I analyzed seven firmware images from a major IoT camera vendor and found shared private keys, plaintext cloud protocols, and a command injection chain — all baked into the architecture from day one. This isn’t an end-of-life problem. It’s a design problem.

DES crypt hashes with a $ character in the salt — generated by musl libc on OpenWrt routers — break every standard cracking tool. Here’s why, and the one-character fix.