Recent findings by tech YouTuber Benn Jordan and 404 Media have revealed a concerning security vulnerability involving Flock’s AI-powered surveillance cameras. Livestreams from over 60 of Flock’s cameras were accessible online without requiring any login credentials, potentially allowing unauthorized individuals to view real-time feeds from various locations.
Flock, a technology company known for deploying AI cameras in collaboration with law enforcement agencies and businesses, offers advanced features such as automated tracking of people and vehicles. Partnering with Ring has expanded Flock’s reach, enabling customers to request footage from Ring’s Neighbors app.
Jordan’s investigations exposed the extent of the security lapse, showcasing scenarios where the AI-powered cameras automatically zoomed in on individuals in different settings, from a New York resident leaving home to a lone jogger in Georgia. The exposed feeds, originating from Flock’s Condor cameras capable of panning, tilting, and zooming, were discovered through Shodan, a search engine indexing internet-connected devices.
Collaborating with security expert Jon “GainSec” Gaines, Jordan and his team not only accessed live camera feeds but also gained control over administrator panels, allowing them to download video archives, modify settings, delete footage, and perform diagnostics. This breach raises significant privacy and security concerns, emphasizing the need for robust cybersecurity measures in AI surveillance systems.
Source: The Verge
Leave a Reply