Today only: Kohl’s Mystery Offer! Click here to get 40%, 30% or 20% off! Learn More
Sorry, this deal has expired. Get notified of deals like this in the future. Add Deal Alert for this Item
Popular Deal

Foscam psa

+50 Deal Score
29,571 Views
Securing Your Foscam Cameras
As a Foscam customer we would like to ensure that your cameras are secure and updated with the latest firmware. We would also like to tell you about our specials and promotions. If you'd prefer to no longer receive these updates, simply follow the Unsubscribe link at the bottom of this message to opt-out.

Hello ,


We wanted to reach out as soon as possible to inform you of recently discovered security vulnerabilities affecting "Foscam" branded cameras manufactured by China-based Shenzhen Foscam. Foscam US has been notified of 18 security vulnerabilities that exist on cameras manufactured by Shenzhen Foscam which leave users vulnerable to hacks which allow attackers to remotely take-over cameras, live stream, download stored files and even compromise other devices located on the local network. (Source: F-Secure Report available here).

The vulnerabilities affect "Foscam" branded cameras and cameras manufactured by China-based Shenzhen Foscam only. The vulnerabilities DO NOT affect Amcrest or FDT branded cameras which are produced by a separate factory and R&D team led by US-based Amcrest (formerly Foscam US and now Amcrest), which is totally unrelated to China-based Shenzhen Foscam.

Amcrest split off from China-based Shenzhen Foscam in 2015 / 2016 due to issues relating to distribution, lack of security and quality control and thus Amcrest and FDT cameras are totally unaffected by these latest security vulnerabilities.


The models affected include the following:

Foscam R2
Foscam C1
Foscam C1 Lite
Foscam C2
Foscam FI9800
Foscam FI9826P
Foscam FI9828P
Foscam FI9851P
Foscam FI9853EP
Foscam FI9901EP
Foscam FI9903P
Foscam FI9928P

(Source CVE Details report available hereSmilie


We recommend disconnecting your current Foscam branded cameras from the internet until these issues have been resolved. If you have any questions, please reach out to China-based Shenzhen Foscam directly.


Shenzhen Foscam currently have not responded and have not yet provided any patch or fix to address the vulnerabilities.(Source: Arstechnica https://arstechnica.com/security/...-controls/


More details available here:
https://arstechnica.com/security/...e-controls
http://www.tomsguide.com/us/fosca...25254.html
Share
Good deal?
You gave rep to cabanamap for this post.
Thank you!
cabanamap posted this deal. Say thanks!
Give Rep Points
If you purchase something through a post on our site, Slickdeals may get a small share of the sale.
Deal
Score
+50
29,571 Views
About the OP
Give Rep Send Message
Joined Nov 2016 Manchild
190 Reputation Points
19 Deals Posted
105 Votes Submitted
99 Comments Posted

Community Wiki

Last Edited by SanfordOWLR June 17, 2017 at 09:01 AM
UPDATE (from SanfordOWLR):

Foscam has since responded with a new firmware with appropriate fixes. You can read Foscam's respponse here https://www.foscammall.com/import...ement.html

Additionally, the researcher who conducted this research DID NOT reach Foscam due to the fact that they communicated with the OEM/distributor in Finland (Opticam) and contacted a national security organization - both of which did not communicate with Foscam Shenzhen.

It was not until much later did the researcher discover the OEM Opticam was made by Foscam, but this information did not get passed up the chain.

Once Foscam was made aware of the issues, they addressed the problems and have since released a firmware fix.

---------
here's the PSA in quote

Quote :
Securing Your Foscam Cameras

As a Foscam customer we would like to ensure that your cameras are secure and updated with the latest firmware. We would also like to tell you about our specials and promotions. If you'd prefer to no longer receive these updates, simply follow the Unsubscribe link at the bottom of this message to opt-out.

Hello,

We wanted to reach out as soon as possible to inform you of recently discovered security vulnerabilities affecting "Foscam" branded cameras manufactured by China-based Shenzhen Foscam. Foscam US has been notified of 18 security vulnerabilities that exist on cameras manufactured by Shenzhen Foscam which leave users vulnerable to hacks which allow attackers to remotely take-over cameras, live stream, download stored files and even compromise other devices located on the local network. (Source: F-Secure Report available here [en25.com]).

The vulnerabilities affect Foscam branded cameras and cameras manufactured by China-based Shenzhen Foscam only. The vulnerabilities DO NOT affect Amcrest or FDT branded cameras which are produced by a separate factory and R&D team led by US-based Amcrest (formerly Foscam US and now Amcrest), which is totally unrelated to China-based Shenzhen Foscam.

