Link: A million baby monitors and security cameras were easily viewable by hackers

A baby's eye contact with the camera lens generates unease when considering the viewer should not have access to such private moments. **Many of Meari Technology’s Wi-Fi baby monitors and security cameras had significant security flaws, exposing private scenes to strangers.**

Meari is a Chinese brand whose cameras are sold under many names, and a researcher found 1.1 million accessible devices worldwide simply by exploiting their app. These devices, spanning 118 countries, shared passwords like "admin" and "public," making unauthorized access trivial.

Researcher Sammy Azdoufal could also access tens of thousands of unprotected photos saved on public servers. His findings included an unsecured internal server that leaked Meari's passwords and employee details.

After being alerted by Azdoufal, Meari responded by shutting down its compromised server and urging a software update for its devices. However, it remains unclear whether all vulnerable cameras have been updated or if customers have been properly informed.

While some security improvements have been made following the exposure, many questions about the outreach and long-term fixes for the vulnerability remain unanswered. Azdoufal received a bug bounty, but Meari’s lack of proactive engagement with the vulnerabilities still presents a concern.

This scenario underscores a recurring theme in today's connected world: the tension between the benefits of smart devices and the potential dangers they pose when security is not a priority. #

--

Yoooo, this is a quick note on a link that made me go, WTF? Find all past links here.