I mean, any security camera that does anything with the cloud should never make it onto a recommendation list in the first place.
I'm not sure if the product exists, but something that replicates a homemade setup would be amazing.
Think of a bundled camera(s) + raspberry pi + 1tb backup drive or whatever that you can only access over your own dedicated personal wireguard vpn (or tailscale, something like that), but sold as a retail bundle.
Of course, that would cut out all the SaaS/app data selling aspect so it seems unlikely to happen.
The market for a product that requires the buyer to setup a VPN is not going to be very large. You seriously overestimate the average tech competence of people. It needs to be something you just plug in and it works.
A) If customers can't manage select a properly secure cloud camera system, what makes you think they're going to do a good job picking a VPN vendor and setting up their product? But perhaps more importantly..
B) What about the apparently huge majority of us that prefer these devices precisely because the video is not stored on-site?
One of the reasons for them being sold out is a lot of the demand for Raspberry comes from industrial customers. For example, back in 2020, they made up 44% of total Raspberry Pi sales.
3.2 million users subscribed to the main raspberry pi subreddit alone. That shows there's a pretty good amount of users for a hardware product like this.
Plenty relative to a small absolute number overall - right? I don’t know RPI sales but the difficulty buying them doesn’t signal that loads of average folks want to bother.
I have both RPI local cam set up and Wyze. Despite concerns, hard to argue with pure convenience of Wyze (and similar products)
I could, however, imagine you buying a "$BRAND hub" for your "$BRAND camera" and other $BRAND IoT that ostensibly set-ups a tailscale kinda thing you can access via the $BRAND App, all while not touching the cloud.
It's ostensibly the same UX as the current cloud set-up, only without the operational costs of running a cloud service.
> I could, however, imagine you buying a "$BRAND hub" for your "$BRAND camera" and other $BRAND IoT that ostensibly set-ups a tailscale kinda thing you can access via the $BRAND App, all while not touching the cloud.
I'm confused by the use of the word "ostensibly" there. Do you mean that the makers would claim that it would set up a tailscale kinda thing for you while doing something completely different to avoid the cloud?
No, I used "ostensibly" to indicate that it wouldn't nescessarily be Tailscale but some sort of VPN that appears to have a similar UX. Honestly probably not the correct phrasing.
Wyze camera setup is pretty straightforward. Add a camera in the app, it opens a QR code on the phone screen, and you just scan that with the Wyze cam. It seems fool-proof.
With that being said, I did still have to setup the Wyze cameras for my 50 year old tech-inclined dad, haha.
An IP camera that requires the customer to set-up and secure outside access themselves will not sell to end users. The market is just too small and anyone who has the skills to secure this stuff themselves doesn't have to rely on a consumer grade product.
Me, I am a potential customer! I have the skills to set this stuff up but don't have the $$$$$ to go with a commercial grade solution. Something more in the raspberry pi paradigm of price to performance is exactly what I'm looking for in this space. Just give me a cheap camera and access to io.
Unless I'm misreading, it's not available at this time:
> RTSP was considered a beta feature and we are currently assessing the path forward as the firmware versions have aged quite a bit. We have removed the firmware files for these versions for now and we’ll update the pages when plans are finalized. Please note that firmware files take a while to work on and test so you may not see an update in the near future.
Idea: could you cut off external network access and then point a server (e.g. HomeAssistant server on RPi) to the RTSP feed from the camera within your network?
your certainty is not based on reality.. "pet rocks" sold millions; BetaMax failed; great movies went unwatched, where stupid schlock got paid. Markets are not predictable entirely at all.
This is an established market, we are looking at the the survivors. It's reasonable to assume that a product we come up with within 5 minutes has been tried and didn't make the cut.
I'm in two minds about Ubiquiti products. They're starting to become a bit more user hostile and I don't entirely trust their web based products.
However, you can set things up to run locally with self hosted servers. I've got a couple of wifi points, a switch and the old security gateway along with a couple of their cameras. I've got the Unifi device management software running in docker on a Raspberry Pi swarm and the old Unifi Video server running on x86 hardware in docker. It's probably about time I figured out how to self host the Protect server and move the cameras to that.
