this post was submitted on 25 Jan 2024
505 points (98.7% liked)

Technology

59707 readers
5420 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 241 points 10 months ago (2 children)

*ring will no longer publicly acknowledge facilitating police requests...

[–] [email protected] 45 points 10 months ago (1 children)

They're saying they're not gonna just hand it over. Ring is still gonna have to answer subpoenas.

[–] [email protected] 14 points 10 months ago

They could look to argue those, but I'd suspect they just say 'get a warrant' now rather than allowing for the 3rd party records requests, which by all accounts warrants are pretty rubber stamp. From my non-lawyer recollection there's never been a mandate to get a warrant for records in possession of a 3rd party outside of things protected by other laws like banking or HIPPA. So a provider can hand out lists of all your convos, locations, etc if they want. Some do without question, and after a long record of complying with police requests I have a hard time believing Amazon will suddenly change their tune without force. Path of least resistance and all that.

load more comments (1 replies)
[–] TheFeatureCreature 81 points 10 months ago (1 children)

The police can just purchase the footage instead from Amazon's ad services.

[–] [email protected] 38 points 10 months ago* (last edited 10 months ago) (4 children)

I fucking hate these doorbell cameras. In my building, my neighbor across the hall has one,so EVERY SINGLE TIME I come and go from my apt im being recorded. And there’s another on the floor below me. So they know where I go in my building. It’s fucked up. I literally have zero privacy on when I’m coming and going from my apartment.

[–] [email protected] 12 points 10 months ago (1 children)

I’ve considered building some kind of laser to destroy the sensors in these cameras. I think it’s absolutely fucked my neighbors can have a camera pointed at my front door 24/7.

[–] [email protected] 3 points 10 months ago (2 children)

If you ever manage to develop it, I’ll be your first customer. I absolutely hate that I’m under constant surveillance any time I step out of my front door. Especially since it’s probably Amazon or any of those other shitty companies whose entire purpose was to make a network of surveillance accessible to police.

[–] [email protected] 3 points 10 months ago

A Blu-ray laser diode and a flashlight body with some DIY electronic components seems to hold the most promise, and it’s not that far off from some flashlight projects I’ve done.

[–] [email protected] 3 points 10 months ago* (last edited 10 months ago)

http://www.naimark.net/projects/zap/howto.html

(non https site - sorry - but it's a cool deep dive)

[–] TheFeatureCreature 9 points 10 months ago

It's a long shot, but you could have a chat with the building manager and/or landlord and voice these concerns. I don't know if they'll do anything, but you never know.

[–] TicklishRocket 3 points 10 months ago* (last edited 10 months ago) (1 children)

Thing is. Good chance your neighbour was probably a victim of crime. A few nights in a row I was making supper and someone was trying to get in my place by trying the handle. My packages also started to go missing and a few years ago someone walked into my apartment while I was trying to wrangle my cat because the fire alarm was going off, pretty sure they wanted to rob my place because they left without saying anything and got freaked out when they saw me still there. It's nice having it because I can see who is at my door Without putting myself in the line of fire, and it deters people from pulling any bullshit while I'm not home.

It's understandable that it's a bit annoying it's pointed right at your door. Mine doesn't face anyone's door. Just the hallway, you could ask your neighbour to install an angled adapter so it's not facing your door. Personally I treat my building hallways like I would treat any public place, and always assume there's a camera somewhere. There's also a very good chance there is CCTV in your building already if it's a larger building.

load more comments (1 replies)
[–] [email protected] 2 points 10 months ago

Time to carry an umbrella so you can keep yourself off camera.

[–] [email protected] 57 points 10 months ago (5 children)

Not even just a technical security standpoint, why would you put a live camera up when someone else legally owns the feed?

I've had discussions and people claim it's no different because other systems can be hacked and you have a phone with a camera that can be remotely accessed, etc.

But those things are illegal, the people using Ring are knowingly putting up a camera where someone else owns the footage. They aren't hacking, they aren't stealing. In fact, they're letting you borrow the footage anytime you check the camera yourself.

