fbpx

Search Results for: hikvision

Hikvision’s latest security issue (affects Hikvision OEM brands as well)

We have noticed an increasing number of Hikvision cameras being hacked over the last few weeks. If you’re using a Hikvision camera, please pay attention to this post and check if your camera is safe.

The main reason why we are informing end users about this particular security issue is due to how easy it is to gain access into affected devices. It is called a “Hollywood hack”, one press of a button and they’re in. The ease of use combined with the fact that it is a widely known and discussed issue means that it poses a real threat to many users.

Was I hacked?

In most cases, your camera settings will get changed for no apparent reason or the camera will be reset to its factory defaults. A hacked camera might even appear to work completely fine, so we recommend securing your camera anyway.

Please note that this is a tech article, if you’re not familiar with some of the processes below, please try using our AngelBox for additional security or contact your local dealer/camera manufacturer.

Which devices are vulnerable and how are they being attacked?

Certain Hikvision firmware versions have a static password hard-coded into the firmware. This means that no matter how complex the password, every camera can be directly accessed. Most cameras will end up being reset to their factory defaults, in certain cases, the attacker might use the gained access to take over the camera for their own purposes or try to access your network.

For the camera to be vulnerable, its HTTP port (usually port 80, where you access the configuration page of your camera) has to be publicly available. This means that you either have to have it forwarded on your router for remote access or you need to have UPnP enabled in the camera and in the router, as well.

Cameras NOT affected: cameras which are used in closed local networks only, cameras which are only streaming to public through RTSP port or cameras connected to Angelcam through AngelBox.

Both official Hikvision devices and OEM brands selling Hikvision hardware are affected. The brands include, for example, some models from Annke, Digital Watchdog, Hunt, Lorex, Swann, TrendNet and so on.

What to do to secure your cameras?

First, please be warned that you’re performing all these actions at your own risk. We are not responsible for any damage or failures resulting from following the recommendations.

If you’re not familiar with the following, we recommend contacting your local distributor and asking them for an assistance.

To make this matter even more complicated, there are two version of Hikvision devices.

-Devices sold officially through authorized security dealers

-Grey imports usually sold on Amazon, Ebay or Alibaba

The grey imports tend to be translated Chinese versions. Upgrading firmware in such cameras results in “bricking” them (effectively destroying their software completely). These cameras have a “CH” in their serial number. If you have such cameras, you can try any following recommendations except for a firmware upgrade. To upgrade your firmware, please contact your dealer/seller or try following one of many online guides at your own risk.

  1. If you have a HTTP port remotely accessible and you don’t need it, close the port.
  2. In addition to point 1, disable UPnP in your camera network settings and disable UPnP in your router settings as well. It will prevent local devices from opening ports on the router automatically. This feature is usually disabled by default, so just make sure it stays that way.
  3. If you have an officially sold Hikvision device, upgrade the firmware. Most devices should have a firmware 5.5.0 available for download and this specific security issue should be fixed there. Depending on your location, feel free to use one of the following portals:
    http://www.hikvisioneurope.com/portal/?dir=portal%2FProduct%20Firmware%2FFront-ends
    http://www.hikvision.com/en/download_89.html
    http://tech.hikvisionusa.com/firmware/2-uncategorised/2-firmware
    In order to do this process properly, upgrade the firmware by following the recommended manufacturer’s procedure and then reset the camera to its factory defaults. By doing this, you will make sure that there are no configuration changes left after the attack.

    If the device is not Hikvision, but its OEM brand, please contact the manufacturer directly.
  4. If you either can’t change anything mentioned above or if you simply want to improve the general level of security when using Angelcam, try using our AngelBox – a device with end to end video encryption which makes it effectively impossible for the camera to be hacked.
  5. As an additional option, we recommend setting up a VLAN for your security system and disabling the devices from this VLAN to access the rest of your local network. Even if the cameras get hacked, the hacker won’t be able to gain access to the rest of your network.

Camera detector update

If you’ve been using Angelcam for a while now, you already know we believe in the “always evolving” approach to our products and services. So much so that updates to many things that are “under the hood”, which are hardly noticed by our customers, go unannounced.

