I am in the process of purchasing a home, and the house that it’s looking like I am likely to buy has a Ring alarm system and camera installed. I like the idea of having burglar alarms on the windows and doors, but I do not want to use Ring. Between their ownership from Amazon and sharing data with the cops, I don’t trust them.
Are there privacy-friendly home security systems out there that don’t require an ongoing subscription? Bonus points if the devices are HomeAssistant compatible.
https://gizmodo.com/eufy-local-security-camera-cloud-unencrypted-scandal-1850059207
https://www.theverge.com/23573362/anker-eufy-security-camera-answers-encryption
The article also includes a response from Anker.
Yep, this is exactly the controversy I was referring to from two years ago. It only applies if you choose to upload video to their cloud, not your local storage hub.
If you read more about this, you’ll find that the vulnerability has been sensationalized by Gizmodo. A malicious actor would have to go to great lengths to obtain a very long hash string and then append that to a URL to get access to the unencrypted content. That hash string itself is not accessible, so it is highly unlikely.
With that being said, I wouldn’t recommend putting a security camera of any brand inside your home and pointing it somewhere you can’t risk being seen on the off chance of a breach, but how many people are really looking to do that anyway?
Thanks for the reply. While I’m sure that the video feed wasn’t the easiest to access from an outside attackers end, the fact that it was even being sent to the cloud, unencrypted, in the first place is a little more than a “minor” controversy. A company advertising a camera that works local only, and then proceeding to quietly upload everything from the camera to their servers, servers that, mind you, cost money to operate, likely have malicious intent.
While it may have been sensationalized, given this is a privacy comm, it should at least be worth mentioning.