[–] Crashumbc 31 points 10 months ago (1 children)

Because people have been trained since the eighties to ignore EULAs and just click "ok".

Most people, have no idea they don't own the video their door bell takes...

Hell I'm fairly tech savvy and I didn't know. (Don't have a camera).

[–] [email protected] 2 points 10 months ago (1 children)

Tech savvy people don't fall for the bullshit or use open source products.

[–] Buddahriffic 5 points 10 months ago (1 children)

There's two kinds of tech enthusiasts. Ones who think cloud based is a great feature that means they don't have to worry about it as much, and ones who understand that using the cloud just means you give up control of any data that ends up there, possibly along with control of the device itself.

[–] littlewonder 6 points 10 months ago* (last edited 10 months ago) (1 children)

Wait, don't forget the third type: the kind that knows self-hosting is better in almost all ways, and hates HATES not having ownership (or even just access!) to the raw data and dev interface, but is too ground down by their capitalist bullshit work week and other life to keep up with the admin of maintaining their own systems. SIGH.

I don't use Arch, btw.

[–] Buddahriffic 2 points 10 months ago

Yeah, that's a subset of the 2nd group. I'm in that group. I'd like to have some smart home features but haven't gotten around to setting it up and don't want the easy options.

Plus is there even a smart water softener in the market that you can have a server check how much soft water is available before it needs to cycle and compare with how much water a dishwasher or laundry cycle needs to cycle the softener before running either of those to make sure it doesn't run out?

[–] monkeyman512 10 points 10 months ago

Most likely cost of entry and ease of use. Those are the things most people are going to be concerned with.

[–] [email protected] 10 points 10 months ago* (last edited 10 months ago) (2 children)

In a way the sketchy off brand seems like a better idea in that case, at least there's not some monolithic entity holding millions of feeds to ask for access to

[–] [email protected] 8 points 10 months ago (2 children)

I still remember watching unsecured cameras through a site I’d feel uncomfortable posting. All five minutes of it was eye opening. As an aside, more external security cameras are connected to the internet than I had originally thought.

[–] [email protected] 7 points 10 months ago* (last edited 10 months ago) (1 children)

Oh I'm sure browsing through something like shodan.io would give a bunch of open feeds. Some are intentional, a lot are mistakes, bringing their presence to light is a net good though in alerting both the public and potentially the owner to fix their gear.

[–] [email protected] 4 points 10 months ago (1 children)

…indeed.

That’s a flip flop and a bed. The 360 controls work. Wish I could contact the owner, assuming they’re not running a social experiment.

[–] littlewonder 3 points 10 months ago

Under-the-bed monsters running a honeypot.

[–] morriscox 2 points 10 months ago (1 children)

If it's the site that I'm thinking of, they don't support HTTPS.

load more comments (1 replies)
[–] [email protected] 2 points 10 months ago (2 children)

But you don't have to go sketchy off brand. You can get Ubiquiti if you want a really good system, or eufy or reolink if you don't want to muck about with the sysadmin stuff Ubiquiti requires

[–] [email protected] 2 points 10 months ago (1 children)

Yeah, plenty of options out there. I have a couple cheap Chinese type that aren't plugged in on any regular basis. Neat thing is that the accounts are basically by serial number if I recall from back when I set it up, so with them off my trusted net and the data fed put through a VPN to home base they're functionally ghost cams without a location attached.

Plus they can record to local SD, so if the server goes offline in the future they can work like a dashcam at least.

[–] Buddahriffic 2 points 10 months ago (1 children)

You can figure out approximate longitude and latitude using shadow angles and time of day/year.

load more comments (1 replies)
[–] [email protected] 2 points 10 months ago

I've setup a Ubiquiti system. There are two things to know:

  • For the cost of local storage, you are going to spend several years worth of subscription fees
  • The login is still controlled by Ubiquiti's cloud system, which has had its own problems in the recent past

Now, I think those are acceptable tradeoffs, but I think we should be clear about its limitations.

