• @Diplomjodler@feddit.de
    link
    fedilink
    English
    13710 months ago

    At this point I really don’t understand why anyone would put a camera in their home that’s connected to a server they don’t control.

    • teft
      link
      fedilink
      English
      3310 months ago

      Laziness. Most people don’t want to research everything needed to set up a self hosted camera system. Much easier to pop into Best Buy and grab a Wyze camera that works out of the box.

      • TheHarpyEagle
        link
        fedilink
        English
        6610 months ago

        I wouldn’t call it lazy necessarily, everyone just has limited time and energy to invest in stuff and probably had no idea of the risks.

      • @agent_flounder@lemmy.world
        link
        fedilink
        English
        1410 months ago

        More likely people lack the time.

        Besides, expecting a security camera company to provide a decent quality product that doesn’t suffer egregiously serious breaches like Wyze has is not unreasonable. Idealistic, maybe; lacking an appropriately enormous degree of cynicism.

      • @4am@lemm.ee
        link
        fedilink
        English
        510 months ago

        How do these people not realize that these cameras let other people to see into their homes?

        This has happened SO. Many. Times.

        • @thejml@lemm.ee
          link
          fedilink
          English
          1210 months ago

          I really wonder how much everyday people care. Years back, people would give out their passwords for chocolate. Most people at this point have had their SSN’s leaked multiple times, all their PII is generally available somewhere, they use unencrypted SMS and email for financial transactions, etc… convenience is worth way more to the average person than having a few pictures of their house leaked. Even if they’re in it. It just doesn’t enter their mind as a problem. Last few people I brought it up to about their wyze or blink cameras just shrugged off the privacy stuff. (Though none of them had them in their homes, just external doorbell/driveway kinda cameras)

          • @SlopppyEngineer@lemmy.world
            link
            fedilink
            English
            310 months ago

            So many cameras are left on the default password. On the insecam site they keep a list of cams where you can just look into people’s home, all hacked by using the default password. And it keeps happening.

          • @agent_flounder@lemmy.world
            link
            fedilink
            English
            210 months ago

            I agree. It just doesn’t occur to most people. It takes a certain mindset to think about the worst things that could happen. Not everyone can think like a bad guy.

            • @rottingleaf@lemmy.zip
              link
              fedilink
              English
              110 months ago

              Wrong, everyone can.

              In the spirit of the separation of people into those who backup their data and who don’t do that yet.

      • @Flying_Hellfish@lemmy.world
        link
        fedilink
        English
        310 months ago

        Don’t forget cost, I’m working on replacing mine, but a 30 dollar camera now being replaced by ones that cost around 100 each is just taking time. The ones I have outdoors I don’t really care about, but I’m working hard to replace all the indoor ones. For now all my indoor wyze cameras are on zigbee plugs that cut power when we’re home.

    • The Pantser
      link
      fedilink
      English
      910 months ago

      For me it’s one less camera I have to run on my server that is already overwhelmed with the 12 other cameras that watch the outside. I have my wyze cams on sonoff minis that kill power to them unless I have my house set as away. I don’t need 247 recording of the inside just give me the option to peek in while away to see if anything is alarming.

    • @ThunderWhiskers@lemmy.world
      link
      fedilink
      English
      810 months ago

      I’m sure I’m going to get some shit for this, but here we go! I own a wyzecam that I keep in (but due to lack of necessity will soon be removing from) my daughter’s room. We had it there just to check and see if she was asleep in her crib still without walking up the very creaky stairs/hall to her room.

      It has pretty garbage resolution, has no sensitive information in frame, is not in a part of the house that anything can be overheard, and literally just shows a blurry image of our daughter’s bed.

      I guess someone could theoretically sign in and…watch a 3 year old sleep? The worst case scenario I can imagine is someone using the speaker function to scare my kid, which would suck, but I think I can risk it.

    • @Buffalobuffalo@reddthat.com
      link
      fedilink
      English
      310 months ago

      I have one to watch my dogs when I am away. It was cheap and I only plug it in occasionally when I am gone for a while. Probably about 3 hours a week. I figure if it is mostly off it will be hard to be exposed, and even if so, all you will see are my dogs in their crates.

      • @llii@feddit.de
        link
        fedilink
        English
        710 months ago

        and even if so, all you will see are my dogs in their crates.