Amcrest split off from China-based Shenzhen Foscam in 2015 / 2016 due to issues relating to distribution, lack of security and quality control and thus Amcrest and FDT cameras are totally unaffected by these latest security vulnerabilities.

The models affected include the following:
  • Foscam R2
  • Foscam C1
  • Foscam C1 Lite
  • Foscam C2
  • Foscam FI9800
  • Foscam FI9826P
  • Foscam FI9828P
  • Foscam FI9851P
  • Foscam FI9853EP
  • Foscam FI9901EP
  • Foscam FI9903P
  • Foscam FI9928P

We (at Amcrest) recommend disconnecting your current Foscam branded cameras from the internet until these issues have been resolved. If you have any questions, please reach out to China-based Shenzhen Foscam directly.

Shenzhen Foscam currently have not responded and have not yet provided any patch or fix to address the vulnerabilities. (Source: Arstechnica https://arstechnica.com/security/...-controls/

More details available here:
https://arstechnica.com/security/...e-controls
http://www.tomsguide.com/us/fosca...25254.html

Amcrest Technologies
14027 Memorial Drive #132, Houston, TX 77024, USA
This post can be edited by most users to provide up-to-date information about developments of this thread based on user responses, and user findings. Feel free to add, change or remove information shown here as it becomes available. This includes new coupons, rebates, ideas, thread summary, and similar items.

Once a Thread Wiki is added to a thread, "Create Wiki" button will disappear. If you would like to learn more about Thread Wiki feature, click here.

121 Comments

1 2 3 4 5

Sign up for a Slickdeals account to remove this ad.

This comment has been rated as unhelpful by Slickdeals users
Joined Apr 2014
L2: Beginner
92 Posts
14 Reputation
#3
Never ever allow any camera direct access to the internet. ALWAYS ON A SEPARATE NETWORK.
Reply Helpful Comment? 4 2
This comment has been rated as unhelpful by Slickdeals users
Joined Dec 2003
CDI gave me free netflix!
10,113 Posts
3,512 Reputation
Pro
Our community has rated this post as helpful. If you agree, why not rep phonic?
#4
Here's the original security bulletin:
http://images.news.f-secure.com/W...report.pdf

Not to downplay the issue with Foscam, but most if not all of those vulnerabilities are not going to affect people who have locked down their devices properly. Even if you allow HTTPS traffic from the Internet, that won't allow people to exploit FTP, ONVIF or telnet services that may be vulnerable. Now if your camera is sitting on the edge with a public IP, you're probably in trouble. But then again, you're also an idiot.

To the OP, thanks for the alert. Granted the email you received is more of a marketing one then a true advisory.
Reply Helpful Comment? 10 0
This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2006
L5: Journeyman
996 Posts
100 Reputation
#5
Yup got the email.. I guess that's what we get for paying to Chinese incomplete products. Having hard-coded empty passwords...wow.

On the top document says "These vulnerabilities and recommendations have been disclosed to the vendor and the vendor has been given several months to respond. To date no fixes have been issued by the vendor"

Foscam removed completely going forward from my purchase list and other companies mentioned in the list. If you need several months to fix security issues, company is not competent enough to get my money.
Reply Helpful Comment? 2 1
This comment has been rated as unhelpful by Slickdeals users
Joined Oct 2010
L2: Beginner
62 Posts
63 Reputation
#6
Hello Everyone,

This is a public service announcement, since a lot of people on here, including myself, purchase foscam camera. They also manufacture for 3rd party relabeling, please see below for email from sales@amcrest.com and this link [tomsguide.com]to Tom's Hardware.


Code:
Securing Your Foscam Cameras

As a Foscam customer we would like to ensure that your cameras are secure and updated with the latest firmware. We would also like to tell you about our specials and promotions. If you'd prefer to no longer receive these updates, simply follow the Unsubscribe link at the bottom of this message to opt-out.



Hello,


We wanted to reach out as soon as possible to inform you of  recently discovered security vulnerabilities affecting "Foscam" branded cameras manufactured by China-based Shenzhen Foscam. Foscam US has been notified of 18 security vulnerabilities that exist on cameras manufactured by Shenzhen Foscam which leave users vulnerable to hacks which allow attackers to remotely take-over cameras, live stream, download stored files and even compromise other devices located on the local network. (Source: F-Secure Report available here).

The vulnerabilities affect "Foscam" branded cameras and cameras manufactured by China-based Shenzhen Foscam only. The vulnerabilities DO NOT affect Amcrest or FDT branded cameras which are produced by a separate factory and R&D team led by US-based Amcrest (formerly Foscam US and now Amcrest), which is totally unrelated to China-based Shenzhen Foscam. 

