Arlo
Support

cherry-pie · ‎2016-10-22

I am curious after our government/ FBI has announced that web camera's and internet connected devices contributed to the recent hacks on corporations.

Are Arlo products part of the hack and how would i be able to identify if my cam was hacked or compromised?

Thanks

cherry-pie · ‎2016-10-22

I was asking because yesterday i logged into the app to find out that my cams were disarmed which i did not do. That has never happened before. Although i did recently update the app to the newest version. This is speculation but my cameras being disarmed without my knowledge or anyone else having the credentials is concerning.

jguerdat · ‎2016-10-22

Anything is possible. I don't know that any attacks would be to disarm your cameras as opposed to set them up (actually, more likely your router and/or base) for nefarious purposes such as a botnet. I've been wondering the same sort of thing but don't have nearly enough information to even ponder an issue. Make sure your network devices have the latest firmware (modem, router, base, computers, phones, etc.) but be aware that security, especially for little devices on the Internet of Things, is likely only formative. Why security isn't a foremost concern these days boggles my mind but companies too frequently are just in a rush to get product out the door. Even expensive devices (think cars with Internet connections) aren't being properly locked down. Whether Netgear falls into any category from weak security to right on top of things is unknown, just as with anyone else. All we can do is to be careful.

Gurubagya · ‎2016-10-22

I also felt that my logins were compromised and even I felt that the CVR was edited. I think Arlo should come up with more robust authenticatin mechanisms like two way authentication as that of gmail and options to restrict the devices that can logon for a specific account. Unless these important features are implmented the advantage of using Arlo is lost

jguerdat · ‎2016-10-22

Well, ANY camera system connected to the Internet is at risk, not just Arlo.

Frankly, I feel that the likelihood of someone hacking your account and/or cameras for editing purposes (as opposed to a botnet) is pretty remote. How many folks using this system really have the possessions or safety concerns that would make the effort worthwhile? It's always possible so use strong passwords.

donttrustthem · ‎2016-10-29

SO why is there not a single response from Netgear on ANY of the security threads about DoS and botnet issues? Having a few forum participants theorize is not the same as a corporate definitive answer about any potential vulnerability and what will/can be done to ameliorate.

Netgear, what is the status of the Arlo cameras relative to the botnet issues? Thank you, many people are waiting for the answer.

Gurubagya · ‎2016-11-01

Propably the chances are remote. But for sure my cvr was edited and I have shared the screen shots to Arlo and have registered a complaint. If strong passwords can help the situation then why should there be mechanisms like two way authentication used by google. Arlo should consider the importance of security of the accounts and come up with two way authentications even if the percentage of folks affected is less.And where does Arlo stores these Videos and what level are they secured..if my cvr is edited by some one today it can happen to any one tomorrow..Arlo must address these security concerns..

JamesC · ‎2016-11-02

NETGEAR is aware of the recent cyberattacks that exploit insecure Internet of Things (IoT) devices to create distributed denial of service (DDoS) botnets. We believe that these attacks highlight the importance of IoT security and NETGEAR is working to establish and uphold security standards for IoT devices.

Arlo is not vulnerable to the Mirai malware. From the early stages of product development and throughout the product lifecycle, we are committed to proactively reducing our users’ cyber risks. Vulnerability and penetration testing on Arlo products is performed to identify and eliminate security vulnerabilities while we also continuously monitor the latest threats and strive to keep abreast of the latest state-of-the-art security developments by working closely with our partners and the security researcher community.

If you have any questions or comments with regard to this information, please contact us at: security@netgear.com.

Gurubagya · ‎2016-11-02

Thanks for your response! I hope I still havent got the answer for my two major concerns.

1. Is it possible for some one to edit the CVR if my account is compromised?

2. Is Arlo coming up with more robust authentication mechanisms like two way authentication mechanism used by google?

jguerdat · ‎2016-11-02

I don't see how someone could EDIT your CVR. See it, yes, delete videos from the library, yes, but not edit it since there's no user mechanism to do so. They'd actually have to hack the Arlo/Amazon servers so do this and I don't think any of us that have Arlo systems fall into the category of being important enough to waste the time. What makes you think there's a problem?