        And that you’re not home.

        • @Buffalobuffalo@reddthat.com
          link
          fedilink
          English
          610 months ago

          How many people you think live near me, are able to hack my Wyze cam, are into breaking and entry, and read this post so they know that when the camera is on I am probably not home?

          It would be a hell of a lot easier to just wait until you don’t see cars in my driveway, or watch my house until you see me leave.

          • @Wahots@pawb.social
            link
            fedilink
            English
            110 months ago

            I’m not a criminal, but if I was, I’d get a group together and monitor all the feeds for when I see people go on vacation, then break in. And if they are stupid enough to have sex in front of a security camera in their bedroom or other rooms in their house, it would make excellent blackmail material for different types of extortion if you didn’t want to risk the police coming. Those can be more lucrative anyways.

            • @Buffalobuffalo@reddthat.com
              link
              fedilink
              English
              410 months ago

              You starting this by staying “I am not a criminal” proved my point.

              A Wyze security failure is not putting my at risk of being robbed. There are easier ways to tell when people go on vacation. Your plan is to get illicit access to someone’s camera, hope they live near by, check up on them daily, wait for them to be gone for a couple days, assume that means they will be gone for a while longer, then rob them?

              Most people post vacations on social media, why bother hacking and stalking them. Just find people who post about their international vacations on FB. Easier to do and you get much better information about how long they will be gone.

      • @RaoulDook@lemmy.world
        link
        fedilink
        English
        -110 months ago

        Zoneminder is damn good for the price. Mine has never had a data breach either. So there’s your downvote.

        • @PeterPoopshit@lemmy.world
          link
          fedilink
          English
          2
          edit-2
          10 months ago

          When it fucks up, good luck fixing it without an os reinstall. That’s the price. If it was easier/possible to restore to a fully working state after it gets borked, it would be really good.

          • @RaoulDook@lemmy.world
            link
            fedilink
            English
            110 months ago

            It’s really easy for me to fix it if it breaks, since I have full disk images of the microSD card it runs on in my RPi 4. You could do the same with any linux system for most types of disks with cloning tools.

  • @TheFriar@lemm.ee
    link
    fedilink
    English
    4710 months ago

    lol again, Wyze? This happened last year. Love that they’re downplaying it, “we’ve identified only 14 people that were affected.” They have a privacy issue. A big one.

    • @Classy@sh.itjust.works
      link
      fedilink
      English
      1510 months ago

      Man I saw the headline and I’m like, “Oh, this is old news. Why is it on here?” Then I read your comment and realized that this is actually a second breach. What a mess!

  • @notannpc@lemmy.world
    link
    fedilink
    English
    2310 months ago

    I’m honestly impressed they are still in business. If the first time it happened didn’t kill them, the second time probably won’t either.

  • circuscritic
    link
    fedilink
    English
    2210 months ago

    Using Wyze is a choice that has trade-offs and it’s up to the user to understand what those are.

    For example, if you aren’t able, or willing, to selfhost an NVR, then accept that these situations may arise and decide which video feeds are ones you’re willing to take that risk with.

    Video feeds of your backyard, are significantly different then those of your bedroom, or living areas.

    • Suspiciousbrowsing
      link
      fedilink
      1110 months ago

      I disagree, you can’t expect everyone to be technologically literate enough to understand the consequences of everything. And you can’t palm it off by saying “well they need to/should”. Much like expecting people to understand and read every single EULA that everyone always scrolls down and hits “accept” At some point legislation needs to be drafted yo make it very clear the consequences, or legislate to ensure privacy so companies can’t do this.

      • Vanon
        link
        fedilink
        English
        310 months ago

        Exactly. Don’t have cheap web cams pointed inside the home, and it’ll be fine. Have them outside, watching doors and gates, providing security videos of shadows and wildlife, whatever. They can still be useful tools.

        • @bbuez@lemmy.world
          link
          fedilink
          English
          210 months ago

          Hey Im just setting up Frigate, are you using a Coral board? The claims about perfomance seem nuts and I just want to know how easy it is to integrate or how necessary it is, my HA setup is a little more obscure so if I could get away without needing one that would be great

          • @jaschen@lemm.ee
            link
            fedilink
            English
            2
            edit-2
            10 months ago

            I have a coral Pcie card that replaced my wifi card on my tiny PC. I purchased an old HP i3 tiny computer off eBay for like 50 bucks.