So don't read the article as being about Unifi currently being backdoored by the NSA, but that the USG3 was one of the products using the Cavium/Marvell chips with the flaw that were being used globally in 2013 when the Snowden archive was released.
I know OPNSense is using AMD Epyc(embedded) in their routers and that their software is open source. Maybe not enterprise enough, or too big for consumers, but I've been rocking the DEC3860 and it's been a really smooth ride. Is AMD compromised? It wouldn't surprise me...
That’s not ubiquity specific that’s all cavium based networking gear which is a substantial fraction of all networking gear. I’d be shocked if similar back doors aren’t present in other common network chips.
Do you honestly believe that a now public NSA style backdoor will never be used by anyone that is not NSA? Of course goofy script kiddies will be using this to see what cameras are seeing and then do a range of things from posting embarrassing images to the web for the lulz or up to blackmailing people. that's with less than 3 seconds of thinking about what a vuln could do for non NSA types
I think having all of this stuff behind a firewall and not exposed to the internet makes a pretty big difference. If an attacker gets onto my LAN, it's game over.
Mass produced consumer gear that is also perfectly secure probably doesn't exist. I assume everything I use has bugs and none of it will stand up to a dedicated attacker.
As for blackmail, my cameras all point outward. I suppose they could threaten to report me to the HOA when my grass gets too long...
I'm almost certain it does have the same issue. I don't believe there's any networking gear out there that is believed to be bug and exploit free now and expected to stay that way in the future.
I believe a dedicated hacker could use the microphone and camera in my phone and laptop to spy on me. They could look at the street in front of my house. They could see my entire browser history, everything I've printed, every call I've made, everything I've said over email or text message.
What a strange take. You are saying that we probably shouldn’t use the internet at all, because there is potential for something to go wrong. You probably shouldn’t live in a house either, because someone might break in. We should probably stop using bicycles or even walking because you might fall and hit your head…
I think the take is far far narrower than that. Although there is no practical/technological problem of hosting your security cam videos on 3rd party servers there is a legal problem which is once you do that data is no longer legally yours and can be silently used without your permission.
I think the minimum requirement for a legally secure cloud hosted camera is E2EE and the camera can't upload unencrypted video at all without the decryption key from the owner.
Imagine the customer support costs of trying too help users troubleshoot VPN connection issues to their phones when they don't get their alerts.
And the huge mess of bad publicity, when someone breaks into a home, and as part of the theft, steals the device that has all the video of their crime.
Lots of vendors sell something like that you just need to look for an NVR. Ubiquiti, Synology, Reolink, Amcrest etc all sell products like this to varying extents, but other companies have realized you can make better money selling outrageous cloud subscriptions for subsidized hardware.
It would be nice to just have a data service you sign up to personally that basically just gives you an AWS bucket, and products such as this just takes a key and URL to upload/download with.
I mean, you’re not wrong, but the family of five that just moved into $SUBURB and demands max safety for some reason is definitely not gonna do all of that and will just buy Ring or Arlo.
I consider offsite storage a must-have feature for surveillance equipment, because one of the prime threats is that the thieves carry off the surveillance equipment itself. With modern WiFi cameras without mounting wires and cheap plastic mounting points, that's real easy, and if you had a physical server to store the recordings it would be a target as well; the history of surveillance systems is littered with examples of "The thieves stole the tapes, too".
Finding someone trustworthy enough to store your offsite footage, though, is a real problem. If only there were some sort of union of peoples capable of causing consequences for companies that act as poor stewards of data.
>If only there were some sort of union of peoples capable of causing consequences for companies that act as poor stewards of data.
Would be a great idea! Your wish is granted! Only one catch. The only consequence they can actually level is an insignificant fine ~ 1% of the profit they've made violating the law. Oh, plus a pinky pwomise to not do it again after a finger wag, or they'll get real angry, and the fine will be UP TO a whopping FOUR percent of profits!!!
Seriously though, re offsite storage, one could encrypt all data locally and then offsite anywhere, right? Could be google drive for all you care.
Most thieves are smash-and-grab, and not smart or motivated enough to go seek out your NAS to take with them. Danny Ocean is not breaking into your house.
Besides, if the thieves were savvy enough to find and take your surveillance gear with them, they'd be unlikely to expose anything meaningful (like their faces) on your video feeds anyways, right?
