced burglar used to check a house prior to encrypted radio being common? They broke in the back door then left to listen to their scanner for alarm company or police dispatch radio traffic.
If somebody else packages up the tools, they're quite capable of using them.
Re: (Score:2)
That's mostly movie stuff, and most of that cabling is underground (at least any place I've seen built in the last 40 years or so).
I suppose you could go all Hollywood and get a fake maintenance vans and uniforms and disconnect the house from the local nodes... (you know, after learning how to trace the lines or figuring out the local telco/cable company labeling system) but these days you have to do phone, cable, power, plus jam wireless signals.
Nothing to worry about (Score:3)
And over here, most burglars don't give a rat's arse about being caught: sentences are low, there's little additional punishment for repeat offenders (the other day they caught a burglar with 33 prior convictions, think he's going to reform much?), and if the police actually do turn up the heat a bit too much for comfort, one simply relocates to the next EU country.
Re: (Score:2)
It seems to be the same in the the USA (Arizona at least). The police seem to view burglary as an unavoidable fact of life, and burglars seem to never get caught and even if they are, hardly prosecuted (presumably because most of them are actually druggies that just need to steal something to sell, in order to get their next fix).
Re: (Score:3)
Fun fact: Years ands years ago my flatmate (room mate) caught a burglar climbing in our window. He beat the guy so badly the Police had to take him to hospital for treatment before charging him.
Re: (Score:2)
Cut the power (Score:2)
Re: (Score:2)
How does a burglar without bulky tools quickly, safely and inconspicuously cut power to a house? Other than the occasional low hanging fruit (meter box, with mains switch, is on exterior of the house) I can't think of a way, but IANAB, so maybe ways exist.
Uh... (Score:2)
Burglars couldn't care less about your Bluetooth vulnerabilities when they can use a mask and be quick about it.
Wireless (Score:2)
Because a burglar would never use a cheap RF jammer they can get for 50 bucks. If your security relies on wireless continuing to function it's broken by design.