Welcome to the community! Read our posting tips, and learn how to earn ranks, levels and badges to get started.
Ask any devices or smart home question in the Devices/Security or Network Troubleshooting Categories.
Happy posting!
Ask any devices or smart home question in the Devices/Security or Network Troubleshooting Categories.
Happy posting!
Smart doorbell cameras - hackable or privacy compromised?
pwmeek
Member, Beta Tester Posts: 131
With the news that Ring cameras can be polled by police for video of a specific time/area (not continuous feed), it makes me wonder what other doorbell cameras are like in respect to privacy, both of the owner, and of passers-by (who may or may not be criminals or have criminal intent). Are we setting up a "Big Brother is watching you" situation? What about hacking? Can non-police "request" video feeds from the many brands of door cameras?
I'd like discussion and links to informative sites if possible.
I'd like discussion and links to informative sites if possible.
--Pete
Bon Vivant and Raconteur
Bon Vivant and Raconteur
11
Comments
If over a cloud service, some one (government, police, courts, etc.) demands access, they could access it. whether we liked it or not. But the hacking one if more to think, that means complete access at any time. As we know, there is nothing 100% secure, so we need to be very judicious (wanna sound smart xD) with our chooses in regard of security.
Bon Vivant and Raconteur
@kltaylor @Pooh @Pixelpopper @Marc @Crowgrandfather @Notta_Donkey1 @Mirekmal @Romulus @TheCustomCave @vulcansheart - any thoughts to add on this one?
Community Manager at Fing
I want to hit on one thing that seems to get missed frequently in regards to this. Police need a warrant.
They can't access the camera feeds at any time they please and Ring doesn't store FMV, only clips.
But this isn't exclusive to Ring. Police with a court order could subpoena video from any manufacturer.
As far as hacking goes, there have been no actual cases where the Ring or Nest devices have been compromised themselves. Every case of people hacking into a home and taking control of a camera involved weak or reused passwords and no 2FA.
Police can easily see who has a Ring camera (by its glowing ring) and come directly to the door and ask personally. (Who wants to go on record as refusing such a direct request?) Ring also offers users the opportunity to send clips directly to the police flagging the subject as "suspicious". "Neighbors" can also share clips with other users via Ring's public social network. (What stops a police department from buying a Ring and joining the network with a sock-puppet?) Once the police have a clip, they can keep it indefinitely, without any warrant, and subject it to any facial recognition software they may have.
https://www.washingtonpost.com/technology/2019/08/28/doorbell-camera-firm-ring-has-partnered-with-police-forces-extending-surveillance-reach/
To paraphrase Ben Franklin: "If people are willing to give up some privacy in exchange for some perceived safety, soon they will have neither."
Bon Vivant and Raconteur
- Security of the entire system; from this perspective I'm big fan of avoiding, wherever possible of cloud based solutions. As we are not designers of these devices, we do not really know what information is collected by smart devices, eventually transferred out and how it might be used by owners of the service. Recent cases of Facebook app 'accidentally' switching on phone camera when in in use and sending data to FB is one of such cases. If not discovered and highlighted in media, who knows for how long and for what purpose they were collecting such information. Please note that it is rather impossible that faulty code activated camera. There have to be some lines of code placed there specifically to do so, so it is not coding mistake. If we use cloud based solution, we agree to not having control over the data. We do have in place all sort of privacy agreements and I'm not saying that all companies are doing this, but if you want to be safe, take care of it.
- What information might be eventually send out. Simple example of Netatmo Weather Station - it collects and send out to the cloud data like temperature, humidity, pressure, noise level. Is it affecting my privacy? Most likely not. Is it affecting my security - this is another question! By analyzing such data one might find if I'm at home! If temperature in house is dropping, CO2 ppm is dropping, there is no noise it might means that I left home for extended period of time and it is running in away mode.
vulcansheart mentioned) you can get the same level of support from fully local system (like Synology Surveillance Station), while retaining control over data. For the same reason if I'd need to install smart doorbell, I'd go for some fully locally managed solution... obviously that would limit probably functionality of such device (remote door opening?), but staying safe is priority.
