The Graveyard - Products No Longer Supported > DCS-930L
Java (or D-Link) Strikes Again ?
nullit:
Suddenly one cannot get live video at the cam's browser setup page, nor at any other cam viewer application using Java.
The pop-up message box reads : Application Blocked for Security. Certification has been revoked. The application will not be executed.
The error message's "More Information" button shows that java.security.cert. got revoked for reason:UNSPECIFIED on Jul 03, 2018, apparently by Symantec.
However, proceeding to "View Certificate Details" reveals it is valid till "Thu Sep 20 19:59:59 EDT 2018".
Closing the error message and following the setup page's invitation in the "Live Video" window to "Click for details" reveals the Name: of the application as "cvcs" and, under button "More Information", that "User has denied the privileges to the code".
So, D-Link either requested the certification revoked, or they simply removed the "cvcs" code without warning. I have not been able to find a D-Link rep. or tech. with an answer other than DCS-930L is being discontinued and that there are newer cams around.
I have 7 of these cams operating and an associate of mine another 4, but all virtually dead since July 3. Any info as to what is going on is urgently needed.
Thanks in advance.
.....
PS.: Browsers: FF ESR 52.9.0 and IE 11.112.171340. DCS-930L FV=1.16
GreenBay42:
D-Link recently discovered that two of its code signing certificates were misappropriated. Upon discovery, we immediately decommissioned the certificates and investigated the issue. Like several other companies in Asia, D-Link was victimized by a highly active cyber espionage group which has been using PLEAD Malware to steal confidential information from companies and organizations based in East Asia, particularly in Taiwan, Japan, and Hong Kong. The two affected D-Link certificates were revoked, effective July 3rd, 2018. New certificates have been issued to resolve this problem.
Most D-Link customers will not be affected by this issue. However, if you have concerns, please check your local D-Link Support website regularly for updates. D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. D-Link will continuously provide updates signed using our new digital certificates.
Vesku:
so, I can’t use my 5020 camera because of this and I don’t find any updates. What should I do to get the camera work?
Dossier:
Hello. Where can I obtain the new certificate(s) referred to? We are using DCS-5009L cameras.
GreenBay42:
D-Link is working on the new certificates. I am not sure if this will only affect the plug-in and/or new firmware for affected products.
You can still use the mydlink Lite or mydlink apps to configure/view your cameras.
View this periodically for updates - https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10089
As stated in the above link,
1. New firmware for affected models are being developed and tested. The mydlink mobile application will notify you to update for registered cameras in the event of a new firmware release.
2. This issue will not affect the mydlink mobile applications. This certificate revocation affects viewing and configuring the camera from within a web-browser.
3. if you require the use of the web-browser, you can reconfigure your browser temporarily to ignore the revoked cert. Please note this setting should only be used during the use of camera, and otherwise turned back to default.
For Mac OSX:
Go System Preferences> Java> Advanced> Perform signed code certificate revocation checks on, select "Do not check (not recommended)"
For Windows:
Go Control Panel> All Control Panel Items>Java> Advanced> Perform signed code certificate revocation checks on, select "Do not check (not recommended)"
Navigation
[0] Message Index
[#] Next page
Go to full version