            Previously, I ran my HA and frigate on a pie4. After about 2x 1080 streams, it starts to bog down.

            I wouldn’t recommend buying anything without a proper processor as you want something to be able to process those streams.

            • @bbuez@lemmy.world
              link
              fedilink
              English
              110 months ago

              Think I’ll be going with the Pcie card then, I have an older Xeon 1U server, running proxmox and HA as a VM so im pretty certain I’ll have to install frigate as standalone in docker alongside proxmox, which feels weird but eh. Thanks for your response! Its been real fun delving into HA and homelab stuff

              • @jaschen@lemm.ee
                link
                fedilink
                English
                210 months ago

                I too have a proxmox server(running PFsense, Mint, tailscale, and NVR backup) and I did run docker with HA, but I found that the coral was iffy when it was passing through the proxmox to docker to HA. There were so many times my coral would stop working and I would have to restart docker to get it working. It became so frequent that I had a script to reset my docker at a certain time of day. I eventually went with a HP tiny PC setup and ran hasOS on baremetal. Haven’t had a problem since.

        • @ObsidianZed@lemmy.world
          link
          fedilink
          English
          110 months ago

          Do you know if the smart doorbell is the same? Received one from the in-laws for Christmas but haven’t done anything yet.

          • @jaschen@lemm.ee
            link
            fedilink
            English
            110 months ago

            I left wyzes platform before the doorbell was introduced. I switched to 4k streams and they didn’t offer 4k at the time.

            I remembered there was an integration for Wyze when I used them so I imagine it is still possible.

          • @jaschen@lemm.ee
            link
            fedilink
            English
            110 months ago

            Have fun man. The home assistant community is strong! Message me if you need help.

  • Album
    link
    fedilink
    English
    2110 months ago

    This is the exact same error that chatgpt had. Caching error letting you see other users stuff.

    • Dark Arc
      link
      fedilink
      English
      610 months ago

      What’s that they say … there are three common errors in programming, catching and off by one errors?

  • @Kissaki@feddit.de
    link
    fedilink
    English
    1910 months ago

    The number of affected customers has grown from 14 to 13,000.

    Finally back in the growth economy!

    Wait…

  • @Wahots@pawb.social
    link
    fedilink
    English
    1610 months ago

    This is why I always sigh when people get cameras for security. It’s only as secure as the weakest link. And if you don’t know what the weakest link is, you are boned.

    • @oatscoop@midwest.social
      link
      fedilink
      English
      8
      edit-2
      10 months ago

      Every single one of my “internet facing” devices is blocked from accessing the internet at the router. If I want to access them they either get added to my HomeAssistant instance or another computer that’s only accessible from the outside through my VPN.

      All of the convenience with the privacy concerns practically eliminated. It costs $6 a month in hosting for the VPS I set the wireguard server up on.

      • @Patches@sh.itjust.works
        link
        fedilink
        English
        710 months ago

        Every single one of my “internet facing” devices is blocked from accessing the internet at the router.

        This would be a lot more common if router software stopped being developed in the fuckin 80’s. Unless you get a commercial product they’re all so cryptic, and difficult to navigate.

        • @towerful@programming.dev
          link
          fedilink
          English
          5
          edit-2
          10 months ago

          Routing, NAT and firewall are pretty complex things because its the backbone of everything: phones, websites, enterprises, government. It all uses the same tech. And very few networks are the same (the exception being consumer broadband home networks).
          The money for development is in the products for enterprise, so they have to have all the tuneables available and seem hugely complex to non-specialist users.

          So, there arent really any “easy” router/firewalls that are also flexible.

          Ubiquiti & TP-link do Software Defined Network stuff, abstracts away a lot of the complexity. But as soon as you want to do anything complex, you are digging into CLI and might as well use something designed for that.

          OpenWRT is apparently pretty good. Ive never used it.

          I now use OPNSense. Essentially freeBSD set up as a router/firewall, with a nice webGUI and loads of flexibility.
          I feel like this is what you are looking for

          I also dable in Mikrotik routers, and im considering moving to their RouterOS… Or even one of their appliances.

          openWRT, OPNSense, RouterOS can be installed on your own hardware. So you could use an old desktop, stick a decent network card in it and use that with a bridge modem.

