Trendnet ruling heralds crackdown on insecure home webcams

  • Published
Trendnet stills
Image caption,
One user uploaded a montage of what he said were Trendnet feeds to alert the media to the problem

A company whose home cameras were hacked, causing privacy intrusions for hundreds of people, has been admonished by the US Federal Trade Commission.

The FTC scolded manufacturer Trendnet for the weaknesses that meant supposedly private video feeds were in fact viewable by anyone online.

The company is now barred from referring to their cameras as "secure" in marketing material.

The move is the first such crackdown by the FTC on connected home devices.

Commonly referred to as the Internet of Things, the idea that many things in the home - not just typical computers - will be connected to the internet is tipped to be a major industry in the near future.

But the FTC said it was intent on making sure that subsequent risks were properly addressed.

"The Internet of Things holds great promise for innovative consumer products and services," said FTC chairwoman Edith Ramirez.

"But consumer privacy and security must remain a priority as companies develop more devices that connect to the internet."

Babies in cribs

In January last year, a hacker posted details of 700 live private video feeds they had managed to access - complete with details of how others could do the same.

Soon, other people frequenting forums such as 4Chan were sharing feeds showing various activities, including babies sleeping in cribs and young children playing.

One user remarked at the time: "I feel like a paedophile watching this."

The FTC said Trendnet did not take reasonable steps to secure details - log-ins and passwords were sent by the company in clear, readable text. Security experts agree that details like this should be encrypted and stored rather than shared out.

Trendnet issued a software patch to combat the problem, but it was not an automatic upgrade. The FTC said the company must now make more effort to contact existing customers in instances when a critical update has been released.

Other companies have faced similar problems.

Last month, camera maker Foscam found itself at the centre of controversy when a hacker was able to shout abuse at a two-year-old child by exploiting a vulnerability in a camera the company advertised as an ideal "baby monitor".