Web-based DropCam Surveillance Systems Vulnerable to Hackers

The discovered weakness could allow hackers to spy on the targets by watching video and "hot-mike" audio on the cameras, inject fake videos into the surveillance startup in an effort to hide their malicious activities and use the compromised system to attack network.
via Web-based DropCam Surveillance Systems Vulnerable to Hackers

Ah. Yes, the Internet of Things.

The device runs an outdated and unpatched version of an open source Unix toolkit BusyBox, that may not even receive updates, and the older as well as vulnerable version of OpenSSL that made it vulnerable to the critical Heartbleed bug.

Well, that's the problem isn't it.

when is it good enough?

Choosing an audiophile amp and DAC are difficult because audiophiles will tell you a great deal of unscientific wine-tasting descriptions of how each component sounds, then recommend whatever they bought. As soon as you pick one, the same people blame it for any flaw or disappointment you find. “Oh, you aren’t impressed by these expensive headphones? Burn them in for 600 more hours, upgrade that inferior stock cable, and replace that harsh DAC.” It’s exhausting. Marco

I understand what Marco is experiencing. My dad was an audiophile. As a teenager, I remember him spending hours analyzing his components to find the source of "flaws". He would often pull me in for listening tests. I remember him having buying three separate brands of speaker and testing each for a month to make his final buying decision.

How well did my OS X 10.8 install go? Well ...

So ... I completed two installs of OS X 10.8 yesterday. One on my wife's 2009 MacBook and the other on my 2009 iMac. Both went well. The MacBook was done first starting at around 8:15 AM. The servers were slammed so it took a while for things to get started. I had a few failed connection attempts. Once the download started I started praying. Why? Well ... I was doing the install while at work and I was not authorized to use my employers network for my personal device. However, from my desk I get a strong signal from the nearby Xfinitiy Wi-Fi hotspot. Yes! That's right, I did a major OS install on a laptop over a public Wi-Fi network. I've used that hotspot for over a year. The download speed is about 12Mb/s and I've never had a dropped connection. So why not? Once the download completed - it took about 3 hours - I launched the installer and 33 minutes later I had Mountain Lion.

I rushed home after work and started the download and install on my iMac. Since my over-the-air install had gone so well I opted to install over my Wi-Fi network. I have a 802.11n Time Capsule which had never failed me. With the exception of the TiVo, Apple TV and the Blu-Ray player - I guess those are all media devices for video - all the devices in the home are wireless. The iMac download of OS X 10.8 was a lot faster - about 15 minutes. The installer took 30 minutes.

All apps on both computers seem to be Mountain Lion compatible so far. I've run into an issue with two apps on the iMac, though. Prior to Mountain Lion I used AirFoil to stream system audio from the iMac to an [AirPort Express]1 connected to a pair of powered speakers behind the living room couch. This comes in handy when I want to use streaming audio services like Spotify or Pandora. I could stream these from my iPhone but then I'd have to worry about charging the phone or music when the phone rings etc. It seems the drivers that AirFoil uses are not Mountain Lion compatible so the audio controls on the iMac are borked. I can not lower or raise the volume on the iMac. It's stuck at the level it was before the installation. I think this is fixable either with an update from AirFoil or a removal of those specific drivers.

The second issue is more of a decision point. As you know, I'm not a fan of legacy technology like Java and Flash. I've taken the position that these technologies have outlived there usefulness. C++, Objective C and other language are now portable and powerful enough for building robust mobile apps and we longer need the build-once run-anywhere "broken" promise of Java. The HTML 5 standard has/will make Flash superfluous for building responsive web sites. A few years ago I removed Flash and disabled the JVM (browser only) on my Macs. OS X 10.8 ships with neither.

Apple, Adobe and Oracle came to an agreement. Going forward Adobe and Oracle will be responsible for all development and patching of their respective technologies for the Mac platform. That good news and bad news. The good news is that I don't have to worry about the current trend of attacking the Mac through security flaws in Flash or Java. The Mac's reputation has been recently tarnished by Trojans attacking the platform through those technologies. The bad news is that, CrashPlan, my local and online backup solution, no longer works. Apparently the software requires Java and when I first launched it, I was prompted to download and install Oracle's Java. The program is Mountain Lion compatible only if I install Java. Bummer.

So ... I have a decision to maker. Either I install Java and live with the risk or ... I find another solution2. I haven't decided yet.

Did you install OS X 10.8 or are you waiting for software updates for your software first? If you did install OS X 10.8, how did it go? What new features are you excited about? Let me know in the comment section below.

  1. The AirPort Express is wirelessly linked to the Time Capsule as one network. 
  2. Switching cost will be high. I've got over 1TB in the service.