The idea of the Chinese trying to infiltrate your computer by some kind of spyware that auto-installs on your computer being deliberately shipped installed on some peripherals is somewhat ridiculous simply because it would be discovered immediately by some single-digit percentage of users who plug the thing in.
Maybe, maybe not. Some of the exploits out there are completely silent unless you have HIDS on your system that can detect it. In one of the InfoSec classes I took, we practiced taking over machines remotely. Those exploits gave no notification on the host side. It was more than a little scary how much access and control one could get on a remote machine. That was just the well known stuff already "in the wild".
And if you were going to worry about this, why start worrying with this particular device? I'm going out on a limb with this: but aren't a large portion of flash-based thumb drives which almost everyone owns made in China? Sandisk Cruzer excepted, as we already know it installs something on your computer, though I doubt it's malicious.
I've been worried about this for a while, but the sudden strong interest shown here was what made me say something. Think about it for a second. The sudden "ooh shiny" response to the original post would happen on a larger scale and a bunch of people would buy and use the device. I'm not saying it couldn't happen elsewhere (thumbdrives, etc), just that this was a good example of such a vector.
Not jhust flash drives, but most computer hardware and software are manufactured (if not coded) in China. Hardware, drivers, installers, software, music and movies, all down the line. If it relies on bits and bytes in any way, odds are good that at least some part of it came from China and could potentially be "compromised".
If you're gonna bork out over video cameras that might be trojans, you'd have to be equally worried about everything else at all that you buy to use with your computer. I see no reason to believe that these particular video cameras are special or more deserving of concern.
Truthfully, I am concerned about all devices and chips coming out of China. The problem is overwhelming and I'm not sure what to do about it other than avoid using devices that don't at least come from a well known company (sandisk for example).
Ah yes, COTS. And we're worried about little video cameras being compromised?
Not just the cameras, those are just a recent example of how it could work (ooh, shiny, cheap new toy...must have!). If it came from a known company, I might not be as bothered, but the cheap nameless stuff from China always seemed a bit hinky to me.
If these little video camera thingies can't be trusted, then the implications are huge. Video cameras would be the least of our concerns. That level of paranoia would be completely paralyzing.
Yup and I don't have a good answer for it. All I know is a lot of threats come out of China these days. Most of the hits I get in my security logs come from China. Part of the reason Google is pulling out of China is the InfoSec threat on their systems. I truly feel having them build our computer "stuff" is like having the USSR produce such products during the Cold War. They aren't our friends. Unfortunately, it's a bit late to be worried (the time was 15+ years ago).
Chris