D-Link Forums
D-Link IP Cameras for Home => mydlink.com (Portal) => Topic started by: NVR35 on November 04, 2011, 09:53:27 PM
-
Mydlink works because the mydlink capable devices constantly broadcast to mydlink.com(regardless of if your register to mydlink or not), once you register for a account it will match the device to your account by the serial number. This is a huge security flaw since the IP Cameras don't support SSL(HTTPS). So anyone on the internet can hijack this stream and see and hear anything the cameras pick up. Not to metion the wasted bandwidth for people who don't use mydlink and are just using the IP Camera as a standalone camera.
There should be an option to disable mydlink capability in the firmware. I know not everyone uses mydlink, and I'm sure they would not appreciate their feed being broadcasted to the internet constantly. If I wanted this I would of used Unsecured Wireless Cameras.
I created this account once I realised this, I wanted to know of a way to disable it or should I just purchase non D-Link IP Camera's?
-
Within your router you can add a single rule, if you do not use mydlink, to block internet access for your ip-cams...
It is not difficult to do, and also increases your lan-security. I have not, and probably never will, use mydlink, as splattering all kind of personal stuff over the internet gives me goosebumps (including twitter and facebook).
-
Thanks Mackerel, It defeats the purpose of having a IP Camera since people can see when you leave and come back from work, with your IP and some landmarks from the camera they can know when and where a house is empty.I don't have a facebook or twitter because of privacy. Call me paranoid but I like my privacy, the only time people will realize what we are talking about it will be too late for them.
I will try your idea I was think of something like that, thanks for your reply. :) this is when I wish I had a PIX or a ASA(ip deny any any, lol)
I still think dlink should allow us to be able to disable this feature tho, imagine how many times it sends info and my firewall will have to block it. Depending on your setup it can create some serious overhead and slow down the network unnecessarily. If someone can let dlink know to add this to their feature in firmware releases please do.
-
I will add this item to the DCS-9XXL firmware wishlists. I'd like to add this item to the "mydlink wishlist" but it's something that would require a DCS-9XXL firmware update to disable broadcasting. A second item (as you mentioned) is support for secure protocol for streaming.
-
Done...
The following two line items are added to the DCS-930L, DCS-932L, and DCS-942L firmware wishlists:
- Security - Ability to disable broadcasting of video/audio feed (i.e. to prevent potential hijacking of feed)
- Security - Support for secure broadcasting of video/audio feed (SSL, HTTPS)
-
Thanks for adding it to the wish-list. I really hope they add it. At least the disable mydlink feature should be added.
-
Thank you for bringing those items to light. Sometimes the most obvious flaws are the ones that are overlooked. ;)
-
This should have been a tickbox in the web configuration from day one.
We have 11x 930L's in our hotel and today i've discovered that it has been thrashing our internet connection.
We do not use any of the cloud services.
-
Earlier this year D-Link released security patches for a number of DCS models, predating the release of the DCS-931L/933L series. I think it's safe to assume that these security updates were also applied as part of the base firmware in the newly released DCS network camera models. Here is a summary of the security patch released earlier this year for the DCS-942L: http://forums.dlink.com/index.php?topic=53805.0 (http://forums.dlink.com/index.php?topic=53805.0). I can't say whether this patch addresses your specific concerns.
If the referenced thread addresses your concerns, please let me know and I will try to confirm whether these changes are also applicable to the DCS-931L/933L series.
-
Within your router you can add a single rule, if you do not use mydlink, to block internet access for your ip-cams...
It is not difficult to do, and also increases your lan-security. I have not, and probably never will, use mydlink, as splattering all kind of personal stuff over the internet gives me goosebumps (including twitter and facebook).
If MyDlink enabled routers are broadcasting information then its an outbound connection right ?
I am using Dlink Dir 600L router. Please tell me how to add the rule. I have never done this before,
a screenshot will really make things easy.
-
No. Just when you connect to your account. It's for remote accessing routers and cameras. Its not a security risk.
-
Okay / Thanks
-
Enjoy. ;)