Technology

57432 readers

3692 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

889

Wyze security camera owners reported that they could briefly see feeds from cameras they didn’t own (www.theverge.com)

submitted 11 months ago by [email protected] to c/[email protected]

120 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 10 points 11 months ago (1 children)

It is a bad idea. On one hand, we have the mean to make them quite secure. There is no such thing as an unbreakable encryption, but with proper key management and using decent enough algorithms we can totally do something that puts your camera out of reach of most thing that are not nation-scale organisations. On the other hand, it's mildly more inconvenient than "installing an app and entering your email", as it might require stuff like doing a tiny little bit of setting up.

So, the unsecure/"trust the service" way it is.

[+] [email protected] 0 points 11 months ago* (last edited 11 months ago) (2 children)

[deleted]

[–] [email protected] 4 points 11 months ago

There's certainly a middle ground between IOT cameras sending a constant stream out to an internet server and a completely private circuit.

First, let's put the NVR inside the network so that we aren't constantly broadcasting to the internet.

Then let's not allow direct access to the cameras from the internet. Instead, we connect to the NVR via a VPN.

You keep control of all the recording and storage infrastructure, and you don't place your trust in these corporations that have been found over and over again to be lying or overstating their security stance.

[–] [email protected] 1 points 11 months ago

It's a bad idea because of the de-facto "requirement" that people want everything available everywhere with zero setup, causing cheap, completely insecure solution to become the norm. Just don't use "cloud-based, app-enabled zero-config ultra easy trust me bro I know what I'm doing" camera and get proper stuff that allows you to control what goes where and use decent encryption.