• October 31, 2024, 11:40:25 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: mydlink security flaw  (Read 34394 times)

NVR35

  • Level 1 Member
  • *
  • Posts: 7
mydlink security flaw
« on: November 04, 2011, 09:53:27 PM »

Mydlink works because the mydlink capable devices constantly broadcast to mydlink.com(regardless of if your register to mydlink or not), once you register for a account it will match the device to your account by the serial number. This is a huge security flaw since the IP Cameras don't support SSL(HTTPS). So anyone on the internet can hijack this stream and see and hear anything the cameras pick up. Not to metion the wasted bandwidth for people who don't use mydlink and are just using the IP Camera as a standalone camera.

There should be an option to disable mydlink capability in the firmware. I know not everyone uses mydlink, and I'm sure they would not appreciate their feed being broadcasted to the internet constantly. If I wanted this I would of used Unsecured Wireless Cameras.

I created this account once I realised this, I wanted to know of a way to disable it or should I just purchase non D-Link IP Camera's?

Logged

Mackerel

  • Level 3 Member
  • ***
  • Posts: 348
Re: mydlink security flaw
« Reply #1 on: November 05, 2011, 08:58:59 AM »

Within your router you can add a single rule, if you do not use mydlink, to block internet access for your ip-cams...

It is not difficult to do, and also increases your lan-security. I have not, and probably never will, use mydlink, as splattering all kind of personal stuff over the internet gives me goosebumps (including twitter and facebook).
Logged

NVR35

  • Level 1 Member
  • *
  • Posts: 7
Re: mydlink security flaw
« Reply #2 on: November 05, 2011, 04:03:23 PM »

Thanks Mackerel, It defeats the purpose of having a IP Camera since people can see when you leave and come back from work, with your IP and some landmarks from the camera they can know when and where a house is empty.I don't have a facebook or twitter because of privacy. Call me paranoid but I like my privacy, the only time people will realize what we are talking about it will be too late for them.

I will try your idea I was think of something like that, thanks for your reply. :) this is when I wish I had a PIX or a ASA(ip deny any any, lol)

I still think dlink should allow us to be able to disable this feature tho, imagine how many times it sends info and my firewall will have to block it. Depending on your setup it can create some serious overhead and slow down the network unnecessarily. If someone can let dlink know to add this to their feature in firmware releases please do.
« Last Edit: November 08, 2011, 09:42:14 AM by NVR35 »
Logged

JavaLawyer

  • BETA Tester
  • Level 15 Member
  • *
  • Posts: 12190
  • D-Link Global Forum Moderator
    • FoundFootageCritic
Re: mydlink security flaw
« Reply #3 on: November 10, 2011, 06:04:31 AM »

I will add this item to the DCS-9XXL firmware wishlists. I'd like to add this item to the "mydlink wishlist" but it's something that would require a DCS-9XXL firmware update to disable broadcasting.  A second item (as you mentioned) is support for secure protocol for streaming.
Logged
Find answers here: D-Link ShareCenter FAQ I D-Link Network Camera FAQ
There's no such thing as too many backups FFC

JavaLawyer

  • BETA Tester
  • Level 15 Member
  • *
  • Posts: 12190
  • D-Link Global Forum Moderator
    • FoundFootageCritic
Re: mydlink security flaw
« Reply #4 on: November 10, 2011, 06:26:27 AM »

Done...

The following two line items are added to the DCS-930L, DCS-932L, and DCS-942L firmware wishlists:

  • Security - Ability to disable broadcasting of video/audio feed (i.e. to prevent potential hijacking of feed)
  • Security - Support for secure broadcasting of video/audio feed (SSL, HTTPS)
Logged
Find answers here: D-Link ShareCenter FAQ I D-Link Network Camera FAQ
There's no such thing as too many backups FFC

NVR35

  • Level 1 Member
  • *
  • Posts: 7
Re: mydlink security flaw
« Reply #5 on: November 10, 2011, 10:42:15 AM »

Thanks for adding it to the wish-list. I really hope they add it. At least the disable mydlink feature should be added.
Logged

JavaLawyer

  • BETA Tester
  • Level 15 Member
  • *
  • Posts: 12190
  • D-Link Global Forum Moderator
    • FoundFootageCritic
Re: mydlink security flaw
« Reply #6 on: November 10, 2011, 10:46:04 AM »

Thank you for bringing those items to light. Sometimes the most obvious flaws are the ones that are overlooked.  ;)
Logged
Find answers here: D-Link ShareCenter FAQ I D-Link Network Camera FAQ
There's no such thing as too many backups FFC

danlay

  • Level 1 Member
  • *
  • Posts: 2
Re: mydlink security flaw
« Reply #7 on: May 08, 2013, 11:36:36 AM »

This should have been a tickbox in the web configuration from day one.
We have 11x 930L's in our hotel and today i've discovered that it has been thrashing our internet connection.
We do not use any of the cloud services.
Logged

JavaLawyer

  • BETA Tester
  • Level 15 Member
  • *
  • Posts: 12190
  • D-Link Global Forum Moderator
    • FoundFootageCritic
Re: mydlink security flaw
« Reply #8 on: August 07, 2013, 04:53:17 AM »

Earlier this year D-Link released security patches for a number of DCS models, predating the release of the DCS-931L/933L series. I think it's safe to assume that these security updates were also applied as part of the base firmware in the newly released DCS network camera models. Here is a summary of the security patch released earlier this year for the DCS-942L: http://forums.dlink.com/index.php?topic=53805.0. I can't say whether this patch addresses your specific concerns.

If the referenced thread addresses your concerns, please let me know and I will try to confirm whether these changes are also applicable to the DCS-931L/933L series.
« Last Edit: August 07, 2013, 04:56:46 AM by JavaLawyer »
Logged
Find answers here: D-Link ShareCenter FAQ I D-Link Network Camera FAQ
There's no such thing as too many backups FFC

tux_wifi

  • Level 1 Member
  • *
  • Posts: 23
Re: mydlink security flaw
« Reply #9 on: August 14, 2014, 03:56:57 PM »

Within your router you can add a single rule, if you do not use mydlink, to block internet access for your ip-cams...

It is not difficult to do, and also increases your lan-security. I have not, and probably never will, use mydlink, as splattering all kind of personal stuff over the internet gives me goosebumps (including twitter and facebook).


If MyDlink enabled routers are broadcasting information then its an outbound connection right ?

I am using Dlink Dir 600L router. Please tell me how to add the rule. I have never done this before,

a screenshot will really make things easy.
« Last Edit: August 14, 2014, 09:20:25 PM by tux_wifi »
Logged
DIR 600L N 150
H/W Version : B1
Firmware Version : 2.04,  Tue 15 Oct 2013
Location : India

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: mydlink security flaw
« Reply #10 on: August 14, 2014, 10:27:02 PM »

No. Just when you connect to your account. It's for remote accessing routers and cameras. Its not a security risk.
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

tux_wifi

  • Level 1 Member
  • *
  • Posts: 23
Re: mydlink security flaw
« Reply #11 on: August 15, 2014, 03:56:20 AM »

Okay / Thanks
Logged
DIR 600L N 150
H/W Version : B1
Firmware Version : 2.04,  Tue 15 Oct 2013
Location : India

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: mydlink security flaw
« Reply #12 on: August 15, 2014, 07:41:32 AM »

Enjoy.  ;)
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.