Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

In the morning I finished figuring out how Vivotek cameras store private keys for AWS KVS streaming. They are encrypted on disk. Disassembling some executables I managed to reverse engineer the encryption keys. Apparently Vivotek things obscurity is security… With the encryption keys we can switch to a custom made solution, while reusing the same certificates as before.




mdavid626 3 hours ago | prev | next [–]

In the morning I finished figuring out

  how Vivotek cameras store private keys for AWS KVS streaming.
They are encrypted on disk.

  Disassembling some executables I managed to reverse engineer the encryption keys.
Apparently Vivotek things obscurity is security…

   With the encryption keys we can switch
to a custom made solution,

  while reusing the same certificates as before.
You go back, Jack. Do it again.

World spinning round and round.

reply


You're upset that an encrypted stream needs encryption keys? And that you need physical access, the binaries themselves, and reverse engineering tools to get them?

I think you'll be surprised to learn you can do the same thing to any program which encrypts data

reply


No, I’m not upset. Private keys are necessary, that’s fine. Vivotek encrypts them additionaly, but stores the encryption keys right next to the encypted data.

One could use TPM chip to store the keys, rather than such useless obscure encryption, which looks secure, but it’s not.

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: