As international news sources are covering the fact that the owner of site streaming live links to webcam and CCTV feeds, Insecam, is job hunting, the importance of setting a secure password for your streamed footage is becoming increasingly apparent.
The BBC coverage states that a Russian-based site, called Insecam, that contained live links to thousands of baby monitors, web cams and CCTV cameras has shut down – and its administrator now appears to be using the page to look for work.
“Programmer looking for a good remote job” is now the only content on the site, along with a list of skills and an email address.
The footage previously being shown on Insecam, according to the BBC, was streaming footage from systems using either default passwords or no log-in codes at all. Just last week visitors to the site could view video feeds from more than 250 countries including 4,591 cameras in the US and more than 500 within the UK – including images from children’s bedrooms, driveways, gyms and shops.
Devices streaming the footage, including leading names like Foscam, Panasonic and Linksys, were at no point hacked. They were simply operating on default security settings.
Following the site owner’s decision to close down the operation, Huffington Post UK has spoken to him, and as far as he’s concerned he “did a good job”. According to the interview, he has no regrets and does not feel as if he has invaded anyone’s privacy. The interview quotes him saying the following:
“I do not [have regrets]. I did [a] great job to show the problem to neglectful users. Without this example users do not care about the password…Do you think their privacy is not invaded without my site? There are tons of video records and images on anonymous image boards. I am not even sure that all of them are not an exhibitionists.”
The BBC report quotes Foscam chief operating officer Chase Rhymes as saying, “An analogy best describing this would be just because someone leaves their window open it does not give permission for an unauthorised individual to set up a camera outside their window and broadcast the feed worldwide.”
Whatever you think of the ethical nature of exposing unprotected feeds in this manner, it’s clear that default passwords are not designed to keep your footage safe – so it’s vital that you change yours as soon as you install the system.
So how do you choose a secure password? The BBC has the answer to that too, listing The University of Surrey’s Prof Alan Woodward’s top tips.
1. Don’t choose one obviously associated with you
Hackers can find out a lot about you from social media so if they are targeting you specifically and you choose, say, your pet’s name you’re in trouble.
2. Choose words that don’t appear in a dictionary
Hackers can pre-calculate the encrypted forms of whole dictionaries and easily reverse engineer your password.
3. Use a mixture of unusual characters
You can use a word or phrase that you can easily remember but where characters are substituted, e.g. Myd0gha2B1g3ars!
4. Have different passwords for different sites and systems
If hackers compromise one system you do not want them having the key to unlock all your other accounts.
5. Keep them safely
With multiple passwords it is tempting to write them down and carry them around with you. Better to use some form of secure password vault on your phone.