          • @Patches@sh.itjust.works
            link
            fedilink
            English
            210 months ago

            I got a Synology router which is absolutely far from the best hardware but it is so human readable. I don’t have to guess what anything does, or what sub menu it is under. That was worth the premium for me.

            I tried openWRT on a TM Ac1900. It is not an easy process to get that loaded - I can tell you that.

  • @Stegget@lemmy.world
    link
    fedilink
    English
    1310 months ago

    I’ve got several Wyze cams around my house and one inside facing the main living room/kitchen area. I realize it’s an imperfect system with flaws, but at the same time that living room camera is also the reason I was able to file abuse charges against my ex wife. Not a scenario I’d want anyone to deal with, but in my case it turned out to be some of the best money I’ve ever spent.

      • @Patches@sh.itjust.works
        link
        fedilink
        English
        5
        edit-2
        10 months ago

        To be clear you block internet access at your router. Do not trust the camera not to phone home.

        Depending on your router - this is either very difficult, or a single click but I’ve never seen it be impossible.

      • @Stegget@lemmy.world
        link
        fedilink
        English
        210 months ago

        You are correct. But to be totally honest, Wyze offered an affordable cost and a low barrier to entry. It’s a tradeoff that worked out for me, but I get that it’s not the same math for everyone else.

        • @Blue_Morpho@lemmy.world
          link
          fedilink
          English
          110 months ago

          There are onvif cameras (IP camera standard that lets it work with any software) that are as cheap as Wyze. Plus many have microsd so they can work without any network.

          • @Stegget@lemmy.world
            link
            fedilink
            English
            110 months ago

            Again you’re completely right. I’m just saying that when it comes down to it, 99% of folks are not going to host their own system. And in my personal, specific case, I judged the rewards to heavily outweigh the risks, which ended up being correct. YMMV.

      • @Stegget@lemmy.world
        link
        fedilink
        English
        310 months ago

        Out of my life, I used the video evidence to land her ass in jail and filed for divorce. She managed to claw her way out of the gutter after using crack and becoming a prostitute.

  • @spaghettiwestern@sh.itjust.works
    link
    fedilink
    English
    8
    edit-2
    10 months ago

    I am in the process of adding a couple security cameras and have been amazed that the majority of consumer brands essentially claim ownership of their customer’s video content. They block access outside of their apps, charge for access and control of that video, and then fail to secure the video content they’ve claimed. It’s another case of buying not equal owning.

    Wyse, Eufy, Ring and Next have all had breaches of various kinds. Wyse took three years to fix major vulnerabilities. TP-Link has been sued by the FTC for failing to address router and camera flaws. Ring repeatedly provided video to law enforcement without a warrant. Even Roomba vacuum’s video footage has been leaked by the company entrusted with it.

    It is clearly much more profitable to ignore breaches and vulnerabilities than to prevent them.

    Allowing any video to exit your home network and be stored by a corporation is just asking for trouble.

    • SolidGrue
      link
      fedilink
      English
      2510 months ago

      Oh, I use plenty of smart devices. I just make sure I select equipment that I can put on an isolated network without cloud access and operate through my self-hosted automation platform.

      If it requires the cloud or a dedicated app for its basic setup and operation, its not getting installed here.

      • @webghost0101@sopuli.xyz
        link
        fedilink
        English
        710 months ago

        Works great on paper till you find the official API that can be used with open assistant is for licensed technicians only so you can only connect it to your server by giving your server access to the cloud app…

        Looking at you Mitsubishi air conditioning unit with infrared scanner that is definitely not an old webcam up-cycled from some random warehouse.

        • SolidGrue
          link
          fedilink
          English
          310 months ago

          Yeah, that’s been a problem lately. Haier also recently issued a takedown against the maintainer who published the Home Assistant integration for their brands of air conditioners and other smart appliances.

          Ford, Tesla, and several other smart device makers have similarly taken their seni-open APIs to license-only/closed source only recently.

          Which is dumb because even if they DO want to monetize that data stream by selling it to data brokers, the people they’ve affected by closing those APIs represent a small fraction of their user base. It amounts to a rounding error in the revenues.

