this post was submitted on 25 Jan 2024
505 points (98.7% liked)
Technology
59707 readers
5420 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Not even just a technical security standpoint, why would you put a live camera up when someone else legally owns the feed?
I've had discussions and people claim it's no different because other systems can be hacked and you have a phone with a camera that can be remotely accessed, etc.
But those things are illegal, the people using Ring are knowingly putting up a camera where someone else owns the footage. They aren't hacking, they aren't stealing. In fact, they're letting you borrow the footage anytime you check the camera yourself.
Because people have been trained since the eighties to ignore EULAs and just click "ok".
Most people, have no idea they don't own the video their door bell takes...
Hell I'm fairly tech savvy and I didn't know. (Don't have a camera).
Tech savvy people don't fall for the bullshit or use open source products.
There's two kinds of tech enthusiasts. Ones who think cloud based is a great feature that means they don't have to worry about it as much, and ones who understand that using the cloud just means you give up control of any data that ends up there, possibly along with control of the device itself.
Wait, don't forget the third type: the kind that knows self-hosting is better in almost all ways, and hates HATES not having ownership (or even just access!) to the raw data and dev interface, but is too ground down by their capitalist bullshit work week and other life to keep up with the admin of maintaining their own systems. SIGH.
I don't use Arch, btw.
Yeah, that's a subset of the 2nd group. I'm in that group. I'd like to have some smart home features but haven't gotten around to setting it up and don't want the easy options.
Plus is there even a smart water softener in the market that you can have a server check how much soft water is available before it needs to cycle and compare with how much water a dishwasher or laundry cycle needs to cycle the softener before running either of those to make sure it doesn't run out?
In a way the sketchy off brand seems like a better idea in that case, at least there's not some monolithic entity holding millions of feeds to ask for access to
I still remember watching unsecured cameras through a site I’d feel uncomfortable posting. All five minutes of it was eye opening. As an aside, more external security cameras are connected to the internet than I had originally thought.
Oh I'm sure browsing through something like shodan.io would give a bunch of open feeds. Some are intentional, a lot are mistakes, bringing their presence to light is a net good though in alerting both the public and potentially the owner to fix their gear.
…indeed.
That’s a flip flop and a bed. The 360 controls work. Wish I could contact the owner, assuming they’re not running a social experiment.
Under-the-bed monsters running a honeypot.
If it's the site that I'm thinking of, they don't support HTTPS.
It was shodan. Given that the site was already posted, I’m fine with confirming that they do not support https.
But you don't have to go sketchy off brand. You can get Ubiquiti if you want a really good system, or eufy or reolink if you don't want to muck about with the sysadmin stuff Ubiquiti requires
Yeah, plenty of options out there. I have a couple cheap Chinese type that aren't plugged in on any regular basis. Neat thing is that the accounts are basically by serial number if I recall from back when I set it up, so with them off my trusted net and the data fed put through a VPN to home base they're functionally ghost cams without a location attached.
Plus they can record to local SD, so if the server goes offline in the future they can work like a dashcam at least.
You can figure out approximate longitude and latitude using shadow angles and time of day/year.
Yeah, but if someone is going to that much effort to track down your feed (assuming it was outdoors to start with) then you're probably under investigation for something.
I've setup a Ubiquiti system. There are two things to know:
Now, I think those are acceptable tradeoffs, but I think we should be clear about its limitations.
Most likely cost of entry and ease of use. Those are the things most people are going to be concerned with.
Here's what I recommend: open source camera firmware if possible, local storage of recorded video on an open source system, firewall rules to block access to and from the Internet for all of the above. If you need "cloud" access to your cameras then set up a VPN to get to it behind the firewall.
That's my setup, minus the specifics.
Because getting the same results is hard or expensive if you wanted to do it yourself.
A security camera is easy. Reasonably secure view from anywhere is difficult. Notification of activity in view of the camera is harder. Internet to front door intercom is moderately difficult.