There are two ways to accomplish this: poke a hole in your home firewall and expose the camera feed to the entire open internet, then attempt to add some kind of authentication system. This is very very hard to get right, don’t do it. The other option is to tunnel your internet connection on the remote device back into your home network so it looks to your remote device like it’s still at home. That’s called a VPN.
Neither of these options are great, IMO. I'd prefer to have a proxy that transparently forwards e2e encrypted traffic with out of band key exchange. You can blast video over a 3rd party if you trust the software on either end to not leak your encryption keys. Sadly I think few services care much about this.
What kind of device? They make IP cams that push their stream to a preconfigured remote endpoint (with TLS). It would have to be a server on the public internet though, your phone probably wouldn’t work
> The fundamental relationship between smart-home companies and their customers is founded on trust.
Sadly, very few companies are trustworthy.
Not all of them are evil; wanting to get into their users' data; many are just cheap and lazy. They don't want to spend money on the types of employees and process that will result in trustworthy kit.
It's actually not hard to understand (less easy to forgive). The device market is crazy cutthroat. Margins are razor-thin, support costs can be high, and competition (especially with nation-state-funded competitors) is savage.
But I don't know how many times I have had one of my friends proudly whip out their smartphone, showing me live video of their kids playing at home, not realizing that their ultra-secure password ("fuckyouhacker") is no impediment to lots of others, getting the same feed.
sure, but you skipped a beat there .. you setup the context of device companies (agree btw), then skip right to a particular instance of security video use with a giant emotional content. But that usecase is "keep me safe from random unsafe other humans" .. when talking about the intentions and actions of companies you, the customer, are trying to use to keep you safe, you miss the part about trivial betrayal of trust as a company. The betrayal of trust by the company you partner with, due to low-cost, convenience and attractive tech, is what a third of YNews headlines are about today.
Random predatory individuals are bad, so are zombie apocolypse denizens.. but the subject of lawful-in-name-only betrayal, in very large commercial markets, seems much more to the point today, here.
> The betrayal of trust by the company you partner with, due to low-cost, convenience and attractive tech, is what a third of YNews headlines are about today.
Anyone have a recommendation for the an affordable security cameras that would works without a cloud? I want to replace a collection of Blink cameras. Looking for doorbell cam, indoor and outdoor. Home Automation integration a plus.
Ubiquiti, for some definition of affordable, if you want something that works out of the box.
Cheap IP CCTV cameras like Reolink, Loryta, or Amcrest, isolated in their own physical LAN (they're full of security vulnerabilities, but you can keep them isolated and not care), and combined with Frigate + HomeAssistant is pretty good too if you want to nerd out on a solution. I personally hate needing out on home computing stuff but this is the one place I chose to invest because off the shelf cloud solutions are _so bad_.
Reolink + Reolink NVR. Completely locally, you don't have to touch the cloud. I can access it from anywhere (after punching holes in my router for specific ports or just VPN). I ran ZoneMinder with IPCams for years before just getting the Reolink NVR (I already had mostly Reolink Cameras) and I'm still kicking myself for not doing it sooner. I have spent a grand total of zero minutes of maintenance on this NVR, I spent untold hours babysitting ZoneMinder. Also the NVR has RTSP (or is it RTMP?) feeds I can pull into HomeAssistant and use for display/processing.
So many times I'd go to pull up a feed in ZoneMinder and realize the system was down, locked up, having some other odd issue. With my Reolink NVR "It just works", it was worth every penny and it wasn't even that expensive.
Correct me if I’m wrong but that appears to apply to the cameras themselves which are not on my network. They plug directly into the NVR (which provides PoE) and are not exposed to the network at large.
Because it’s not listed in the list of affected devices. Also if that’s a concern then don’t expose the NVR. Use something like tailscale or a VPN to access it remotely (or don’t access it remotely).
Ok but first people have to break into my wifi network. It'd be easier to break into my house unless it's a nation state actor which is not a threat risk I'm prepared to sacrifice enough to defend against. Also, my cameras are not on my main network, they are plugged directly into the NVR via long ethernet runs, they don't touch my main network. You are guessing that the NVR might have hardcoded credentials (which hasn't been proven).
At a certain point you are being overly paranoid and I think we crossed that line a while back.
