Makes D-Link joke.
laughs
nervously realize I also have D-Link products

The speakers should always repeat the questions asked.

This is better than comedy.

is that podium comically large or is he comically small

He failed to guard his corona now there’s an outbreak.

I barely know how to script, but I actually understood a good amount of that. This guy is great :D

Some of these are so blatant, you have to wonder if they're on purpose. Oops, the one script we forgot to password-protect happens to have a trivial root command injection exploit...

I. AM. ROOT

Every single time that I worry that technology is moving too fast for us security types, there's a million dollar company to prove me wrong. Every, single, goddamn time. I love it.

Simplicity is key: Want to be safe? Just get a camera physically connected to a hard drive. Almost 10x cheaper and definitely more secure.

Six years later, and this shit is still happening... CVE-2019-15498

Get this man a glass of water.

Very good presentation. The presenter is also very good with public speaking, and knew this subject very well. Also was experienced with good audience eye contact, and body language. As a former instructor/trainer myself, public speaking is not for everyone. Interesting subject, I didn't understand a lot about the coding and software values, but nonetheless it was fun/scarey to listen to what can be done. Job well done.  

For anybody wondering whether or not the byte code is x86, it is ARM. (now things make sense lol)

It's almost 2020 and these days I see automated scans on my router from all kinds of national IP's that scan automatically on every port available and try default FTP passwords etc, with access denied errors hence how i found out about this.

This video is great security motivation for anybody, especially with the new generation of minecraft kids setting their routers DMZ to their local PC so their servers run easily consistent, but also opening a whole world of AI scanners that will get into much worse once they've found local admin / root.

Actually rofling at the "Ron Burgundy" exploit.

Now in 2018 and I can't find any hosts where /cgi-bin/rtpd.cgi runs... I guess that's been patched lol

XD 3SVISION hasn't patched that yet

This is why I drop all traffic to and from my IP cameras at my edge firewall. If I want to view them remotely I will VPN into my network. It's old school but I don't trust any hardware running embedded Linux on my network. To many companies have no idea what they are doing code wise and these cameras are essentially computers to be abused.

Isn't this the same guy that developed Reaver, the tool built into Kali Linux/Parrot Sec used for recovering WPS PIN Registrars?