IP camera manufacturers force researcher to pull conference talk

A researcher has been forced to cancel his presentation on the vulnerabilities found on major surveillance cameras and how they can be exploited “due to legal threats from the manufacturers affected.”

Gianni Gnesa, the founder and CEO of Swiss security assessment and pentesting services firm Ptrace Security, was scheduled to share his findings and demonstrate attacks agains IP cameras from several manufacturers at the Hack in the Box GSEC conference in Singapore next week.

Surveillance cameras are ubiquitous, and are meant to add a degree of security to everyday life, but as they are often connected to the Internet, they can be accessed and misused by knowledgeable attackers.

Gnesa obviously found ways in which that can be effected, and ways for those malicious individuals to make their presence and misuse go undetected.

The public revelation of these vulnerabilities obviously didn’t sit well with the affected manufacturers, who opted for strong-arming the researcher into keeping mum.

“If companies would use half of the energy they use to get after researchers, to fix their products, we would all be more secure,” he commented the matter on Twitter.

This incident comes on the heels of FireEye legally censoring crucial parts of Felix Wilhelm’s talk at 44CON about critical vulnerabilities he found in a FireEye NX device, and the revelation that two years ago Volkswagen legally prevented a trio of European researchers, who discovered that the Megamos Crypto transponder used in their cars and that of other manufacturers is vulnerable to attack, to share crucial parts of their research with the audience at the 22nd USENIX Security Symposium in 2013.