- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are Arlo products part of the hack and how would i be able to identify if my cam was hacked or compromised?
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Anything is possible. I don't know that any attacks would be to disarm your cameras as opposed to set them up (actually, more likely your router and/or base) for nefarious purposes such as a botnet. I've been wondering the same sort of thing but don't have nearly enough information to even ponder an issue. Make sure your network devices have the latest firmware (modem, router, base, computers, phones, etc.) but be aware that security, especially for little devices on the Internet of Things, is likely only formative. Why security isn't a foremost concern these days boggles my mind but companies too frequently are just in a rush to get product out the door. Even expensive devices (think cars with Internet connections) aren't being properly locked down. Whether Netgear falls into any category from weak security to right on top of things is unknown, just as with anyone else. All we can do is to be careful.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well, ANY camera system connected to the Internet is at risk, not just Arlo.
Frankly, I feel that the likelihood of someone hacking your account and/or cameras for editing purposes (as opposed to a botnet) is pretty remote. How many folks using this system really have the possessions or safety concerns that would make the effort worthwhile? It's always possible so use strong passwords.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SO why is there not a single response from Netgear on ANY of the security threads about DoS and botnet issues? Having a few forum participants theorize is not the same as a corporate definitive answer about any potential vulnerability and what will/can be done to ameliorate.
Netgear, what is the status of the Arlo cameras relative to the botnet issues? Thank you, many people are waiting for the answer.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
NETGEAR is aware of the recent cyberattacks that exploit insecure Internet of Things (IoT) devices to create distributed denial of service (DDoS) botnets. We believe that these attacks highlight the importance of IoT security and NETGEAR is working to establish and uphold security standards for IoT devices.
Arlo is not vulnerable to the Mirai malware. From the early stages of product development and throughout the product lifecycle, we are committed to proactively reducing our users’ cyber risks. Vulnerability and penetration testing on Arlo products is performed to identify and eliminate security vulnerabilities while we also continuously monitor the latest threats and strive to keep abreast of the latest state-of-the-art security developments by working closely with our partners and the security researcher community.
If you have any questions or comments with regard to this information, please contact us at: security@netgear.com.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1. Is it possible for some one to edit the CVR if my account is compromised?
2. Is Arlo coming up with more robust authentication mechanisms like two way authentication mechanism used by google?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Even today I was able to see the CVR was edited and I have given enough evidence to the Arlo Support team and waiting for their findings. Also I am getting this error when trying to see the CVR after 12 PM CET .."unable to load plugin 'influxis', url flowerplayer/flowerplayer.rtmp-3.2.13.swf". I think some serious security hole in the way Arlo stores the CVR. Not sure if some one else faced the same problem for CVR being edited.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I did some further investigation and found out the following:
- The Arlo Q Camera was switched off at 11:19 PM CET on 13th Nov without my knowledge and it was not switched on until 12:00 AM on 14th Nov.
- When it was switched on there was a time difference of 4 Hrs 35 Mins between the Camera Clock and the Wall clock facing the camera
- throughout 14th Nov the CVR was recorded with a time difference of 4Hrs 35 mins. ie, if the Camera clock shows 12:35 PM, the actual time in the wall clock was 8 AM.
- Not sure for what purpose it was done and by whom
- But that confirms that Arlo has serious security hole that needs immediate attention of the Arlo team.
- I have shared all the evidences with Images and Videos and created a case with Arlo.
Waiting for response from Arlo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just after I made the complaint and posted in the community, I see that some one is correcting the 4 Hrs 35 mins time difference.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Arlo team any update on this incident..?
Gurubagya wrote:Just after I made the complaint and posted in the community, I see that some one is correcting the 4 Hrs 35 mins time difference.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Gurubagya,
If you provide the case number you have open with the Arlo Support team I will take a look at your case and provide any additional feedback that I can.
JamesC
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
James, thanks!
case #27502029. Arlo has not yet shared their findings on 14th Nov incident. Pl check the artifacts I have attached and let me know your finding. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Gurubagya,
I have reviewed your case and it appears this case has been escalated for further investigation. I encourage you to continue working with the support team to find a resolution for this issue.
JamesC
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Gurubagya,
This case has been escalated for further investigation. I will request an update on the status of the case.
JamesC
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The incident happened on 14th Nov. For last 10 days if Arlo is not able to find any thing on this incident, then it could be because of two reasons:
- Arlo is not capable of finding how the CVR was edited
or
- Arlo dont want to accept that their CVR was edited.
I lost hope with Arlo.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I understand your concern but you haven't proven anything. And the lack of response from support may mean that it's a low priority for some reason, that it's difficult to isolate the issue, or something else. We don't know and may never know.
- 
				
					
						Activity Zones1 
- 
				
					
						Apple TV App1 
- 
				
					
						Arlo Mobile App22 
- 
				
					
						Arlo Pro1 
- 
				
					
						Arlo Q30 
- 
				
					
						Arlo Smart2 
- 
				
					
						Arlo Web and Mobile Apps1 
- 
				
					
						Arlo Wire-Free5 
- 
				
					
						Before You Buy112 
- 
				
					
						Features149 
- 
				
					
						Fehlerbehebung1 
- 
				
					
						Firmware Release Notes15 
- 
				
					
						IFTTT (If This Then That)7 
- 
				
					
						Installation354 
- 
				
					
						Online and Mobile Apps135 
- 
				
					
						Online und mobile Apps1 
- 
				
					
						Other Discussions1 
- 
				
					
						Service and Storage2 
- 
				
					
						Smart Subscription1 
- 
				
					
						SmartThings5 
- 
				
					
						Troubleshooting1,117 
- 
				
					
						Videos50 
- « Previous
- Next »
 
		
		
		
		
		
	
			