Take the recent update of our Camera Detector for example. While it went live largely unannounced, this update will go a long way to better helping you connect your cameras faster and in a much more convenient manner, regardless of whether you’re connecting directly, via an NVR, or through an AngelBox. More specifically, here’s what’s been updated:

  1. We have added or updated the video stream path for more than 60 camera brands, including AVTech, Hikvision, Dahua, Ubiquiti, Vivotek, Amcrest, Edimax and more.
  2. When the Camera Detector finds multiple video streams on a camera, the primary stream is now used (not the secondary, as we did in past).

If you have any questions, feel free to reach us.

Happy connecting and have a great summer!

Dahua partners with Angelcam to provide easy and secure connection of security cameras to the cloud

Happy belated Valentine’s Day!

We’re sorry, but our recently announced relationship with Dahua still has us in a very celebratory mood 😉 

The world-leading manufacturer of video surveillance products just officially announced the integration of Angelcam with select camera models. The first available are the Eco-savvy 2.0 Network and Wi-Fi models, with others soon to follow.

The Power of the Angelcam Added Value

With the inclusion of Angelcam into a camera’s firmware, the process of connecting to the cloud is made much simpler, more secure, and more impactful. This impact comes from the rich catalog of apps that allow for cloud storage, public broadcasting, the ability to view multiple cameras remotely on a variety of devices, camera health checks, and more. On top of that, cameras are enabled to integrate with other apps and devices using an API.

Many camera owners, dealers, and integrators want to take advantage of cloud-based apps but find connecting their cameras a difficult and insecure process,” explains Peter Ocasek, CEO of Angelcam. “That’s why this partnership, through the creation of ‘Angelcam-ready’ firmware, is so special as we have saved Dahua’s customers time and made their cameras more secure, robust, and easier to use.”

If you are considering purchasing a new camera, definitely have a look at the full range of “Angelcam Ready Cameras” advantages. If you already have a security camera from Dahua, Hikvision or AV TECH, check the firmware availability for your camera model. All other camera brands and models can be connected easily and securely using an AngelBox.

Lastly, we would just like to thank everyone who helped us with this partnership and look forward to what’s coming next!

Have a great day.

Ivana

PS: Full press release is also available

 

Cameras that love Angelcam

Check out the list of compatible cameras at “Connect a camera”. If you can’t find yours in the list, your camera may still be compatible. Just read this article to find out!

Most IP cameras support H.264 encoding and RTSP (Real Time Streaming Protocol) – the standard,most compatible and reliable service for streaming. You will need a device that has these features to use our Cloud recording app.
We also support MJPEG mode but only for our Live Streaming app (we may include further support for MJPEG cameras in the future).

Check your camera specifications for compatibility (in its manual or on the web). If you find RTSP among the specs, H.264 is usually supported as well. But double check! In this screenshot from the manual of an Axis camera, you can find the H.264 under video specifications.

Screen-Shot-2016-06-13-at-08.10.35

RTSP can be found under Network or sometimes Protocols.

Screen-Shot-2016-06-13-at-08.10.52

Be aware, some un-branded or cheaper devices will mention RTSP support, but may be missing or very unstable. Use our list below to assist you.

Recommended cameras

We listed some of our favourite brands here:

axis

Axis

Most cameras have required protocols as well as a service called AVHS allowing you to connect using “one click” technology. No router configuration is required and with Axis, although the price may be higher, you always get a quality product with good support, great image quality and configuration options.

foscam

Foscam

Another well known brand which offers good image quality for a good price. The configuration is not very detailed, but it gets the job done for most users. Look for camera models marked 9xxx, the older ones don’t support h264 encoding.

dahua

Dahua

As currently the world’s biggest IP camera manufacturer, Dahua offers a wide range of devices for various applications at a great value for money with the price of basic models starting under $99.

However, Dahua devices are often unofficially distributed, meaning there’s no firmware upgrade option, or various glitches may occur in the settings.

tp-link

TP-link

A good choice for a home user.

ipcc

IPCC

One of the few low-cost brands which actually works: A nice user interface with all the basic settings. Great value for money – price can be as low as $40, international shipping included.

vivotek

Vivotek

A well known manufacturer, good quality and acceptable price. Good support.

sony

Sony

Great image quality, some neat features. Higher price.

hikvision

Hikvision

Another big manufacturer, it is similar to Dahua with all pros and cons.