        • @whynotzoidberg@lemmy.world
          link
          fedilink
          English
          1210 months ago

          Same reason a remote control is handy for a TV — convenience.

          Motion or presence sensing. Timers. Virtual buttons. Physical buttons in places I wouldn’t normally have them. Garage door opening automagically when I pull in the driveway with a specific vehicle. Etc.

          Plus I get to check in on my kitty from far away.

          • @GolfNovemberUniform@lemmy.ml
            link
            fedilink
            English
            0
            edit-2
            10 months ago

            Well that’s an expected answer. Many people seem to like such stuff and find it convenient. I just don’t. Probably I’m too old to understand it lol. Though I have nothing against smart home devices that are not connected to the cloud. Just don’t fully rely on them for core stuff such as doors, fire alarms and oxygen/medication (in case you need that). You do want to be able to open the doors with a physical key in case of a power outage or a simple system malfunction

            • SolidGrue
              link
              fedilink
              English
              610 months ago

              My day job is IT support that is in part adjacent to healthcare, and I can tell you a lot of healthcare actually relies on widgets connected via wireless and WiFi. Not just the mobile terminals they bring around for your charts, but also active elements like insulin pumps, chemo injectors, phone/intercom/paging systems, panic buttons… A lot of it runs over wireless infrastructure, WiFi and other technologies, and is handled by a central controller that might be on-prem, or might be in the cloud.

              Its a rough day for everyone when the WiFi is down or the Internet is out down in the wards

              • u/lukmly013 💾 (lemmy.sdf.org)
                link
                fedilink
                English
                210 months ago

                The pagers scare me. Thankfully it seems they aren’t used where I live at all anymore, but the classic POCSAG/FLEX pagers transfer the data in plaintext, and I’ve heard that doctors often use them for sensitive information as well. Meanwhile all you need for receiving and decoding POCSAG or FLEX is a $5 generic RTL-SDR and software like multimon-ng.

                • SolidGrue
                  link
                  fedilink
                  English
                  210 months ago

                  I meant broadcast paging over the intercom system like “Dr. Whomever please report to pre-op,” but I agree the old beeper style pagers were a bit sketch

            • TimeSquirrel
              link
              fedilink
              510 months ago

              Just don’t fully rely on them for core stuff such as doors, fire alarms

              I am an alarm/automation/access control technician, and I have some bad news for you…

              • @GolfNovemberUniform@lemmy.ml
                link
                fedilink
                English
                210 months ago

                I would genuinely like to learn about how you deal with stuff like malfunctions and backup door unlock methods. But now I don’t really want to discuss much because of health issues. Hopefully you all won’t consider me a bad person who likes to argue

                • TimeSquirrel
                  link
                  fedilink
                  710 months ago

                  Usually, if a building has electronic access control, it’s a requirement that the main controller or power supply be directly tied into the fire alarm with a hardwired trigger relay to drop power to all the door locks during an alarm. It may all be controllable and configurable on the cloud, but commercial equipment still has traditional redundancies like standby batteries and the like.

        • @4am@lemm.ee
          link
          fedilink
          English
          810 months ago

          Convenience and fun. It’s not about having buttons to push, it’s about making sure things are taken care of.

          The house closes the garage and turns off the lights when I leave. The hallway dimly lights up when I get up at night to use the bathroom. When the dishwasher runs, it keeps track of how much soap is used and adds it to my grocery list when it gets low. If the dog walker comes to the front door, it unlocks for them. My interior lights can be cool white during the day and warm white at night without me doing anything. Soil moisture sensors let the system auto-water my vegetables, as well as my lawn, and at the exact time of day when it’ll be the coolest.

          I don’t necessarily need any of that, but it sure makes things easier.

          • @GolfNovemberUniform@lemmy.ml
            link
            fedilink
            English
            110 months ago

            Hmm facial recognition? A little bit unreliable of a technology I’d say. But other than that, it seems really convenient. I just prefer doing everything manually. Probably I need to delete that question. I just wanted to know people’s reasons to use smart home because I didn’t believe many of them find it useful

            • @thejml@lemm.ee
              link
              fedilink
              English
              510 months ago

              He might have given the dog walker a different key, a fob, or any number of non-facial recognition tools though.