Wifi is really trivial to break into and doesn't leave meaningful traces unless you really do some enterprise monitoring stuff.
Unlike breaking into your window, you are unlikely to get the cops to do anything if someone breaches your network. There's also direct and indirect financial incentive.
So now your entire livestreaming security setup depends on the security of your wifi network, which can be broken with $20 of dedicated hardware.
And yeah, if someone puts hardcoded creds into their cameras.. they probably do it for all their firmware. It doesn't even have to be malicious, it's just a lazy way to test and debug software.
amcrest is the best I found. 100 dollars, HD, power over ethernet. built-in http interface to grab videos / stream video. So you I just plugin ethernet cable camera gets an IP, and you can configure it to push videos at some interval to any server, or connect to stream for a live stream.
I've owned a few EufyCams and a couple doorbell cams. They work pretty well; the motion sensing is a little too sensitive for an urban area, but they'd be perfect for suburban/rural areas. They can detect people, cars, and animals. The newest base station can be upgraded with a SATA HDD/SSD.
There was a security kerfuffle last year because motion notifications sent to your phone contained video previews which were then stored insecurely. They fixed that, and it's a feature you can disable. It's not nearly as bad as what has happened to Nest/Wyze cams where attackers can gain access to live video and even talk through the speakers.
If they work, are easy to setup and configure, and are reliable, I have no problem paying a hefty premium. I'm tired of trying to get cheap garbage to work (I'm currently struggling with Hikvision cameras and a QNAP NAS).
They mention a 2023 report about unintentional access of others' cameras but this dates back to 2019 (I know this since I saved a video about it from an owner who demonstrated it, which is no longer on Youtube afaict). The video showed that while the official app couldn't display the feed if they asked Amazon Alexa to, it would.
I hate Wyze so bad. They sell this really lovely and cheap IP-enabled camera, perfect for figuring out which cat was pissing in the basement. But to activate it requires your phone number, and then they spam you, forever after, with text messages from different numbers advertising their shit. Hate hate hate.
I have a bunch of wyze gear, given the price I never assumed they were meant to replace a security system. What I have been doing with these cheap little cameras is getting me closer to nature.
We have a bunch of these outside and we've been watching the cats, possums, raccoons, and even turkeys frolic as they cross through our property. We even set up a little victorian style dog hours with solar panels in the backyard and the wild animals have been using it to rest. We have a ton of video of these little animals just relaxing and stretching out in the dog house too. The family loves it, every morning we get to see what the critters were up to.
Before that we were doing hydroponics and we had cameras on the fruits, the instruments for things like ph, ec, and a camera in the reservoir so we could monitor water levels.
I don't use them to watch my home, but they have been pretty solid in terms of watching other things that aren't security related or sensitive.
I did use my wyze cams like that for a while (surveilling the garden pests mainly) but then wyze cut out that functionality. It used to record a little video clip when it detected motion, now wyze wants $5 a month for that.
Wyze is honestly great. These cameras are a fraction of the price of everyone else. Their cloud service is a couple dollars a month per camera.
I have 2 looking out my windows at the front door and car. I move those to watch the dog when she stays home. I have one over my pool table to record shots. I've used them in the past to watch stray cats outside.
I am least happy with their outdoor cam since it doesn't do continuous recording and it requires a separate hub. I recommend the plugged in ones to everyone though.
Even the cameras like REOlink 2e are $75. This seems absurd to me. A wifi camera can't be more than what, $5 of hardware? Who is selling the cheapest, most bare bones, raw, wifi camera? Does it even exist or is every single one packaged with crapware software or sexed up by some company to over $75? Do I order direct from China for these?
>>On September 8, 2023, The Verge reported an incident in which some Wyze customers were able to access live video from other users’ cameras through the Wyze web portal.<<
an unintentional, adult, video shareing platform, sounds like something a sector of society would consider a feature.
I'm not sure if the product exists, but something that replicates a homemade setup would be amazing.
Think of a bundled camera(s) + raspberry pi + 1tb backup drive or whatever that you can only access over your own dedicated personal wireguard vpn (or tailscale, something like that), but sold as a retail bundle.
Of course, that would cut out all the SaaS/app data selling aspect so it seems unlikely to happen.