• rekabis@lemmy.ca
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    2
    ·
    10 months ago

    And that’s why hardlining is still by far the best option available.

    1. Hardlined cameras need to be physically accessed and the cables snipped in order to disrupt them, and most cameras offering hardlining now feed Ethernet through their bases, providing additional protection.
    2. Most sub-20 camera systems can run for up to an hour or two on a 500VA UPS, and up to a week or more with PowerWall backups, defeating intentional power outages.
    3. A fully airgapped system can defeat any sort of direct Internet intrusion.
    4. Shielded Ethernet can help protect from crosstalk attacks provided they are correctly grounded with the appropriate switches.
    5. Hardware auth between cameras and the DVR can help defend against direct attacks via an unplugged cable or an open wall jack, in that only approved hardware can make the needed connections with either end.
    6. Encrypted communications between cameras and DVR can enhance the security of data across the wire.
    7. A brace of identical dummy cameras - similarly powered, if they have external indicators - alongside real ones will waste the time and effort of attackers who conduct physical attacks, while keeping recording-infrastructure needs to a minimum.
    8. Bonus if identical but “dark” Ethernet is similarly spoofed throughout the building, as not only will it confuse physical attackers, but it’ll also be already in-place for future communications-infrastructure improvements.
    9. DVR needs to be in a secured location, ideally fireproof. In combination with № 7 and № 8, a dummy DVR (with live screens showing actual content) can exist elsewhere to distract any physical attackers.

    Sure, this list isn’t 100% coverage, but it gets you nearly there with a minimum of effort.

    • hydroptic@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      46
      arrow-down
      1
      ·
      10 months ago

      You have some interesting ideas about what a minimum of effort looks like

      • rekabis@lemmy.ca
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        2
        ·
        10 months ago

        If you are in the middle of a frame-off gut of a home, as I currently am, much of this is trivial to implement.

        Even my parent’s 1978 home, with it’s drop ceiling in the basement, would not make most of this all that much more difficult.

        • hydroptic@sopuli.xyz
          link
          fedilink
          English
          arrow-up
          20
          arrow-down
          1
          ·
          10 months ago

          If you are in the middle of a frame-off gut of a home, as I currently am, much of this is trivial to implement.

          A notoriously low-effort endeavor in itself.

          “It’s doable with a minimum of effort as long as you have your house gutted down to the foundations” isn’t exactly the shining defense of “a minimum of effort” that I expected to read

          • GBU_28@lemm.ee
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            3
            ·
            10 months ago

            Go in your attic for 20 minutes. Throw some Ethernet around. You don’t even have to plug all of it in lol

            • Telodzrum@lemmy.world
              link
              fedilink
              English
              arrow-up
              12
              ·
              10 months ago

              I had to buy almost $500 of mdf to get around my attic well enough to pull cable for backhaul. It’s not as easy as you make it sound in a lot of cases.

            • Drusas@kbin.social
              link
              fedilink
              arrow-up
              7
              ·
              10 months ago

              Not all attics are that accessible. Mine is basically an above-house crawlspace full of insulation such that you need a mask.

      • AA5B@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        10 months ago

        Right, and always remember they’ll go for the easy win first. First choice is likely walk in an unlocked door, then kick in one not visible from the street, or if you really want in, break a window.

        The thing is, even if you get a good shot of the person doing it, it probably can’t help find the person, only prove that it was them, if you find a suspect.

        A better use is to get that early warning of what is happening as soon as it happens, and get a response going, but what’s the response time from your local police department? A smash and grab gets them on their way with your valuables, with very little chance of police getting there on time

        That’s when we’re back to physical security and it may not be what you think. Can you reinforce your lock plate and door jamb to make it difficult, noisy, and time consuming to kick in a door? Are there windows they can easily get in and what can you do about that? Are there hidden places where they can break in without being seen? If a light suddenly comes on or alarm goes off, will they leave in case someone looks?