they sure did! I have a video of someone picking something up from outside a door.
Top-level
33 comments
@Viss @foone there is some method in the madness. if you've got a lot of transient video data, and you need access to a rolling window of it (either for buffering/stability purposes or for realtime analytics), storing it to disk ends up costing a fortune because you'll end up running headlong into DWPD limits on drives and having to swap them out constantly. but with RAM there's no such wear. for a few hundred concurrent clients you can do it on a single consumer desktop PC worth of RAM. @gsuberland @Viss @foone I first learned of this when I read that FFMPEG supports AMQP. https://ffmpeg.org/ffmpeg-protocols.html#amqp @Viss @foone Redis isn't required to flush to disk (the whole dataset is in-memory) and it supports blob storage, so it's not the worst option. my guess is someone ran the `save` command at some point (or they were doing periodic saves because they didn't separate out nonvolatile data into a separate redis instance) and foone's seeing that last snapshot. not a good sign to see a bash case statement for environment, and prod sets the server to FOOBAR.EGG anyway I'm gonna be near their HQ on thursday. Maybe I'll stop by and ask if they're still in business, and if they are, do they know where their NUCs are? and in case anyone is getting deja-vu: This is a completely different company than the other one I found like 3 weeks ago: I'm really not the right person to work in computer security research, but it'd be nice to have a sort of consulting job with a local one where I can just point them at some really broken shit and they investigate it and maybe give me a commission Why the fuck is this on hacker news? ugh. I'm gonna need to run my own mastodon instance, aren't I? If you found this on hacker news, you owe me 5$: @foone For single user (or small # of user) instances, you might want to look at the might lighter weight (and therefore cheaper to run): @foone honestly, you should probably see if the California Privacy Protection Agency is hiring investigators. @foone you can make some money (not a lot) from responsible disclosure to bug bounty programs But many companies like this don't have structured and rewarded bug bounty programs @foone where do you find these devices? eBay? A local recycling center? @foone@digipres.club yeah thats the one i rememberd @foone hm, are you *sure* they are bankrupt (i mean, not just technically 😆), if this was in production as of 2 months ago, maybe they just scaled away from this infra and sent everything to ewaste after migrating. @tshirtman yeah. they may have just moved everything to cloud-hosted and didn't need their wall of NUCs |
@foone ffffffffffucking what? they stuffed entire videos INTO REDIS?