this post was submitted on 19 Feb 2024
490 points (99.2% liked)

Technology

59223 readers
3057 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
490
Wyze says camera breach let 13,000 customers briefly see into other people’s homes (www.theverge.com)
submitted 8 months ago by [email protected] to c/[email protected]
95 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 8 points 8 months ago* (last edited 8 months ago)

I am in the process of adding a couple security cameras and have been amazed that the majority of consumer brands essentially claim ownership of their customer's video content. They block access outside of their apps, charge for access and control of that video, and then fail to secure the video content they've claimed. It's another case of buying not equal owning.

Wyse, Eufy, Ring and Next have all had breaches of various kinds. Wyse took three years to fix major vulnerabilities. TP-Link has been sued by the FTC for failing to address router and camera flaws. Ring repeatedly provided video to law enforcement without a warrant. Even Roomba vacuum's video footage has been leaked by the company entrusted with it.

It is clearly much more profitable to ignore breaches and vulnerabilities than to prevent them.

Allowing any video to exit your home network and be stored by a corporation is just asking for trouble.

[–] [email protected] 16 points 8 months ago (1 children)

This is why I always sigh when people get cameras for security. It's only as secure as the weakest link. And if you don't know what the weakest link is, you are boned.

[–] [email protected] 8 points 8 months ago* (last edited 8 months ago) (1 children)

Every single one of my "internet facing" devices is blocked from accessing the internet at the router. If I want to access them they either get added to my HomeAssistant instance or another computer that's only accessible from the outside through my VPN.

All of the convenience with the privacy concerns practically eliminated. It costs $6 a month in hosting for the VPS I set the wireguard server up on.

[–] [email protected] 7 points 8 months ago (1 children)

Every single one of my "internet facing" devices is blocked from accessing the internet at the router.

This would be a lot more common if router software stopped being developed in the fuckin 80's. Unless you get a commercial product they're all so cryptic, and difficult to navigate.

[–] [email protected] 5 points 8 months ago* (last edited 8 months ago) (1 children)

Routing, NAT and firewall are pretty complex things because its the backbone of everything: phones, websites, enterprises, government. It all uses the same tech. And very few networks are the same (the exception being consumer broadband home networks).
The money for development is in the products for enterprise, so they have to have all the tuneables available and seem hugely complex to non-specialist users.

So, there arent really any "easy" router/firewalls that are also flexible.

Ubiquiti & TP-link do Software Defined Network stuff, abstracts away a lot of the complexity. But as soon as you want to do anything complex, you are digging into CLI and might as well use something designed for that.

OpenWRT is apparently pretty good. Ive never used it.

I now use OPNSense. Essentially freeBSD set up as a router/firewall, with a nice webGUI and loads of flexibility.
I feel like this is what you are looking for

I also dable in Mikrotik routers, and im considering moving to their RouterOS... Or even one of their appliances.

openWRT, OPNSense, RouterOS can be installed on your own hardware. So you could use an old desktop, stick a decent network card in it and use that with a bridge modem.

[–] [email protected] 2 points 8 months ago

I got a Synology router which is absolutely far from the best hardware but it is so human readable. I don't have to guess what anything does, or what sub menu it is under. That was worth the premium for me.

I tried openWRT on a TM Ac1900. It is not an easy process to get that loaded - I can tell you that.

[–] [email protected] 13 points 8 months ago (2 children)

I've got several Wyze cams around my house and one inside facing the main living room/kitchen area. I realize it's an imperfect system with flaws, but at the same time that living room camera is also the reason I was able to file abuse charges against my ex wife. Not a scenario I'd want anyone to deal with, but in my case it turned out to be some of the best money I've ever spent.

[–] [email protected] 2 points 8 months ago (1 children)

Right on, man. Where is she now?

[–] [email protected] 3 points 8 months ago

Out of my life, I used the video evidence to land her ass in jail and filed for divorce. She managed to claw her way out of the gutter after using crack and becoming a prostitute.

[–] [email protected] 8 points 8 months ago (2 children)

You can have security cameras without putting them on the Internet for anyone to access.

[–] [email protected] 2 points 8 months ago (1 children)

You are correct. But to be totally honest, Wyze offered an affordable cost and a low barrier to entry. It's a tradeoff that worked out for me, but I get that it's not the same math for everyone else.

[–] [email protected] 1 points 8 months ago (1 children)

There are onvif cameras (IP camera standard that lets it work with any software) that are as cheap as Wyze. Plus many have microsd so they can work without any network.

[–] [email protected] 1 points 8 months ago

Again you're completely right. I'm just saying that when it comes down to it, 99% of folks are not going to host their own system. And in my personal, specific case, I judged the rewards to heavily outweigh the risks, which ended up being correct. YMMV.

[–] [email protected] 5 points 8 months ago* (last edited 8 months ago)

To be clear you block internet access at your router. Do not trust the camera not to phone home.

Depending on your router - this is either very difficult, or a single click but I've never seen it be impossible.

[–] [email protected] 17 points 8 months ago

Internet Of Things - where the "S" in the acronym stands for security...

[–] [email protected] 0 points 8 months ago (1 children)

@catculation This has happened before and is a really big issue, but wouldn't some sort of network segmentation have helped prevent this especially as it's happened before?

I gave away my wife's Wyze camera and moved to Ubiquiti. It cost me a small fortune.

Not self-hosting at the moment but still, nothing can be as bad as Wyze, right?

[–] [email protected] 1 points 8 months ago

I've got eufy cameras...

[–] [email protected] 47 points 8 months ago (1 children)

lol again, Wyze? This happened last year. Love that they’re downplaying it, “we’ve identified only 14 people that were affected.” They have a privacy issue. A big one.

[–] [email protected] 15 points 8 months ago

Man I saw the headline and I'm like, "Oh, this is old news. Why is it on here?" Then I read your comment and realized that this is actually a second breach. What a mess!

load more comments
view more: next ›