logo elektroda
logo elektroda
X
logo elektroda
Advanced Search
logo elektroda

Cheap IP camera - freedom from the cloud

pixel7 9468 53
ADVERTISEMENT
Treść została przetłumaczona polish » english Zobacz oryginalną wersję tematu
Reply Cool? Ranking DIY | New topic
Notify about new articles
  • Good morning!

    Below I will present a brief technical description of the device itself and steps to free it from the manufacturer`s cloud without changing the firmware.

    White rotating camera with WiFi antenna and mounting plate.

    I bought the camera on a well-known auction site, it cost PLN 75 then, now it costs PLN 85.

    Product image of an Asato outdoor rotating IP camera on an e-commerce platform.


    TECHNICAL DESCRIPTION

    Technical data according to the seller:
    Quote:

    Waterproof: IP65 - the camera is resistant to rain, snow and other difficult weather conditions.
    Connection type: WiFi - wireless connection of the camera to the home Internet network, providing easy access and remote control.
    Recording resolution: 1080p (Full HD) - provides high-quality, detailed video image.
    Zoom function: digital 4x
    Antenna: 5dBi - provides a strong and stable WiFi signal, increasing the range and reliability of the wireless connection.
    WiFi standard: 2.4GHz - compatible with most home routers, offering easy configuration and stable connection.
    Camera program: Ease Life - an intuitive mobile application that allows you to easily manage your camera.
    Power supply: DC 5V/2A
    Infrared diodes: 21x IR LED - allow for clear viewing in complete darkness, also at night.
    Recording function: microSD card / cloud - offers flexible options for saving recordings, both locally on a microSD card and remotely in the cloud.
    Supported cards: microSD up to 128GB
    Photo function: yes


    To install the camera, use the appropriate application (Aview) available for mobile devices.
    Using it, we can connect it to the home WiFi network (STA) or use it in AP mode (connect to its hotspot).
    To be able to connect to the camera remotely, we need to log it into the Alibaba cloud (CN) and everything that happens to it goes through their servers (!).
    This creates a huge danger because we have a foreign device in our LAN with full access to the network, and I don`t need to explain what can be done in such a configuration..

    The device can be easily disassembled, 3 screws connect the balls to the camera and the whole thing is suspended on the ears of the rotating mechanism (1 screw).
    I had to disassemble it to replace the power cable - the original one was a 15 cm cable with a plug, I replaced it with a longer one.
    I don`t want to go into the details of the construction - one note, the rotation mechanisms do not have information about the position, everything is based on the number of rotation steps,
    at startup, full-range calibration must occur in both axes.

    Below are some photos of the interior.
    Main board:
    View of the interior of an IP camera with visible main circuit board and wiring.

    WiFi module:
    Interior of an IP camera with visible main board and WiFi module

    Motor controls and their appearance:
    Close-up of a camera's main circuit board with wires.
    Interior of an IP camera with visible circuit board and wiring. Close-up of the interior of a camera showing the motor and wiring.

    LISTENING TO THE PROTOCOL

    The camera, like most, supports the RTSP protocol, enabling the transfer of image, sound and more (duplex).
    I haven`t found any description of the specific addressing of this device on the Internet, but after scanning its available ports, the most interesting one is
    554 turned out to be open - but none of the popular address combinations worked.

    I decided to listen to her communication using PCAPdroid (on the phone), but the communication with the external cloud was immediately secured by TLS, so I didn`t learn much.
    Frame examples:

    Screenshot showing network data of TCP and TLS packets.

    Changing the connection mode to AP helped, I reset to the factory and connected directly.
    It turned out that the application easily uses only RTSP for communication and without encryption.
    I saved sample packets from the phone while I was working and analyzed them.

    Screenshot showing network traffic analysis results using the RTSP protocol.

    IMAGE STREAM

    After initial analysis, I used a simple python script to capture the video stream.
    Just use the ready-made openCV (it can natively decode this stream):

    Code: Python
    Log in, to see the code


    The above example takes image frames, scales to, and previews on screen.
    Once prepared, we can use it freely, save it as a bitmap or paste a movie on the fly.
    In my case, they go to rpi where AI analyzes the data and recordings (NVR) are created.

    CONTROL OF CAMERA MECHANISMS

    The camera has a rotating mechanism. I also discovered access to it in the RTSP transmission logs.
    It turns out that the camera has the ability to read and respond to feedback messages. While working, I managed to call up a list of its parameters:
    Quote:

    1 Up_Start
    2 Down_Start
    3 Left_Start
    4 Right_Start
    5 Right_Up_Start
    6 Right_Down_Start
    7 Left_Up_Start
    8 Left_Down_Start
    9 PT_Stop
    10 Zoom_Tele - max zoom 12
    11 Zoom_Wide - min zoom 1
    12 Zoom_Stop
    13 Focus_Near
    14 Focus_Far
    15 Focus_Stop
    17 IRIS_CLOSE
    18 IRIS_Stop


    To manage these settings, you must send the appropriate frame with the command.
    Surprisingly, the control commands run without logging in!

    The rotation is in 2 stages, first start:
    Code: Bash
    Log in, to see the code


    then stop rotation:
    Code: Bash
    Log in, to see the code


    The -cmd parameter indicates the type of action (as listed above)
    The time between sending packets is also dependent on the -data2 55 parameter (speed).

    Another example, setting the date and time:
    Code: Bash
    Log in, to see the code


    Below is an example class for handling rotation (up - down), which I wrote after understanding the command structure, and I am gradually adding new ones.

