If a friend have this camera, shuld he be worried?

Per the article, the attacker can restart the camera and potentially find the accurate position of it. However, if the attacker can be physically in proximity within the camera range, they can MITM it and intercept the video feed. So it depends on your friend's threat model. If the camera is recording something in a public location and they don't mind the location being exposed and potentially the video feed (like plenty of live public cameras), then it shouldn't be an issue. Otherwise, they need to disable it until it gets fixed.

▲

reddalo 2 days ago | parent [-]

> they can MITM it

Can they? I thought they could only do it if they're in the same LAN.

▲

defraudbah 2 days ago | parent [-]

the exploit is to make camera disconnect and connect to your wifi, that's how they MITM, pretty long process unless you do it often

▲

buddhistdude 2 days ago | parent [-]

could be automated though?

	▲	defraudbah 2 days ago \| parent [-]
		yes, everything can be automated, and as you people don't always have time to automate everything, so it depends if your area has many c200 which is a home camera, not outdoor

▲

buddhistdude 3 days ago | parent | prev | next [-]

not necessarily worried, but like put on some pants before entering the room

▲

userbinator 3 days ago | parent | prev | next [-]

If it's isolated from the Internet, no.

▲

g5pw 2 days ago | parent | prev | next [-]

As @tehlike said in a sibling comment, it looks like it is supported by https://thingino.com, so you can 'update' the firmware to a more secure (and FOSS) one!

▲

sciencejerk 3 days ago | parent | prev [-]

Yep