- Finally, having fully locally managed solution does not make us safe either... There are different SW/HW components of every smart device, that we do not know where these are coming from and what might be hidden inside, not by OEM, but by components providers. Not everything is open source, so can be investigated! Remember case of Supermicro being suspected to have some Chinese chips being placed on their motherboard and suspected to send some information back to China? It ended up to be just rumor, but it is possible scenario.
So it is good to have Fingbox and some tool that helps us to keep track on what is going on our network :-).
Bon Vivant and Raconteur
Bon Vivant and Raconteur
It's been my experience that government agencies never give up data voluntarily, and even contrive to get around legal efforts to force then to expunge such data.
Bon Vivant and Raconteur
I'm very much agreed with @vulcansheart on this one. I'm a huge proponent of online security/privacy, and I've been a network engineer for a major national datacenter company where security was one of our top concerns.
At home, I am constantly on VPN, have most of the web-trackers disabled, and love what EFF stands for and promotes. THAT SAID, I've been a victim of porch package theft and bike theft (u-lock was used properly and the bike still got stolen). I am willing to help the local police catch these people SO LONG as the program is opt-in. The agencies in question either need a warrant to obtain video OR have voluntary permission to do so. I don't see a problem with that.
On "giving up" privacy: What privacy is that, exactly? Nearly every business/store I walk in to has cameras, intersections here are getting more cameras, there are cameras everywhere now. Once you step foot outside your house and into the "public setting" all reasonable right to privacy vanishes. What goes on in the private setting is where my privacy concerns start. Since these doorbells don't show that, I'm good with them.
In my neighborhood, I've seen instances where porch pirates have been caught as a result of people posting doorbell or porch camera video to the "Neighbors" app and contacting the police with those videos. The police have a MUCH stronger case against thieves if they have video evidence of it happening, especially if several different neighbors have video of them performing thefts.
I have multiple ip cameras including a door bell camera; they are all wired in to my switch in my home network on a encrypted VLAN.
I do not use a public cloud based service. Instead I configured my own cloud server so I don't have to depend on anyone else's cloud servers.
The chances of my cameras being hacked/monitored from an unwanted snooper is very unlikely compared to using a well known service with public servers. Those are pretty easy to hack. =]
1010101010CG3CYBER1010101010
You *can* hack those but they are not worth the effort.
Anything more than that is usually just asking for trouble.
There is this idea that a "connected house" is a "better house"... how an why?
What even is the point of answering a doorbell if you are not at home?!
To give would be thieves the precise time in which they can go and steal what your postman has left at your doorstep? (best case scenario with total encryption)
https://duckduckgo.com/?q=police+officer+stalks+ex
The search results go on for days, and that's just one search. You don't have to work very hard to find real examples of individual police officers abusing their access to official resources. Some of those "official resources" are going to be cameras. Yes, they are "bad eggs". Yes, they sometimes get caught. (Hence the results.) No, that's not normal for police behavior. Yes, I mostly trust the police.
But just because something is against the rules, against the law, doesn't mean it doesn't happen. Otherwise no one would bother with security cameras in the first place.
So, no, I'm not inclined to give anyone blanket access to my security camera footage. Come to my door, ask nicely, explain the purpose: sure, I can help. But if all you need to do is put a potentially bogus case number into an Amazon page and you can look at all of the Ring footage captured in a 1 mile radius of a "suspected crime", without real oversight or accountability? No thank you.
And, going back to the “collect data "just because they can"” part. Maybe local government agencies don't. Let's agree that it's true! What about Amazon, or Google (Nest), or the Chinese vendor behind some security system you got for a cheap price at Costco or Walmart? You think they're not collecting every single detail about you they can, so they can "aggregate and anonymize" it and then sell it for real money? Of course they are. That's the entire business of Google and Facebook and any other business that isn't charging you money.
