Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Robert Graham Profile picture
@robertgraham
Jul 11, 2018 8 tweets 2 min read Read on X
Scrolly
So as a techy, I want to comment on this. Hikvision cameras do have issues -- such as phoning home to the Amazon cloud.
Streaming video from a home surveillance camera to your mobile phone is tough because both sides have firewalls blocking incoming connections. So instead, both create outgoing connections to Amazon cloud, which then passes video from one to the other.
What's going on here isn't clear in the product description. All you, the user, know is that you an use your app to stream video from your security camera.
It's also usually all encrypted with SSL/HTTPS, so you don't have visibility into exactly what it's sending to the cloud. Though, you can tell if it's currently streaming or not, purely by volume of traffic.
Not all cameras do this, but sending encrypted data to cloud servers is such . normal thing it wouldn't immediately be evidence of something malicious.
Streams to the cloud aren't end-to-end encrypted, which means when you stream to your phone, they can grab a copy of it, with no evidence they've done so.
However, if all you want are internal streams, you can microsegment and firewall the cameras so there's little chance of "phoning home to China".
BTW, when masscanning the Internet, Hikvision cameras are one of the more popular devices I find exposed to the Internet -- because of the difficulty of getting video streams through firewalls, they are left exposed by default.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Robert Graham

Robert Graham Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @robertgraham

Robert Graham Profile picture
Apr 9
Hi. Professional C/C++ programmer here. The open-source code I can find written by Adam Back and Satoshi Nakamoto don't look remotely similar.

Back's code looks typical of academic Unix programmers who also hack their code to run on Windows.

Satoshi code was written by a professional Windows programmer who also wrote for Unix.

Stylistically, they look nothing alike. There's not enough time between 2005 when I can find the newest Adam Back and January 2009 when Satoshi published Bitcoin/0.1 to account for the change. Both are perfectly competent programmers, but stylistically, they are completely different.

The NYTimes tried to compare their English language in posts/emails. I'm compare their C/C++ language in their open-source code. The NYTimes merely points out they both use C++ as if that's another corroborating detail, when the actual code seems to disqualify Adam Back.
The source I'm looking at:
hashcash.org/source/
github.com/0xMagnuz/Bitco…
I was a professional Windows C/C++ programmer throughout the 1990s that had to also make code work on Unix. Satoshi's code speaks to me -- that's exactly the sort of code I wrote, down to using 'printf' instead of 'cout'.

What I mean to say is that he's gotten rid of all the C++ class hierarchy nonsense and is primarily using C++ as a smarter C with lightweight objects.

It's a VERY distinctive choice. Conversely, the "style" (where he puts spaces and braces) is non-distinctive, looks like all other code.
Read 4 tweets
Robert Graham Profile picture
Jul 19, 2025
Okay, here's how this lie works:
1. everyone agreed that Russians did not hack election infrastructure
2. everyone agreed Russia meddled with the election in other ways, such as hacking the DNC and releasing emails from Podesta et al

Tulsi intentionally confuses the two.
Tulsi deliberately creates a false narrative.

She correctly notes that the intelligence community concluded that Russia '"did not impact recent U.S. election results" by conducting cyber attacks on infrastructure'.

She then correctly notes the next day they discussed election "meddling".

She then says the claims of "meddling" contradict the "no infrastructure attacks" claims. This is false.

They are two different things, they don't contradict each other.
Read 4 tweets
Robert Graham Profile picture
Nov 16, 2024
🧵So let's talk about the difficulties Netflix is having streaming the Tyson v Paul fight, how the stream gets from there to your TV/computer. This will a longish thread.
In 1985 on his first fight, TV technology was based upon "broadcasts". That meant sending one copy of a video stream to thousands, often millions of receivers. A city would send the signal to a radio tower and broadcast that signal across a wide area.
In today's Internet, though, everybody gets their own stream. There is no broadcasting, no sharing of streams. Every viewer gets their own custom stream from a Netflix server. That we can get so many point-to-point stream across the Internet is mind boggling.
Read 24 tweets
Robert Graham Profile picture
Sep 17, 2024
By the way, the energy density of C4 is 6.7 megajoules/kilogram.
The energy density of lithium-ion batteries is about 0.5 megajoules/kilogram.
C4 will "detonate" with a bang.
Lithium-ion batteries will go "woosh" with a fireball, if you can get them to explode. They conflagrate rather than detonate. They don't even deflagrate like gun powder.
To get a lithium-ion battery to explode (in a fireball) at all, you have to cause physical damage, overcharge it, or heat it up.
Causing heat is the only way a hacker could remotely cause such an event.
Read 8 tweets
Robert Graham Profile picture
Jul 21, 2024
I don't want to get into it, but I don't think Travis is quite right. I mean, the original 25million view tweet is full of fail and you should always assume Tavis is right ....

...but I'm seeing things a little differently.
🧵1/n
2/n
 DON'T TRY THIS AT HOME

I'm a professional, so I can take the risk of disagreeing with Tavis. But this is just too dangerous for non-professionals, you'll crash and burn. Even I am not likely to get out of this without some scrapes.
3/n
 To be fair, we are all being lazy here. We haven't put the work in to fully reverse engineer this thing. We are just sifting the tea leaves. We aren't looking further than just these few lines of code. Image
Read 14 tweets
Robert Graham Profile picture
Jun 18, 2024
The reason IT support people are so bitter is that YOU (I mean YOU) cannot rationally describe the problem:

You: The Internet is down
IT: How do you know the Internet is down?
You: I can't get email.
IT: Is it possible that the email servers are down and the Internet is working just fine? Can you visit Twitter on your browser?
You: Yes, I can visit the twitter website.
IT: Is there any reason other than email to believe the Internet is down?
You: The last time I couldn't get email it was because the Internet was down.

The fact that IT doesn't call you a blithering idiot on every support call demonstrates saintly restraint, even if a little bit of their frustration leaks through.
A lot of good replies to my tweet, but so far this is the best:
I very much like this rebuttal. I was think of "driving a car" analogy, but this tweet says it much better.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(