Home surveillance systems can get really expensive, and many times don't provide everything your looking for. My goal was to set up a functional reliable home surveillance system, that I could view on my mobile device, provided motion detection image capture, and the ability to support multiple cameras.
iPhone Software:
I found icam in the apple app store. This app caught my eye because of its simplicity. It also does not require a subscription, in app purchase, or ads.
Server Software:
The server software (icam source) works with the app and is free on the company website. For free software it is very stable, and can also push notifications during a motion event. I set mine up to archive the image captures to external hard drive, so those images are backed up to the cloud.
Cameras:
These cameras have worked flawlessly for me. They don't have a ton of bells and whistles, but perform great in low light and have been super reliable.
Update:
If you are getting public proxy busy or the app is trying to get you to pay for proxy access take a look at your local home router. You will probably have to forward a range of ports to allow your iPhone app to connect to your home server when you on another network.
IMPORTANT NOTE #1 - If your router only allows you to forward a single port at a time, change the port range from 12000-12100 to 12000-12005 in the iCamSource and add 6 port forwarding rules in your router, one for each port.
IMPORTANT NOTE #2 - If you are running iCamSource(s) on more than one computer on the same network then you will need to use (and forward) a separate port range for each computer. (We recommend using 12000-12100, 12200-12300, 12400-12500, etc.)
IMPORTANT NOTE #2 - If you are running iCamSource(s) on more than one computer on the same network then you will need to use (and forward) a separate port range for each computer. (We recommend using 12000-12100, 12200-12300, 12400-12500, etc.)
Fremdschämen (external shame)
Have you ever watched someone make a fool of themselves, only to find yourself cringing in embarrassment for them? Then you’ve most likely experienced fremdschämen. This German word is made up of two parts, with fremd meaning “foreign” and schämen meaning “to be embarrassed.” The term is typically used to describe someone who feels embarrassment on behalf of someone else. The corresponding noun for this feeling is Fremdscham.
Fremdschämen (pronounce: "Fremmd-Shamen") is the German word for the sentiment of joint embarassment. In the literal sense it means "external shame".
Use it in a sentence!Today's example was prompted by the Eurovision Song Contest, always a good opportunity to feel embarassed for others.
"Bereits nach den ersten Klängen des diesjährigen Beitrags von Großbritannien zum Eurovision Song Contest zuckte das Publikum innerlich zusammen. Ein europaweites Fremdschämen machte sich breit."
"Right after the first notes of Great Britain's contribution to this year's Eurovision Song Contest, the audience winced innerly. A feeling of Fremdschämen spread throughout Europe."
Too harsh? You be the judge.
Enjoy!
If online security is complicated, then online privacy is imposible. The public is slowly learning the difference between these two topics. Unfortunate situations such as the infamous fappening has brought both of these topics to the attention of the cyber muggles.
Online security can be reduced to 1s and 0s algorithms and ciphers, there is a finite outcome when you are looking at crypto. Math dose not lie, and we have the ability to create a secure cyber world. Where security breaks down is the implementation. Complicated software (open and proprietary), lack of proper vetting, and some times just laziness are a few of the causes.
Online privacy on the other hand is much darker and deeper then anyone wants to admit. From the government to politicians to the telco companies to advertisers, your privacy is a commodity that is sold, stolen, and bartered for. Free google email is a perfect example. If you sign up for email (which I have) you should understand that your email will probably be secure, but you are giving up privacy through google targeted marketing bots that crawl every email you get.
But there are groups looking out for the publics interests even if they didn't now they needed it.
- The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in the United States.
- The American Civil Liberties Union (ACLU) is a nonpartisan non-profit organization whose stated mission is "to defend and preserve the individual rights and liberties guaranteed to every person in this country by the Constitution and laws of the United States."
Below I have listed some links to privacy and security audits that have been performed for many of the services we use today. I though they where interesting and wanted to gather what I could find in one place.
Well they have used up all the awesome vulnerability names, hence the POODLE Attack (Padding Oracle In Downgraded Legacy Encryption). Twitter security chatter has increased around the POODLE Attack and there has been a CVE number assigned CVE20143566.
Links to both the google paper and the CVE.
F5 response to the CVE
https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip
Link to F5 SOL article
https://support.f5.com/kb/en-us/solutions/public/15000/700/sol15702.html
Link to F5 removing SSLV3:
https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip
High Level Explanation:
The quick and dirty is even if a client and server both support a version of TLS, the security level offered by SSL 3.0 is still relevant since many clients implement a protocol downgrade dance to work around server side interoperability bugs. In the google security advisory, they discuss how attackers can exploit the downgrade dance and break the cryptographic security of SSL 3.0.
The only real work around is to disable SSL 3.0 but for many web admins supporting legacy clients, Window XP running i.e.6 for example, disabling SSL 3.0 is not an option.
If you end up enabling SSL3.0 you can enable TLS_FALLBACK_SCSV. This forces a more controlled negations of ssl between the client and the server limiting the possibility of clients and servers skipping protocols during the SSL negotion.
I will add more specifics to the F5 and how you would enable the TLS_Fallback command, as well as how to order your SSL protocol and cypher strengths.
***UPDATE***
According to F5 they do not currently support the TLS_FALLBACK_SCSV cipher. There is talk about an engineering hot fix that may include support but there is no solid ETA. F5 is recommending you disable SSL 3.0 where you can.
OpenSSL command to test if a webserver supports SSL3.0:
***UPDATE***
According to F5 they do not currently support the TLS_FALLBACK_SCSV cipher. There is talk about an engineering hot fix that may include support but there is no solid ETA. F5 is recommending you disable SSL 3.0 where you can.
OpenSSL command to test if a webserver supports SSL3.0:
openssl s_client -connect target:443 -ssl3
If the command makes you enter more information, then you just made an SSLv3 connection. If the command returns you to a prompt right away, then SSLv3 is disabled on that target host.