              For instance, you can have a PIN based entry door lock that only activates certain PINs at certain times. Or an HID one setup similarly.

        • SolidGrue
          link
          fedilink
          English
          710 months ago

          I used to live alone, and travel quite a bit for work. I started with sensors like water sensors in the sump area of my basement, window/door sensors, temperature sensors and a chincy USB web camera on the cats’ feeding area to make sure they were staying fed and watered. It was peace of mind that things were OK at home while I was away, and let me call in help if something was awry.

          After I started my family, I got tired of chasing people around to turn off lights, TVs and game systems when they were done, to turn on/off fans in the bathrooms and stuff like that. It was easier to just let the system deal with it. Couple of unsaved games getting lost later, and they got the hint.

          Eventually we had new families on the block and neighbors started having packages go missing, so i installed cameras over my front & back porches to alert for deliveries, or at least provide instant replay for where DID that package go after it was dropped off? Its been as effective a deterrent as it’s been useful to see how much traffic my front porch gets weekly. You’d be surprised how many solicitors come through sometimes.

          So while I do lights and fans and sensors and stuff, I don’t bother with things like window shades, automating coffee makers or wrangling Roombas.

          Now I’m looking into deploying a small satellite system at my mom’s condo because she lives alone and is getting older. We’ve talked about installing some PIR and mmWave presence sensors to detect activity, and also some assistance buttons in her private spaces. She doesnt want cqmeras, and she hasn’t committed to it yet but she likes the idea we can check up on her remotely without her having to give up any of her prvacy or independence to an outside party.

          So it’s about more than just geeking out and being a creature of comfort. There are practical applications in security, energy management and health/safety to consider as well.

        • @m_randall@sh.itjust.works
          link
          fedilink
          English
          710 months ago

          Not who you asked but I have a smartish home. There is no real need. It just affords convenience and for me lands pretty squarely in “hobby” territory.

          My lights turn on prior to sunset, and turn off after I go to bed. My porch lights dim at 10pm so I don’t disturb my neighbors as much. I have additional states of lights that are predicated on various scenarios. In short, I never touch a light switch, I never walk into a dark house, and my energy usage is reduced.

          My vehicle mileage and tire pressures are reported on a dashboard for me to monitor.

          My network statistics are monitored and graphed.

          Energy usage of electronics of interest to me are monitored and graphed.

          I have a software defined radio that I’m able to use remotely. Using a smart outlet I’m able to turn it on and off remotely as well instead of leaving it on 24/7.

          Unfortunately I have a camera that is cloud based my SO uses to monitor pets. Using a smart outlet I turn it on only when we are not home.

          Some of this can be accomplished with less smart means, some of it can’t, but it’s been fun to get it all setup.

    • @LaunchesKayaks@lemmy.world
      link
      fedilink
      English
      210 months ago

      I have a friend who says literally every lightbulb in his house is smart. Literally everything of his is smart. I can’t do that shit. Scares me way too fuckin much.

  • @undercrust@lemmy.ca
    link
    fedilink
    English
    310 months ago

    No apology for Wyze’s breach, but only 1500 of the possible alerts for not-your-home were clicked on/viewed. Gotta love sensational headlines.

    Also, if you’re using a cloud-based camera for private spaces? Well, that’s kinda a decision you made for yourself.

    • @tabular@lemmy.world
      link
      fedilink
      English
      610 months ago

      I have to assume these people don’t understand it, and would care to know this and hopefully learn that decision was a bad idea.

    • DarkThoughts
      link
      fedilink
      410 months ago

      Also, if you’re using a cloud-based camera for private spaces? Well, that’s kinda a decision you made for yourself.

      Not even just cloud based. I remember a decade or two ago a lot of security cameras were plugged into the regular network with enabled remote access. You could even find them through Google using specific search terms and a lot of them had either no or default logins configured. So you could basically spy into all sorts of peoples homes. If I ever were to install cameras in my home, they’d be completely separated from everything else.

        • DarkThoughts
          link
          fedilink
          210 months ago

          Those are from public places, a lot of those cameras are promoted on their respective websites too since they’re purposefully open. I’m talking about private household cameras. People who were doing their everyday things in their living rooms or bedrooms, without knowing that their camera just streams live to who knows how many strangers watching them through its remote access function.