I'm assuming many have seen this.  What are your thoughts?

Personally, I have 14 Hikvision cameras (1 is an OEM by Annke) and I have no concerns.  All of my cameras are on their own isolated VLAN along with the PC that runs Blue Iris.  The entire camera IP range is blocked from all internet access and I have changed all default passwords.

It is a waste of money by the government to do this in my opinion honestly when all they'd have to do is set up their networks correctly to eliminate any potential security issues.

Yes, but then you are expecting the government to set it up correctly.  They couldn't even keep systems with people's personal information secure.

Yes I really do.  It doesn't really matter what the brand is as everything is vulnerable and should be isolated.

For government usage, yes, any Chinese sourced equipment....or any equipment known or suspected to have an installed vulnerability regardless of source....should definitely be on the prohibited list.

I have no doubt about that.

Even if the network is set up correctly, the device may decide to change its settings or phone home.
We don't have any idea since we don't really know if there's a back door in the device management code.

They can't phone home if the firewall is set up to block all internet traffic to/from those devices like it should be.  The also can't have a backdoor accessed without internet access.

My cameras can see the Blue Iris PC and that is it.  No internet and no other devices on that VLAN.

I do the same as op, but these devices are definitely sketchy and I'm pretty sure we're the outlier, many are set up with at least outbound connectivity...

I've watched outbound stats on my firewall rules and if you turn off the remote viewing option of the cameras they dont even attempt to connect to the outside world in my experience.

I will say though that I only buy US market camera's so the grey market might be different.

They don't need to be remote controlled. If you put in a date and time, they can do something based on that at some predetermined time in the future.

Maybe they can't get out of your intranet, but are you sure they can't break stuff inside your firewall?

I dunno, I'm kind of frustrated with my hikvision cameras. I have 5 on wifi at 2 different locations. One set is on Charter Spectrum digital cable and they are rock solid as far as reliability. The other 3 at the other location are on an AT&T digital business line and they are shaky as fuck. 2 work when they want to. The third is locked up tight with the password changed. I'm going to have to physically take it down, open it up and punch the reset button on it and see what it does.

And they don't really look at anything. One looks down over a maintenance yard where they load lawn mowers. The other looks at a greenhouse door, and the third looks at my office door. Not even inside the buildings, just the outside. Not like you're gonna see anything even remotely fascinating. And all 5 of the units connect to the same model of outdoor Ubiquiti access point.

It's just weird. I dunno if it's the providers screwing with the ports and access or if someone just tinkers with them at night when the PC's are shut down.