Amcrest split off from China-based Shenzhen Foscam in 2015 / 2016 due to issues relating to distribution, lack of security and quality control and thus Amcrest and FDT cameras are totally unaffected by these latest security vulnerabilities.


The models affected include the following:

Foscam R2

Foscam C1

Foscam C1 Lite

Foscam C2

Foscam FI9800

Foscam FI9826P

Foscam FI9828P

Foscam FI9851P

Foscam FI9853EP

Foscam FI9901EP

Foscam FI9903P

Foscam FI9928P

(Source CVE Details report available here:) 


We recommend disconnecting your current Foscam branded cameras from the internet until these issues have been resolved. If you have any questions, please reach out to China-based Shenzhen Foscam directly.



Shenzhen Foscam currently have not responded and have not yet provided any patch or fix to address the vulnerabilities.(Source: Arstechnica https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/


More details available here: 

https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls

http://www.tomsguide.com/us/foscam-camera-flaws,news-25254.html


14027 Memorial Drive #132, Houston, TX 77024, USA 

Unsubscribe | Change Subscriber Options
Reply Helpful Comment? 1 0
This comment has been rated as unhelpful by Slickdeals users
Joined Oct 2008
O.G
5,265 Posts
1,435 Reputation
#7
Quote from crazychomp
:
Hello Everyone,

This is a public service announcement, since a lot of people on here, including myself, purchase foscam camera. They also manufacture for 3rd party relabeling, please see below for email from sales@amcrest.com and this link [tomsguide.com]to Tom's Hardware.


Code:
Securing Your Foscam Cameras

As a Foscam customer we would like to ensure that your cameras are secure and updated with the latest firmware. We would also like to tell you about our specials and promotions. If you'd prefer to no longer receive these updates, simply follow the Unsubscribe link at the bottom of this message to opt-out.



Hello,


We wanted to reach out as soon as possible to inform you of  recently discovered security vulnerabilities affecting "Foscam" branded cameras manufactured by China-based Shenzhen Foscam. Foscam US has been notified of 18 security vulnerabilities that exist on cameras manufactured by Shenzhen Foscam which leave users vulnerable to hacks which allow attackers to remotely take-over cameras, live stream, download stored files and even compromise other devices located on the local network. (Source: F-Secure Report available here).

The vulnerabilities affect "Foscam" branded cameras and cameras manufactured by China-based Shenzhen Foscam only. The vulnerabilities DO NOT affect Amcrest or FDT branded cameras which are produced by a separate factory and R&D team led by US-based Amcrest (formerly Foscam US and now Amcrest), which is totally unrelated to China-based Shenzhen Foscam. 

Amcrest split off from China-based Shenzhen Foscam in 2015 / 2016 due to issues relating to distribution, lack of security and quality control and thus Amcrest and FDT cameras are totally unaffected by these latest security vulnerabilities.


The models affected include the following:

Foscam R2

Foscam C1

Foscam C1 Lite

Foscam C2

Foscam FI9800

Foscam FI9826P

Foscam FI9828P

Foscam FI9851P

Foscam FI9853EP

Foscam FI9901EP

Foscam FI9903P

Foscam FI9928P

(Source CVE Details report available here:) 


We recommend disconnecting your current Foscam branded cameras from the internet until these issues have been resolved. If you have any questions, please reach out to China-based Shenzhen Foscam directly.



Shenzhen Foscam currently have not responded and have not yet provided any patch or fix to address the vulnerabilities.(Source: Arstechnica https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/


More details available here: 

https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls

http://www.tomsguide.com/us/foscam-camera-flaws,news-25254.html


14027 Memorial Drive #132, Houston, TX 77024, USA 

Unsubscribe | Change Subscriber Options
Hey, please replace the CODE tag with tags, as the display box is not really visually appeasing.

Great info regardless
Reply Helpful Comment? 1 5
This comment has been rated as unhelpful by Slickdeals users
Joined Jan 2017
New User
53 Posts
17 Reputation
#8
Yeah, you don't even need all that. Just call their technical support line and get scammed from their tech. I had a guy actually help me out and we were connected with teamviewer or some such screen grabbing / Keylogger software. I told him how awesome he was for helping me and he asked me if I can help give him a good review. "Of course!" I said. He opened up Amazon and went to the login screen on my computer and told me to log in............
Yeah no.

