Join The Discussion

 

Super PAC Men: How political consultants took a Fort Worth oilman on a wild ride

The head of a Texas oil dynasty joined the parade of wealthy political donors, aiming to flip the Senate to Republicans. By the time consultants were done with him, the war chest was drained and fraud allegations were flying

read more >

Bridge collapse on I-35 north of Austin

SALADO, Texas (AP) — Emergency crews are responding to a reported bridge collapse along an interstate in Central Texas.

read more >

Amazon begins Prime Now program in Dallas area

If you just have to have it now, as in one hour, you can, at least in the Dallas area, as Amazon.com Inc. announced Thursday it will offer Prime Now.

read more >

Latin-inspired restaurant set to open in downtown Fort Worth

Downtown Fort Worth’s dining scene is about to get spicier with the opening of a new restaurant featuring Latin-inspired coastal cuisine.

read more >

Texas jobless rate falls as employers add workers

Texas unemployment fell to 4.3 percent during February for the sixth straight month of declines, the Texas Workforce Commission reported Friday.

read more >

 

Foul-mouthed hacker hijacks baby's monitor

Doug Gross

CNN

(CNN) -- An unknown hacker apparently gained access to a 2-year-old girl's baby monitor, calling her by name and harassing her, and her parents, with insults and profanity.

A couple in suburban Houston, Texas, told CNN affiliate KTRK that, over the weekend, they heard a strange voice in the bedroom shared by their two toddlers. When they got there, Marc Gilbert said they realized the voice was coming from the Web camera they use to keep tabs on the children.

What they heard next was ugly.

"He said, 'Wake up Allyson, you little slut,' " Gilbert said. He said the hacker, who had a British or European accent, may have read her name on a wall in the bedroom.

When he and his wife Lauren arrived, Gilbert said, the camera swiveled to face them. The hacker proceeded to call him a "stupid moron" and his wife a bitch, Gilbert said, before he unplugged the camera.

The only positive about the situation, he said, is that Allyson never woke up. She was born deaf and has cochlear implants to help her hear, which she was not wearing while sleeping.

"I felt like somebody broke into your house," Gilbert said. "As a father, I'm supposed to protect her against people like this. So it's a little embarrassing to say the least, but it's not going to happen again."

Baby monitors, particularly those with video capabilities, have been shown in the past to be vulnerable. Video monitors can broadcast to TVs and hand-held receivers, or over Wi-Fi to computers, smartphones and tablets.

In 2009, an Illinois family sued the manufacturer of its monitor after they discovered that they and their neighbors could monitor each other's feeds.

Some newer models have technology that jumps from frequency to frequency, making them more secure, while older monitors do not.

Security experts warn parents to make sure to enable passwords for baby monitors and Web cameras. Most new models are equipped with that ability, they say.

Experts like Lisa Vaas of the Sophos Security blog also say to make sure home Wi-Fi and routers are password-protected.

"Those who can't figure this out should ask for help from somebody with security expertise -- somebody they trust with the safety of extremely precious things," Vaas said.

In comments on the KTRK article about the hack, Marc Gilbert said he did take basic security precautions: "The router was password protected and the firewall was enabled. The IP camera was also password protected," he said.

"Of course, devices may well be protected by passwords, but default passwords that haven't been changed are like having no password at all, as other commenters pointed out," wrote Vaas on the Sophos Security blog.

Multiple security experts have identified the camera model shown in the Houston news report as a Foscam FI9821P. A FAQ page on the manufacturer's site lists the default user name and password -- both "admin" -- for the camera, as well as the default port used to connect it to the Web.

Altering those default settings "with a non-trivial password would make the device far more difficult to access, and probably too much trouble to bother with," wrote technology and security analyst Larry Seltzer for tech blog ZDNet. "If you want to go even further and make it really hard for attackers, you can change the default port."

Seltzer said that anyone on the Internet could build a scanner that would find cameras still hooked up to their default port. They could then check those cameras to see if they still open using the default password.

"This is almost certainly what happened," he wrote.

Earlier this year, researchers at security firm Qualys used the Foscam in a demonstration of how Web-enabled cameras can be exploited.

Foscam did not immediately respond Wednesday to a message seeking comment for this story.

< back

Email   email
hide
Catch
How 'bout them Cowboys?