Intel chips are compromised as we know from recent years of revelations, big brother style. My point was with so many devices easily compromised these days by so may entities that one brand or flagships device or range in the market place that is seen and is actually the most hardened against such compromise would be ideal and a value that many would happily pay extra (or at least help Apple maintain margins). I would imagine $$$ are an important goal for Apple.
How exactly are they compromised. CPU's carry out actions, they don't think for themselves.
Your camera incident was more likely one of the following.
A daughterboard like component was doing the communication. Intel is not responsible for vendors who tack on stuff after they send out the processor. Intel is not responsible for spurious comms if after a trip to the electronics market in Seoul I scored a killer card that "fell off the back of a truck". Who made it? I don't know...but its a killer knock off for a handful of won. Guess I got the added payload built in as a free gift lol.
In your planning no actually did controlled network load testing in the confines of the current network, camera's eat up bandwidth.
Your camera's bought may have used less than stellar codices. this is where the expensive stuff rates its high cost. they use advanced codices and technologies. Camera 9 is staring at a wall all day long. Codex used says lets make this a static image of sorts and be reduced in size.
Camera basically goes If something changes I will record and notice. If not...I will not kill the network broadcasting in high res a wall that has not changed in 4 hours. Cisco does this. we tested this as we implemented a cisco based CCTV system...high traffic areas eat up some bandwidth. A cam in a much less active area, less bandwidth use. Same model camera, same settings, talking to same dedicated cisco switch.
And tbh a mid to large scale camera implementation should be on its own network. For the 2 above reasons. Cisco doesn't advise and sell CCTV systems with VSOM, switches and routers, etc because its a nifty way to make people spend lots of money. Its done to avoid this very reason your implementation hit. On a segregated network even if it kills the network...it kills only the camera network. Business side network is fine.
the camera network is closed off. you can better monitor traffic. Since there should be no say sql server in the camera network....seeing port 1443 traffic is a quick sign something is awry. and you can kill this traffic. you can set the network to allow only those ports needed for the cams plus others admin side may need.
Chinese snuck in evil code to lead to the destabilization of the US on doom port (port 666)...sucks to be them. That traffic dies in a bit bucket. routers can be ghetto firewalls...acl rules says no 666, that traffic no longer passes. Or put a real firewall in.
tl;dr the issue you had was not intel's fault. IoT took off rather quickly and many hacks that exist are there because it took off with consumers too well before good security policies could be in place. With IoT too many people said why the hell would I pay cisco so much damn money for CCTV system when this does it for so much less. Well...now you know why. Cisco uses that same IoT tech. Thing is they build in security around it. And you pay for it. Pick your poison as always.