"If you're not the customer, you're the product." I would prefer to not be a product, thank you very much.
- Access to the system that is intentional, but is also abusable. (This is Ring, but also many others.) This is something that, with thoughtful discussion, it's possible to arrive with a systems design that works. "Access with accountability" would be my catchphrase. Devil's in the details, but I believe it's possible.
- Access to the system that's not intentional (hacking), or that is intentionally abusive (spying).
This is a lot harder to design out of any system. First, software is hard. Like, really hard. There's a reason all those software engineers in Silicon Valley make such good money. Even with the best of intentions, software defects (bugs) are inevitable, and some of them will let hackers spy on you in your own home.But second, and more important, there's often zero consequence for a company that ships an insecure product that can be hacked, even if the hacking is exposed widely. Quick, name a single company that shipped insecure cameras and was penalized. This is called "externalized costs". The company that sold you the camera doesn't pay for the consequences of their insecure product. YOU do. They externalize the consequences onto other folks, and don't pay anything for their mistakes. So why spend money (expensive software engineers) on security when you can spend less, make more, and that's the only difference?
That's not theoretical. If you want to terrify yourself, spend an hour reading through Bruce Schneier's blog, which collects literally hundreds of examples. Here's just the articles on cameras:
https://www.google.com/search?q=camera+site:www.schneier.com/blog
That's a long list, so here's a couple specifics:
- Eavesdropping by the Foscam Security Camera
- Shodan Lets You Browse Insecure Webcams
- Hacking Security Cameras
- Samsung Television Spies on Viewers
That last one is especially instructive. Anyone know if Samsung is still in business? Profitable? Still selling TVs that collect data about you? (Yes, yes, and yes.)Doesn't mean you shouldn't put up cameras around your property if you're concerned about trespassers or burglars. I do! But it's worth thinking about whether that cheap camera system at Walmart is as good a deal as the price would make you think. I spend more money on better equipment from more reputable vendors, and then I add on my own network security expertise (such as it is) to try to limit the consequences of choosing poorly.
Those are things I'm blessed to be able to do, and not everyone is so fortunate. But, still. Look before you leap.
Another way to think about it: Imagine that everything you do that's recorded by your own cameras will be put on TV for your friends and family to see, or shown to a jury. Everything. We probably all think of ourselves as good people, but remember the famous quotation from Cardinal Richelieu:
"If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him."
I might not hang, but if a picture is worth a thousand words, how many "lines" is a few hundred hours of video worth? I'm certain I'd be embarrassed, or lose a friend, or something. That's the point Richelieu was making: We all would.
Bon Vivant and Raconteur
Ring’s Hidden Data Let Us Map Amazon's Sprawling Home Surveillance Network
I suppose you can take the viewpoint that the cameras are focused on public areas. Still, it's obvious that Ring's "security" is...porous. Even if you don't care if your footage is accessed, what about compromising and getting into the devices themselves, and using them to discover things that are inside your house? Perhaps those other devices on your network hold more interesting information that you'd prefer stayed private.
I get that Ring's hardware, prices, and service are attractive. I'd love to be able to trust them myself! But given all the questionable things we know about, I have to wonder what we don't know about. How many more shoes are out there to drop? Seems like the company has other interests besides mine.
There's almost 700,000 active police officers in the nation. They published a list that reflects less than 1% are investigated annually for misconduct. Not exactly a statistic that makes them the "enemy". But, you are allowed your opinion of course.
Statistics has nothing to do with it. There was nothing ever said about statistics. There have been people framed, had drugs planted on them, been raped, you name it and it has been done. Let’s stick to the facts. If a person doesn’t feel like the police should have access to things, that is their right. You shouldn’t try to persuade them. You can vote as you please and believe as you please. Others should reserve that same right. Just one cop alone in my city is responsible for raping 8 women. Statistics or not that is 8 women too many.
You have taken this completely out of the park. Bottom line is this. If someone doesn’t want the police in their privacy, they have the right to take that stand.