I wrote to them and told them about this tech trying to scam them but they didn't give a damn.
So yeah, just avoid calling their technical support line if you don't want to get scammed!
Reply Helpful Comment? 3 2
This comment has been rated as unhelpful by Slickdeals users
Joined Dec 2007
Get Familiar
549 Posts
405 Reputation
Our community has rated this post as helpful. If you agree, why not rep micahman33?
#9
Isn't Amcrest a competitor now to Foscam? So it would make sense they would use some level of scare tactics since the same company used to sell Foscam's, now is selling rebranded foscams as Amcrest? I could be wrong, but I thought I read that somewhere. Anyway, I'd always used my foscams knowing that the feed was likely viewable somewhere. Im not overly concerned about someone watching what happens in my garage.
Reply Helpful Comment? 4 1

Sign up for a Slickdeals account to remove this ad.

This comment has been rated as unhelpful by Slickdeals users
Joined Dec 2006
L6: Expert
1,239 Posts
173 Reputation
#10
FOSCAM
We wanted to reach out as soon as possible to inform you of recently discovered security vulnerabilities affecting "Foscam" branded cameras manufactured by China-based Shenzhen Foscam. Foscam US has been notified of 18 security vulnerabilities that exist on cameras manufactured by Shenzhen Foscam which leave users vulnerable to hacks which allow attackers to remotely take-over cameras, live stream, download stored files and even compromise other devices located on the local network. (Source: F-Secure Report available here).

The vulnerabilities affect "Foscam" branded cameras and cameras manufactured by China-based Shenzhen Foscam only. The vulnerabilities DO NOT affect Amcrest or FDT branded cameras which are produced by a separate factory and R&D team led by US-based Amcrest (formerly Foscam US and now Amcrest), which is totally unrelated to China-based Shenzhen Foscam.

Amcrest split off from China-based Shenzhen Foscam in 2015 / 2016 due to issues relating to distribution, lack of security and quality control and thus Amcrest and FDT cameras are totally unaffected by these latest security vulnerabilities.

Vendor response These vulnerabilities and recommendations have been disclosed to the vendor and the vendor has been given several months to respond. To date no fixes have been issued by the vendor. Because there appear to be no fixes available, we have refrained from publish
Reply Helpful Comment? 1 0
This comment has been rated as unhelpful by Slickdeals users
Joined May 2017
L5: Journeyman
758 Posts
#11
I knew there was a reason that I stayed away from foscam. Now I know that reason.
Reply Helpful Comment? 1 3
This comment has been rated as unhelpful by Slickdeals users Show Post
HIDDEN
06-12-2017 at 12:20 PM
This comment has been rated as unhelpful by Slickdeals users
This comment has been rated as unhelpful by Slickdeals users
Joined Dec 2005
L8: Grand Teacher
3,631 Posts
864 Reputation
#13
Quote from micahman33
:
Isn't Amcrest a competitor now to Foscam? So it would make sense they would use some level of scare tactics since the same company used to sell Foscam's, now is selling rebranded foscams as Amcrest? I could be wrong, but I thought I read that somewhere. Anyway, I'd always used my foscams knowing that the feed was likely viewable somewhere. Im not overly concerned about someone watching what happens in my garage.
I had the same thought; sort of like Chevy telling you not to use your Ford for safety reasons.
Reply Helpful Comment? 2 2
This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2009
**USA Chant**
12,792 Posts
5,963 Reputation
Pro
#14
If you have an internet based camera you are naive if you think that intruders can't access it. Edward Snowden's leaks show that the NSA has the capability of accessing all cameras on cellphones at any time. Any device with an IP address can be accessed. If the NSA can do it so can other agencies (Russian, chinese, etc). Unless you've got assets that are valuable, you are probably not a target. Isn't ignorance a beautiful thing? If you don't know they have those capabilities that means they can't do it? Right? Right? heh.

There's dedicated (creepy) websites of internet based cameras live streaming without the owner's knowledge. Russian websites for instance. 60 minutes did a special on it.
Reply Helpful Comment? 4 3
This comment has been rated as unhelpful by Slickdeals users
Joined Dec 2010
L3: Novice
131 Posts
22 Reputation
#15
Quote from micahman33
:
Isn't Amcrest a competitor now to Foscam? So it would make sense they would use some level of scare tactics since the same company used to sell Foscam's, now is selling rebranded foscams as Amcrest? I could be wrong, but I thought I read that somewhere. Anyway, I'd always used my foscams knowing that the feed was likely viewable somewhere. Im not overly concerned about someone watching what happens in my garage.
Totally, especially from the tone the email is crafted. The best Armwrest can do is match or beat Foscam by price.
Reply Helpful Comment? 2 1
Page 1 of 9
1 2 3 4 5
Join the Conversation
Add a Comment
 
Copyright 1999 - 2018. Slickdeals, LLC. All Rights Reserved. Copyright / Infringement Policy  •  Privacy Policy  •  Terms of Service  •  Acceptable Use Policy (Rules)  •  Interest-Based Ads
Link Copied to Clipboard