Tv hacker: I'll write code to hack their security cameras

2 seconds later

Tv hacker: I'm in

Me: go fuck yourself you fucking fuck

Another story on the spirit of wk93. TL;DR I DOS'd the whole campus network for some beers.

In highschool teachers had this blackboard system (a sort of moodle) and we used to have really lazy teachers who only read the PowerPoint presentations and made us take notes. One day I was fed up with their bullshit and figured these lazy ass professors wouldn't "teach" crap as soon as there was no internet connection...so the race was on...

10 minutes before the bell rang a friend and I managed to break in into a computer lab, I booted up Kali and searched for the access points, 3 routers through the building all with CISCO OS.

I figured they had all the default configs, time was running out so I decided to Smurf the three access points with the lab's IP range, scheduled an automatic shutdown in 2 hours and blocked the PC. The bell rang and as predicted, no internet, no class, my friends and I used that free time to go to a bar (on a Monday afternoon).

Funny side note, since the 3 routers were down the whole network collapsed, no cameras, no access control, no faculty network or any network. We kept doing it and every time we did campus security would be desperately searching for someone with a black hoodie.

My parents told everyone at church that I have a computer science degree. I got asked to install security cameras 5 minutes after. Cool :/

I work in an unrelated field, and code in my spare time as I'm just starting out. Have to pay tbe bills somehow, amirite?

So my boss has installed cameras "for security", and uses them to monitor staff on a regular basis. A couple months ago he pulled me aside with a piece of paper. My "second written warning" (next step prior to dismissal) however I haven't received any other disciplinary action.

The warning contained 10 points, all of which made reference to observances over the damn cameras.

Please keep in mind -- I have been an overachieving empleyee for over 5 years, and friends with the bosses the whole time. My boss was in my wedding party.

So my office is located in the oldest part of the hospital I work at. Weird shit happens here, especially at night. Currently working on configuring our security cameras, stand by for triply shit.

I arrived at 8am sharp today, SHARP, I usually arrive 2-3min earlier, so I can start with my actual work at 8am sharp, but traffic was rough and my scooter wouldn't turn on, so I wasn't able to.
Suddenly my boss calls me into his office, being all like "you are late everyday, you won't start work until 5 after 8 yadayada". Wtf?? You know I have a clock on my desk and I always check the clock when I'm arriving at work? (He has security cameras everywhere, so he can actually see me check the clock every morning). This morning I arrived at 8am sharp and the only reason why I started with work late is because he thought it's necessary to remind me to be at work in time. Now he expects me to start with work 5min early everyday, fuck off!

In the before time (late 90s) I worked for a company that worked for a company that worked for a company that provided software engineering services for NRC regulatory compliance. Fallout radius simulation, security access and checks, operational reporting, that sort of thing. Given that, I spent a lot of time around/at/in nuclear reactors.

One day, we're working on this system that uses RFID (before it was cool) and various physical sensors to do a few things, one of which is to determine if people exist at the intersection of hazardous particles, gasses, etc.

This also happens to be a system which, at that moment, is reporting hazardous conditions and people at the top of the outer containment shell. We know this is probably a red herring or faulty sensor because no one is present in the system vs the access logs and cameras, but we have to check anyways. A few building engineers climb the ladders up there and find that nothing is really visibly wrong and we have an all clear. They did not however know how to check the sensor.

Enter me, the only person from our firm on site that day. So in the next few minutes I am also in a monkey suit (bc protocol), climbing a 150 foot ladder that leads to another 150 foot ladder, all 110lbs of me + a 30lb diag "laptop" slung over my shoulder by a strap. At the top, I walk about a quarter of the way out, open the casing on the sensor module and find that someone had hooked up the line feed, but not the activity connection wire so it was sending a false signal. I open the diag laptop, plug it into the unit, write a simple firmware extension to intermediate the condition, flash, reload. I verify the error has cleared and an appropriate message was sent to the diagnostic system over the radio, run through an error test cycle, radio again, close it up. Once I returned to the ground, sweating my ass off, I also send a not at all passive aggressive email letting the boss know that the next shift will need to push the update to the other 600 air-gapped, unidirectional sensors around the facility.

I wanna make you feel what you have brought into my house!!

I was working with security cameras once in a home automation project. One of those camera particularly stand out by offering a cgi without password request to view and change the current passwort and username.

Seriously wtf is wrong with you? I mean this thing automatically connects to an internet service offering everyone to connect to it with that passwort and username. And I know some of you might say "hey chill the cgi is only available on the wifi" - dammit no. Security is a lifestyle do it complete or get the fuck out. God knows what other mistakes there might be hidden in that thing screaming out to everyone to watch me taking a shit.