 

Other brands: Samsung, Geovision, AirLive, Bosch, Panasonic, Pelco

There are many other brands, and generic devices which function perfectly with Angelcam.

Not recommended cameras

Xiaomi Small Ants (Also known as YiCam, MiCam): this brand commonly has issues with it’s RTSP streaming and is usually not stable or working on our Cloud recording app. This device also comes with various firmware versions, some of which don’t even support RTSP. You can run into many more similar Dropcam/Nest clones with the same problem.

NEST cam (Dropcam): Restricted access for mainly their own services. Incompatible with Angelcam.

TP-Link NC200: Although this device does not work on angelcam, newer versions, such as the NC220 are working without issues.

D-Link DCS-931L, 932L, DCS 5020L: no RTSP support, unstable MJPEG stream. Some other D-Link models have stability issues as well

Cantonk: The camera restarts when we try to initiate a new connection

Escam: Cameras keep restarting

Cameras that require an extra step in the setup process

AEvision & Vstarcam & Anran: Are not currently detected by Angelcam due to specific authentication requirements. RTSP address should be set manually.

 

 

How to save bandwidth without lowering stream quality

There are numerous ways to save bandwidth when streaming video. Most of them, however, have a direct negative impact on the quality of the stream (e.g. lowering bit rate, frame rate or resolution).

Luckily, you can seek out more sophisticated forms of saving bandwidth, ones that have no or very little negative consequences.

The most well known technology is Zipstream by AXIS. It’s supposed to save about 50% of transferred data without lowering the quality of your stream. And our own tests confirm that you can really achieve these savings with AXIS.

Zipstream turns out to be most useful for night scenes and static scenes.

You can turn it on in your camera settings via the Video Stream Settings / Zipstream section. Turn H.264 bitrate reduction to High and turn on Dynamic GOP (Zipstream can only be used with newer camera models).

Other camera manufacturers certainly don’t want to be left behind, so you can check out technologies like Vivotek Smart Stream, Hikvision Smart H.264 and Arecont Bandwidth Saving Mode.

Three industry trends from the biggest security show ISC West in Las Vegas

About ISC

ISC is a traditional security show focused on security, especially video surveillance, access control systems and devices related to security & automation

The event is organized on three different locations worldwide, we attended three times already. This time we had our own stand accompanied with our excited team on ISC West Las Vegas.

It was simply huge. Over 1,000 exhibitors had their booth there. It seemed like all important and wanna-be-important companies were there. I visited most of the booths and my team talked to more than two hundred visitors at our booth too. Here are our thoughts.

Three trends from ISC West 2015

  1. More solutions increasing efficiency of video compression

Internet upload connectivity means still some limitation for higher adoption of pure cloud based video platforms. This is also the reason why angelcam is focused to customers with up to 10-20 cameras on one location. We can see two main solutions for this pain:

  • Zipstream by AXIS
  • h.265

Both promising up to 50% increase in video compression efficiency. This means that same video quality with lower bandwidth or higher video quality with the same bandwidth consumption. We’ll cover these technologies later on our blog [subscribe for updates here] in more detail, so for now I’ll say only:

Zipstream is on the market for some time. It works with selected AXIS camera models, supports all existing solutions (inc. angelcam) and video players supporting h.264. To be mentioned Zipstream smarter bandwidth consumption works just when used with h.264 codec.

We saw tons of h.265 supported cameras at the show. When h.265 is so great why it’s still not widely adopted by the ecosystem? Crucial is the video player compatibility for web and mobile devices. It’s 2015 – Flash should be gone by now, right? 🙂 Despite that we believe in h.265 and have plans on supporting it in the near future.

 zipstream (1)   DSC_9952DSC_9966

 

 

 

 

 

 

  1. More Korean camera manufacturers

Chinese guys “owned the show”! Countless booths of small manufacturerst and OEMs and big successful brands like Dahua and Hikvision flooded the show. What was visible too is plenty of new Korean producers entering the market. Partially because of the support from Korean government. Chinese and Korean manufacturers often offer very similar range of products and both usually do the same mistakes: their booths are pretty similar, boring and most importantly – staff’s English & excitement definitely doesn’t stand to US standards ;(

It’s a bit sad as we see a decent demand from our resellers and customers for more affordable cameras.

