this post was submitted on 14 Dec 2023
224 points (99.1% liked)

Technology

59219 readers
3320 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
all 35 comments
sorted by: hot top controversial new old
[–] 0110010001100010@lemmy.world 97 points 11 months ago* (last edited 11 months ago) (3 children)

There's a very good reason my cameras stay internal only and are blocked 100% from the internet. I can access them via the NVR with a Wireguard tunnel when I'm away from home if need be.

[–] BombOmOm@lemmy.world 29 points 11 months ago (2 children)

Same here; LAN only with a VPN to get into the LAN. There is no reason to send my camera feeds to another party. All that can come from that is trouble.

[–] Sixner@lemmy.world 3 points 11 months ago (1 children)

What cameras/setup do you use (or just recommend)?

[–] BombOmOm@lemmy.world 6 points 11 months ago* (last edited 11 months ago) (1 children)

Currently using BlueIris to read/record streams from Ubiquiti IP cameras* set to run in standalone mode. I chose that software since it is a one-time purchase rather than something monthly; and chose the cameras as they were fairly inexpensive when I bought them (5ish years ago) and they supported power over ethernet, which makes running cables to them so much easier (just have to run a single ethernet cable to them, don't need to run a separate power cable).

I'll probably be redoing my setup in the future. Most notably swapping out BlueIris (Windows) for something Linux based as my trust in Microsoft has steadily declined.


*I do enjoy the irony of these being mentioned given the thread we are in. I at least have them banned from talking to the internet.

[–] flatpandisk@lemm.ee 2 points 11 months ago (1 children)

I never ran BlueIris as I couldn’t bear to install windows. For Linux try Frigate NVR.

[–] phx@lemmy.world 20 points 11 months ago (1 children)

Ditto. "The Cloud" is just another name for somebody else's computer which you don't control

[–] 0110010001100010@lemmy.world 14 points 11 months ago

As always, relevant XKCD: https://xkcd.com/908/

[–] Sixner@lemmy.world 4 points 11 months ago (1 children)

What cameras/setup do you use (or just recommend)?

[–] 0110010001100010@lemmy.world 3 points 11 months ago

Reolink, Ubiquiti, Dahua, Amcrest, and Wyze. Nice thing about a third-party NVR is you can mix and match whatever is cheapest or best for a given spot. I'm currently using iSpy Agent for the NVR as it's runs nicely in docker. Then I layer Codeproject.AI over top for person detection rather than just generic motion alerts. I'm using a 2090 Ti GPU (which is WAY overkill but I got it for free) to make the AI detection very fast.

[–] Kanzar@sh.itjust.works 40 points 11 months ago (3 children)
[–] ReducedArc@lemmy.world 4 points 11 months ago

Wyze users: first time?

[–] RGB3x3@lemmy.world 3 points 11 months ago (2 children)

What's the low down on this? I just bought a Eufy system thinking it was great because all the video storage is local.

[–] hedgehog@ttrpg.network 3 points 11 months ago

https://www.theverge.com/2022/11/30/23486753/anker-eufy-security-camera-cloud-private-encryption-authentication-storage

https://www.theverge.com/23573362/anker-eufy-security-camera-answers-encryption

Basically there are instances where e2ee was promised but not actually present.

I believe that images sent alongside notifications may lack e2ee as well but am unsure.

[–] Kanzar@sh.itjust.works 1 points 11 months ago

Still remote access so... 🤷🏻‍♀️

[–] altima_neo@lemmy.zip 1 points 11 months ago (1 children)

As a eufy user, now I don't feel so bad

[–] kattenluik@feddit.nl 1 points 11 months ago (1 children)
[–] altima_neo@lemmy.zip 3 points 11 months ago

I mean I still feel bad

Just not as bad.

[–] TWeaK@lemm.ee 22 points 11 months ago (3 children)

If you can access the data, so can someone else.

[–] ripcord@kbin.social 18 points 11 months ago

Yep, just confirmed there is no end-to-end encryption and that they can see anyone's cameras at any time (or anyone that compromised ubnt)

[–] thefartographer@lemm.ee 17 points 11 months ago (2 children)

That's not true! I bet you can't see this comment cuz I'm real super sneaky on the security.

bFxPnS*Z4

Shit, I accidentally pasted my password into a comment again. Guys? How do you delete a password from a comment?

[–] dhork@lemmy.world 27 points 11 months ago* (last edited 11 months ago) (3 children)

Hey, Lemmy's security works awesome! All I see is

'********

Hey, someone else try posting their password here to see if it works!

[–] 0110010001100010@lemmy.world 32 points 11 months ago (1 children)
[–] CosmicTurtle@lemmy.world 7 points 11 months ago

Yup. Works!

How about mine: hunter3

[–] rynzcycle@kbin.social 15 points 11 months ago (1 children)

Jokes on you, my password is just 8 asterisks... Wait crap.

Brb changing all my passwords.

[–] otp@sh.itjust.works 4 points 11 months ago

Actually, it's a best practice to not reuse passwords, so any site would block you from reusing one! You're fine.

[–] radix@lemm.ee 7 points 11 months ago (2 children)

hunter2 jokes aside, that's a pretty good password.

[–] Toribor@corndog.social 5 points 11 months ago

Not anymore.

[–] thefartographer@lemm.ee 3 points 11 months ago

Thank you! I launched NordPass and generated it just for the bit!

[–] Dave@lemmy.nz 7 points 11 months ago (3 children)

The only safe data is data that no one can access, including yourself?

[–] cubism_pitta@lemmy.world 10 points 11 months ago

Best place to start if you're taking security seriously; Implementing file encryption for example has to start with "I would rather that I myself potentially lose access to this data than for it to possibly fall into another person's hands."

[–] TWeaK@lemm.ee 7 points 11 months ago

When I lose things it's almost always because I've put them in a safe place. Safe from me!

But yeah it's really about factoring in likelihood and opportunity. I think it helps to compare physical and digital spaces. If you have a CCTV system, then anyone could watch the monitors and see what's happening - however they'd have to get into the building, find their way to the secure room, log in to the system, etc. When something is online it creates better opportunity for surreptitious access and also greater likelihood in terms of the number of people who could potentially come across it. While in the physical space you might get away with having staff control access during the day and locking the door at night, online you have to have far more robust security measures to achieve the same level of safety.

So it's maybe better to say: the easier it is for you to access data, the easier it is for someone else to.

[–] ripcord@kbin.social 2 points 11 months ago