But that's not the end of it. My company arranged a call to the technical support of that camera so that I can explain the problem and a patch gets released. Those guys didn't give a shit about it and were even laughing at me. Fuck you!

So whoever is responsible - I will find you - and you will never see me coming.

Because of some theft this year and even though we already have security cameras, my apartment building decided to check the front door locks so it's more secure.

This key looks very high tech... Only issue though is I never use the key anyway... I just entered the door code...

So what is the point of changing the locks? I'm going to guess whoever is stealing isn't picking the lock... People would notice... They must know the code.

Also it seems most of the apartment locks are digital key card/pins too. Wondering if this just means most owners are young or just are techies/devs...

At a previous job I bumped heads with the IT person a lot because he would spread misinformation about technology so the owners would never replace him. This was conversation with the VP:

VP: Hey I just got a new security setup at my house and I can monitor everything with my phone.
Me: That's cool.
VP: I'm rethinking it because [IT guy] said it was very dangerous to have, what do you think?
Me: ....? What did he say was dangerous about it?
VP: He said hackers could then gain access to cameras and plan the perfect time to rob me since it's in the cloud.
Me: I seriously doubt anyone is planning an Ocean's 11 heist to steal your TV.
VP: Yea I thought it sounded weird when he told me.

FUCKING CHINESE SUPOSED IP CAMERAS...
First, they aren't Ip cameras, they are p2p cameras with different settings and more limited...
then took me 3 days to open 5 ports for 2 cameras, config the cameras, till they work.
YEY they finally work, can see them over the Internet (no default settings, even changed the Alias), have my Ip camera viewer on the Phone... but one doesn't activate on moviment.. in this 3 days only took 2 pictures with motion detection on and people passing in front of them... the other was working for like 5 minutes... giving black and white 7kb jpgs... after a few teeks... can't make it work again.
Now I have two cameras that I can see if my house is being robbed but no motion detection to warm me, or at least save some pictures on the server to serve as evidence (and maby finally get the team that is robbing one house a day, If they try to rob my house again...).
The cameras are very good as baby monitors or to play around, for 14$ and 20$... (love the 360º ball) , but as security cameras... Unless you have them connected to a security station and with a repeater close by... worthless...
Oh, and they may give me 1 good frame a second or lag to 10+seconds a frame...

So my day started well.

I come in an the DVR monitor is not working, ok lets turn it off and on, nope. Lets turn the DVR on and off, nope still nothing. Played around with the VGA cable, nope. I cant replace the cable because its hard wired into the monitor....

I grab the spare screen next to me and connect it all up and it works!

Boss tells me to throw "broken" monitor out, I say I want to test it just to make sure, connect it all up to my pc and now it fucking works!

There are days I hate technology....

Just spent three and a half hours reconfiguring security cameras and troubleshooting over and over why the fuck internal and external weren’t reachable...

I failed to realize the DDNS was handing out the IP of 127.0.0.1 and 3.0.0.0 because nothing fucking stated that up until I found a small text link to the camera’s DDNS registration page... logged in with the customers info and low and behold the mother fucker was handing stupid shit out.

I hate that I overlook the simplest shit when I’m stressed and in a rush...

I need to learn to take deep breaths, but fuck that... I want to blow shit up.

I wish that my previous company gets investigated. They probably got more violations if they are investigated. Here are a few examples:

The company is in the telecom business and they wanted to create AI summaries of their phone calls. So they used real private calls of their clients as test data without their knowledge & consent.

The CEO also made fun of someone handwritten CV on LinkedIn. Sure, he blurred out the obvious data but shit like certificates, past history & rough location was still present. It was not be hard to find who it was.

The 2FA of some IT services was still on the ex-CTOs private phone (now he is a consultant 1x a week)

One of their engineers moved back to Russia and has access to sensitive data. (aka call recording of insurances, banking, fire departments, ...)

Offering users to write a public review of the company for a discount if the review is positive. The "paid review" is not mentioned.

The reviews of their new feature are done by 'external' people but they all benefit from the companies success. The review is written from their own company but it was written by the external design company (CEOs wife under her own company), marketing consultant (under his own company).

They did fire an employee illegally (as in did not follow the legal procedures, the new COO thought she was a consultant, she was in fact not so she had more protections)

They did fire an employee for untrue reasons and waiting till he was on holiday & abroad (dick move but legal I think)

They did spy through the security cameras and made up a reason to fire someone. Company offered free soda during that time, employee did not like the offered soda and filled it with a diet-variant on their own dime. He then took his own bought diet-soda back home (not all) and got fired for stealing. (or idk, it might have been ice tea or fanta)

They did not report that an employee sold company data but he was let go.

They run cookies on their website but has no clause for cookie-consent.

