[mrcu5]

The title makes it sound like there is a security issue with the cameras, but the "hacks" are from password leaks.

[bronson]

That's still a security issue with the camera. Maybe passwords are insufficient for their role.

Edit, further discussion (from 15 mins ago): https://news.ycombinator.com/item?id=21776250

[baroffoos]

At some point we have to admit that passwords have not worked and the general public does not understand how to use them despite decades of education attempts. This problem would be entirely solved if they enforced the use of 2fa

[ehsankia]

At the very least, have e-mail 2fa for new devices, it's fairly trivial, isn't too annoying, and works decently enough. Most banks and important services do this. Whenever you login for the first time on a new device or far away IP, it sends you an email to authorize the new device. It's pretty trivial but goes a long way.

[surround]

The cameras should be hard wired or at least hosted locally. Allowing open connection to the internet is a serious security issue.

[brianberns]

I agree, but isn’t the remote access “feature” a big part of the marketing for these devices? E.g. check on your pet when you’re at work.