[–] RaoulDook 5 points 10 months ago

Here's what I recommend: open source camera firmware if possible, local storage of recorded video on an open source system, firewall rules to block access to and from the Internet for all of the above. If you need "cloud" access to your cameras then set up a VPN to get to it behind the firewall.

That's my setup, minus the specifics.

load more comments (1 replies)
[–] cabron_offsets 22 points 10 months ago

Ok bruh I’m sure they’re gonna be totally transparent about what they do with the data.

[–] [email protected] 17 points 10 months ago (1 children)

I guarantee you that this is more of a cost cutting measure rather than Amazon being altruistic. They just laid off tons of people, and this is within that same train of thought.

[–] Tangent5280 7 points 10 months ago
  • Hey Jeff, we don't have enough staff to answer all these police requests we're getting.

  • Alright, then don't. Put out a press release, and get our Amazon(TM) ministry of truth to put a positive spin on it.

[–] [email protected] 13 points 10 months ago (7 children)

I was very aware of this "sharing" of footage when I bought my camera system and intentionally did not buy ring and other brands because I want to own that video. I went so far as to not connect my system to the internet which gives me less options (i.e. see it on my phone anytime) but sometimes privacy comes with a price.

load more comments (7 replies)
[–] RGB3x3 11 points 10 months ago (1 children)

I know Eufy has its issues, but I do really like that all my camera footage is stored in my home and not in the cloud.

Their reputation is not good anymore, but I'm just glad all my footage isn't on someone else's computer.

[–] [email protected] 12 points 10 months ago (1 children)

I thought their reputation was tarnished explicitly due to uploading footage to the cloud despite claims otherwise. How can you be sure it isn't uploading when their words mean nothing?

[–] RGB3x3 11 points 10 months ago

The problem was unsecured connections when accessing your footage through their web portal.

They've since fixed the issue, but they inform people that screenshots are held in the cloud for a limited time in order to serve certain types of push notifications.

I may also be trying to cope with the fact that I bought an expensive system before learning about their issues.

[–] [email protected] 9 points 10 months ago

it'll no longer WHAT

(just kidding, I was aware of this and am happy about the change, thanks for posting)

[–] Ghostalmedia 5 points 10 months ago (1 children)

How were cops able to access the video once they were given access. Isn’t that stuff E2EE? Is there a backdoor, or is it not always encrypted?

[–] CaptainSpaceman 16 points 10 months ago (1 children)

What made you think it was E2EE? I dont think any off the shelf camera system offers that

[–] Ghostalmedia 9 points 10 months ago

Ring says they support E2EE. It looks like it’s off by default. Yikes.

https://ring.com/support/articles/mt13j/How-to-Set-Up-Video-End-to-End-Encryption-E2EE

As for other cameras, when I was looking at systems for my house, I saw that Arlo supports it.

HomeKit Secure Video cameras are also another good E2EE solution if you’re in Apple’s ecosystem. I love that HSV can bypass shitty third party apps, and the camera hardware can connect direct to a HomeKit hub, buuut HSV tops out at 1080p.

[–] psud 4 points 10 months ago

Remember that Google not only cooperates with police, they will report users to the police for things their AI finds in that users photos or documents

When they have done that in the past and police investigated the police found no crime was done, but Google deleted their account anyway. They lost their contacts list, their photos, all the spreadsheets and documents in their Google drive, their email account, all their passwords (and the ability to reset those passwords because of the loss of the email account). The guy also used Google for internet and phone, which also went away when Google accused him

If you keep anything important on an online service, keep a backup offline (https://takeout.google.com/ for Google). Use a password manager that isn't under control of a tech giant.

If you back up everything to an online service, choose one that allows you to encrypt your data so they can't use it against you

[–] [email protected] 4 points 10 months ago

Finally some good news

load more comments
view more: next ›