Their features that they are promoting & selling is not working like expected

They lie about their server uptime or heavily manipulate it.

They sell a feature that is no longer supported and broke a few updates ago.

They are offering a product as a fix that is simply not longer supported by the development team

They have fired consultants and then refuse to pay their last month salary or only pays it partially. Happened as far as i know, 4 times (no proof).

Everyone had access to the full password vault including the login credentials for business routers and the credit card info of the CEO, CFO, CTO. It took me multiple times to report it to the IT admin for mine to be restricted.

Every new dev has access to production data within a few weeks or direct database access

Any person who has access to the admin-portal can spoof phonenumbers in a few clicks.

A colleague is blacklisted at the police portal for past crimes where they have to fulfil police orders. He did them pretending to be a different employee who was approved. Also, they do not keep track of the data needed to fill in the yearly report (idk why the company has to them but the police does not do it).

They forgot to implement a warning (legally needed) before someone hits their data limit. those people cannot be billed. Someone was watching 4k movies in Signapore and costed the company tens of thousands of Euro.

If I think of more, I'll add it comments lol

I know I'm a bit late with this, but I thought I'd share it anyway.
A few years ago me and my friend were messing around in computer class and I decided to look at the network devices.
I couldn't believe, what I saw. All of the school security cameras were there, and the best part: when I connected to their ip addresses, they were just showing the live feed, no password or anything.
I didn't really do anything with it since I couldn't think of any great ideas and it has since been fixed.
Technically not hacking but still somewhat related.

Do people use DVR and NVR for bitcoin mining since security cameras are easy to hack into?

Let's see:

No archival of data on a database server with over 5000 high profile customers using no encryption whatsoever with telnet open on LAN, every user on the same account in the office using the companies name as the password... But hey there are security cameras!

So first week working as tech support for security cameras. I realize that there are some people who will make you hate your job.

My company inherited a video conference tool called Video Butler (with Zoom) from our parent. I personally have never used it, seems more a tool that's wired in and only used by execs and parent company, regardless it annoys the shit out of me. You can be in a room and all of a sudden the room switches to video conference mode with no input from those in the room. I have seen video conferences where people are chatting over room speakers to an empty room, or in a really weird situation where 2 empty rooms are connected and sending a video feed to each other. Guess the ghosts needed a conference or something. I get that things happen and managers have a lot of meetings so it's easy to lose track of details, but I genuinely don't get why any system would just connect rooms without allowing the rooms a say. The only security we have to detect it would be that our cameras move for streaming, not that anyone would notice based on past experience.

!rant
My dad wants to add security cameras in our home. I kind of want to go ahead and add cool stuff(like automation or something) to our house using this opportunity.
What I am thinking of right now is salvaging an old desktop with an Nvidia GPU to add face recognition and motion detection to the mix. I am also thinking I could get an Alexa echo dot or something similar and hook everything up. Another idea is using owncloud to create my own cloud.
What do you guys think? Any ideas or suggestions? Maybe a cheaper way to do stuff?

Recommendation for CyberNet Surveillance: Trusted Experts in Infidelity Investigations

I highly recommend CyberNet Surveillance for anyone seeking private investigation services, especially in cases involving suspected infidelity. From the initial contact, the company displayed exceptional professionalism and empathy, creating a surveillance plan tailored to my specific situation. Their transparent approach instilled confidence, as they took the time to explain the investigation process and set realistic expectations. The team’s dedication to handling sensitive cases with care was evident from the start, providing me with a sense of security during a challenging period. Throughout the investigation, CyberNet Surveillance demonstrated an impressive level of skill and discretion. They employed state-of-the-art technology, including hidden cameras and GPS tracking, ensuring the evidence gathered was both comprehensive and accurate. The investigators maintained a discreet presence throughout, avoiding any risk of exposure while still capturing relevant information. The final report was thorough and detailed, featuring time-stamped photos, videos, and activity logs that clearly illustrated the findings. This level of detail provided me with the clarity I needed to understand the situation fully. The company’s communication and client support were exceptional. I was regularly updated on the progress of the investigation, and the team was always available to answer any questions I had. Their empathetic approach made the process easier to navigate, as they understood the emotional difficulty of the situation. Their willingness to discuss the findings in detail and explain each step of the investigation provided me with reassurance and comfort during a challenging time. Ultimately, the results confirmed my suspicions, giving me the closure I needed to make informed decisions about my relationship. While the truth was difficult to face, I am grateful for the clarity CyberNet Surveillance provided. Their professionalism, advanced techniques, and commitment to client service set them apart as a reliable and effective investigative firm. I would not hesitate to recommend their services to anyone facing a similar situation. Their contact details are:
Email: Cybernetsurveillance @ mail . Com
WhatsApp: +1 (908) 883‑7240