Gurubagya · ‎2016-11-03

I know it would not be easy. But I have shared couple of edited video clips from my CVR to the support team.

jguerdat · ‎2016-11-03

How were you able to tell that they had been edited? I wonder if it's a server issue that cross-coupled two streams rather than actually being edited.

Gurubagya · ‎2016-11-14

Even today I was able to see the CVR was edited and I have given enough evidence to the Arlo Support team and waiting for their findings. Also I am getting this error when trying to see the CVR after 12 PM CET .."unable to load plugin 'influxis', url flowerplayer/flowerplayer.rtmp-3.2.13.swf". I think some serious security hole in the way Arlo stores the CVR. Not sure if some one else faced the same problem for CVR being edited.

Gurubagya · ‎2016-11-14

I did some further investigation and found out the following:

- The Arlo Q Camera was switched off at 11:19 PM CET on 13th Nov without my knowledge and it was not switched on until 12:00 AM on 14th Nov.

- When it was switched on there was a time difference of 4 Hrs 35 Mins between the Camera Clock and the Wall clock facing the camera

- throughout 14th Nov the CVR was recorded with a time difference of 4Hrs 35 mins. ie, if the Camera clock shows 12:35 PM, the actual time in the wall clock was 8 AM.

- Not sure for what purpose it was done and by whom

- But that confirms that Arlo has serious security hole that needs immediate attention of the Arlo team.

- I have shared all the evidences with Images and Videos and created a case with Arlo.

Waiting for response from Arlo

Gurubagya · ‎2016-11-14

Just after I made the complaint and posted in the community, I see that some one is correcting the 4 Hrs 35 mins time difference.

Gurubagya · ‎2016-11-15

Arlo team any update on this incident..?

Gurubagya wrote:
Just after I made the complaint and posted in the community, I see that some one is correcting the 4 Hrs 35 mins time difference.

JamesC · ‎2016-11-15

Gurubagya,

If you provide the case number you have open with the Arlo Support team I will take a look at your case and provide any additional feedback that I can.

JamesC

Gurubagya · ‎2016-11-17

James, thanks!

case #27502029. Arlo has not yet shared their findings on 14th Nov incident. Pl check the artifacts I have attached and let me know your finding. Thanks!

Gurubagya · ‎2016-11-17

I am just wondering why Arlo is not able answer any of my questions for last 3 days regarding Security of Arlo Q?

JamesC · ‎2016-11-17

Gurubagya,

I have reviewed your case and it appears this case has been escalated for further investigation. I encourage you to continue working with the support team to find a resolution for this issue.

JamesC

Gurubagya · ‎2016-11-18

Today also at 1:27 am CET my Arlo Q camera was stopped without my knowledge

Gurubagya · ‎2016-11-18

Not sure Why Arlo team was not able to find any thing regarding Security of their camera for the last 5 days...?Does that silence means that the CVR was edited and Arlo does nt have any clue on how it was edited inspite it being happening for multiple times? Or Arlo does not care about these type of incidents as they know that it is possible with their products?

JamesC · ‎2016-11-21

Gurubagya,

This case has been escalated for further investigation. I will request an update on the status of the case.

JamesC

Gurubagya · ‎2016-11-23

The incident happened on 14th Nov. For last 10 days if Arlo is not able to find any thing on this incident, then it could be because of two reasons:

- Arlo is not capable of finding how the CVR was edited

or

- Arlo dont want to accept that their CVR was edited.

I lost hope with Arlo.

jguerdat · ‎2016-11-23

First, you don't have any proof that your CVR was edited. Blank spots do occur in normal usage although everyone would agree that it shouldn't. The reason can be anything from the camera being restarted for some reason, Internet access dropping, some sort of Internet problem totally external to you and Netgear or an issue with the servers. Or a mixture of any of them.

I understand your concern but you haven't proven anything. And the lack of response from support may mean that it's a low priority for some reason, that it's difficult to isolate the issue, or something else. We don't know and may never know.

Arlo Support

Arlo App for Support

Arlo
Support

Arlo App
for Support