So much for the security of home-based CCTV. Security researchers are warning that a recently-discovered vulnerability in some systems can be used to let would-be crooks spy on householders, enabling them to verify there's nobody home when they plan to break in.
Trendnet, which makes home CCTV systems, has issued a warning that some of its IP cameras purchased between April 2010 and today may allow hackers to access the video feeds over the internet.
That could potentially be used to turn the cameras against their owners, granting thieves a real-time view of properties – and enabling them to both case the joint for valuables and identify the ideal opportunity to strike.
The vulnerability came to light after a blogger, going by the name of “someLuser” posted details of how he was able to access some 350 Trendnet cameras simply by typing an address – consisting of the camera's IP address along with a sequence of 15 digits – into his browser.
“There does not appear to be a way to disable access to the video stream. I can't really believe this is something that is intended by the manufacturer,” the blogger wrote.
Trendnet told the BBC that it had been aware of the problem, which affects 26 of its models, since 12 January.
Worried householders have been urged to patch their systems with the newly-released firmware update, available from Trendnet's website.