06 (1)

  1. More products supporting industry standards

People want to use different hardware and software suppliers. They want to combine them as one can be great at something where others have weaknesses. Something like that was not possible when manufacturer decided to avoid industry standards. They were basically trying to lock customer to their products. One famous example in our industry is Dropcam. We’re happy that more and more manufacturers chose the opposite way and decided to become open to other products & platforms (e.g. Mobotix is opening their cameras).

At ISC West we were pleased to see that almost every device has an open API or other industry standards for communication with the rest of the world: RTSP, ONVIF, Zigbee. The last two named have their own standalone booths as well:

DSC_0006

ONVIF is an industry standard that helps platforms and recording devices communicate with cameras (from technical perspective it’s just API). Zigbee is a communication standard that allows devices to communicate with each other, particularly useful for home automation.

At Angelcam we are continuously looking for opportunities within these standards and machine to machine (M2M) integrations. To provide an example, one of the most requested features from our customers is turning off the video recording when specific people are present in the house/office. This requires integration between alarm system and recording device. We are currently working on a prototype for this specific use case. Stay tuned for more info soon.

These were my three spotted trends from ISC West in Vegas. I would be happy to hear your observations about current trends.

Happy recording! 🙂

PS: We’re heading to one of the top computer vision conferences, CVPR in Boston. Schedule a meeting with us or subscribe for the blog updates so you get notified when we cover this story.

 

Peter Ocasek

CEO, Angelcam

peter@angelcam.com

CES 2015 – what we learned from over 40 camera manufacturers

 

ces

CES (Consumer Electronics Show) is one of the world’s biggest gathering of consumer technology innovators. And when I say one of the biggest, I mean it’s really, really huge!

More than 160,000 people flew to Las Vegas this year to get some serious business done. Angelcam was there too, and I personally talked to over 40 camera manufacturers. I also spent some time talking to home automation platforms, because I was very curious to get to know how they will use cameras in 2015, but let’s leave this topic for another blog post;)

As CES is very focused on consumers, big players like Axis, Dahua, Hikvision or Tyco skipped the show completely, and others like Foscam, D-Link & ICRealtech/ICRealtime were just introducing home cameras and having private meetings.

To be honest, nothing interesting happened at CES in terms of hardware. But I found these 3 highlights you might find interesting as well.

CES WIFI/IP CAMERA HIGHLIGHTS

1) Sengled – now releasing smart lighting with IP camera including smartphone surveillance app with face recognition.

2015-01-06 10.58.38

2) Giroptic – 360° wifi camera with sd card for outdoor fun as well as home security when you replace your light bulb with it.

Screen Shot 2015-01-23 at 21.48.34

3) Skybell – quite a few of such doorbells made their appearance at CES, this one was the most interesting piece. Pretty handy for the delivery and for just checking up on your home or your office frontdoor.

Screen Shot 2015-01-23 at 22.59.16

THE BIGGEST LEARNING FROM CES 2015: P2P is getting very articulated within Asian manufacturers 

I was quite surprised when I entered the Asian Pavilion and started talking to Shenzhen manufacturers.

Almost half of them said they had just launched their P2P (peer-to-peer) with their own servers in US, Europe & China! Yet they hadn’t connected all of their camera types.

They have started with cameras that are intended to be used for homes, so we will see if they can scale it. None of these manufacturers have their own cloud storage yet, but some of them said it was going to change in the next 1 – 3 years.

This movement may also be caused by the fact that Chinese manufacturers are “not just camera cases & chips assemblers” any more, they started founding their own development departments.

The way I see it, this is one big step towards cloud becoming the new standard in the near future.

Just to name a few Asian exhibitors with P2P: Foscam & Fostar (btw. they are the same company), Tenvis, WansviewZ-ben, Sopooda, CSST DIT & 10 others.

2015-01-07 11.40.51

Well, that’s pretty much it! Looking forward to bringing you more news from other upcoming events like ISC WestIFSEC and others.

Stay tuned!

PS: If you want to hear more about CES or just want to learn about angelcam partnerships, reach me at: kate@angelcam.com or add me on Skype: kate_pljaskovova

IMG_6860