They were stealing cars before this dashcam, they'll be stealing them after this dashcam - doesn't make a blind bit of difference. The only people that are concerned about this type of theft are sales staff - thieves look for much easier routes.

 

If you want to break in to a particular person's house - stand outside, watch the car drive off and...   why the need for dashcam images?  People have been watching too much James Bond.

6 hours ago, Scot5 said:

They were stealing cars before this dashcam, they'll be stealing them after this dashcam - doesn't make a blind bit of difference. The only people that are concerned about this type of theft are sales staff - thieves look for much easier routes.

 

If you want to break in to a particular person's house - stand outside, watch the car drive off and...   why the need for dashcam images?  People have been watching too much James Bond.

 

Which is why people use keyless repeaters to steal cars, as opposed to a brick.

 

Criminals don’t want to get caught, so an extra 5 minutes with an app freely available to them, to seriously reduce the risk of being caught is a good investment.

I think this post was originally titled 'cautionary note' to assist people in taking their awareness of their connected devices' capabilities; not theorising on 'how thieves can use it to steal your car / possessions'

 

'Thieves' are 1 threat actor, and come in a variety of shapes and sizes. Most of the comments above address common criminals... I was addressing the more likely threat actor of other potential attackers being able to observe locales (home address, local area etc.), daily routines (work, home, travel arrangements), targets of interest (car, houses, people), and listen in on conversations (personal, family, business phone calls etc. of a confidential nature).

 

The key thing is that before BlackVue changed the setup, any attacker could use it in OSINT (or Open Source Intelligence-gathering) - which requires minimal technical know-how to get information, which means 'anyone' with access to the tinterwebs could have access to any 'open' dashcams by exploiting an obvious vulnerability.

 

Now they've changed it, it is much harder for an attacker to exploit; they would have to have access to compromised information or target specific devices in order to get access to a much more limited range of footage. This would require more technical know-how, as well as increased time and luck.

 

@Scot5 - I agree with you: sensationalist media 5hits the bed about Data Protection and 'Cyber' security all the time, but try to ignore it.

 

'Security' is the essential thing, and that's just good risk management. The whole point of taking personal security seriously is identifying (as @cheezemonkhai said) where you can reduce the risk - accepting, avoiding, mitigating (putting better controls in place) or transferring (liability - e.g. insurance) the risk.

 

Work chat over.

Oh god, feel like I've stumbled into a meeting held by audit.

Audit tells you what's wrong, but doesn't tell you how to right it. I like to highlight and help