    Code: Python
    Log in, to see the code


    As I mentioned above, the camera can be rotated by controlling the rotation time and speed, and due to the lack of position information, you have to remember their number for each position change.
    It certainly saves the last ones itself, because it sets them after a restart.

    class="notranslate"> DISCONNECTING FROM THE MANUFACTURER`S CLOUD

    Being able to freely control the camera, I left it connected to my LAN, but blocked its access to the Internet on the router. In this situation, the manufacturer`s application does not see the camera, it considers its status as offline and no data is sent.
    However, this means that there is no access from the outside.
    In my case it doesn`t matter, the camera is controlled by rpi, the image is sent to it, I have another way of viewing it - restream via my internal www.
    Additionally, I have a public IP, my own openVPN server, and my devices (telephone, computer, etc.) are usually connected when I am outside, so they behave like in a LAN.

    CONCLUSIONS

    The camera generates quite a good image both during the day and at night, and additionally has LED illumination (white and IR).
    I have virtually full access to it and the ability to control its parameters.
    Currently, the image from it goes to rpi, where it is analyzed by AI. The camera observes the road in front of the house. Recognizes movement, its direction, moving objects (person, car), works on tracking and following the object, etc.

    Probably most of these types of cheap IP cameras can be used without the original and UNSAFE manufacturer`s software, but then you need your own additional software.

    Mr.

    Cool? Ranking DIY
    About Author
    pixel7
    Level 23  
    Offline 
    pixel7 wrote 637 posts with rating 145, helped 53 times. Live in city warszawa. Been with us since 2007 year.
  • ADVERTISEMENT
  • #2 20959744
    gulson
    System Administrator
    Thanks for presenting the solution to disconnecting from the cloud and being independent!
    If you write to Paczkomat, I will send you a small gift.
  • #3 20959790
    prosiak_wej
    Level 39  
    pixel7 wrote:
    The camera generates quite a good image both during the day and at night, and additionally has LED illumination (white and IR).


    Well, maybe some samples?
  • #4 20959889
    chemik_16
    Level 26  
    Peel off the plate from the CPU. But generally speaking, I see that it`s an ingenic board, so you can upload openipc there.
    They come in various configurations, even with 3 cameras
  • #5 20960807
    siewcu
    Level 35  
    Please tell me what could be so dangerous that such a camera could do. I`m curious, people keep saying that it`s so dangerous and I wonder what harm Alibaba can do to me. Will they come from China and rob the house? I`m asking seriously, because you only wrote Chinese = dangerous, without any specifics.
  • #7 20960910
    pixel7
    Level 23  
    prosiak_wej wrote:
    Well, maybe some samples?
    : :

    Yes, I will post examples in the evening.

    chemik_16 wrote:
    Peel off the plate from the CPU. But generally speaking, I see that it`s an ingenic board, so you can upload openipc there.


    I didn`t know there was an alternative to this processor, I didn`t even care what it was like.
    It meets my needs, so I didn`t interfere that much.

    siewcu wrote:
    Please tell me what could be so dangerous that such a camera could do. I`m curious, people keep saying that it`s so dangerous and I wonder what harm Alibaba can do to me. Will they come from China and rob the house? I`m asking seriously, because you only wrote Chinese = dangerous, without any specifics.


    With the system logged into a FOREIGN network, I can:
    1. Cause an attack outside this network (DDOS, etc.), be included in a troll farm - the owner will be blamed.
    2. Scan, collect information about devices, extract passwords floating around LAN, etc., e.g. in many (commercial!) systems, login and pass to SQL are in CLEAR text.
    3. Would you install one in your bedroom, for example?

    I don`t understand this approach to today`s technology. Users lack imagination. The Chinese may not be evil to the core, but unlike others, their imagination is exceptionally extensive. They have a lot of experience with painting. Their society has accepted surveillance, do we want it too?


    This is the beginning of the Privacy Policy of this app. Who read and agreed?
    Screen displaying the Chinese privacy policy of the AView app with publication and effective dates.
  • #8 20960953
    michał_bak
    Level 23  
    >>20960807

    This is true, and whoever feels threatened does not have to buy what he thinks is dangerous.
    Moreover, I am curious whether such interference with the software is not a copyright infringement. If someone does the same to our work, will we applaud them because it`s clever?
    Privacy policy? Who reads the consents we must give to use anything? Google knows more about us than we do.
  • ADVERTISEMENT
  • #9 20960975
    pixel7
    Level 23  
    michał_bak wrote:
    Moreover, I am curious whether such interference with the software is not a copyright infringement.


    In this case, there is no interference with the device. I only use the data created by the manufacturer. Can be used in AP mode to not send anything outside.
    Besides, you don`t have to eat just soup with a tablespoon. And I`ve seen much more interesting uses of it. I don`t think the manufacturer has any influence on this, no one has bent the spoon, cut it, etc...
  • ADVERTISEMENT
  • #10 20961155
    dktr
    Level 25  
    I always cut off access to the Internet on routers for cameras, light bulbs, vacuum cleaners, and basically everything that doesn`t need it, sometimes I only leave access to the time server. People don`t realize that these devices are normal computers that can, for example, set up an L2TP tunnel and give someone access to our Internet.
  • #11 20961656
    kris8888
    Level 39  
    pixel7 wrote:
    With the system logged into a FOREIGN network, I can:
    1. Cause an attack outside this network (DDOS, etc.), be included in a troll farm - the owner will be blamed.
    2. Scan, collect information about devices, extract passwords floating around LAN, etc., e.g. in many (commercial!) systems, login and pass to SQL are in CLEAR text.

    I`m asking out of curiosity, because I don`t know much about it, whether some smart home devices, such as detectors, switches operating under the supervision of servers and the Chinese Tuya cloud, also carry the same danger?
    And if so, is there a way to free yourself from the cloud?

    Is it really possible to break into a foreign network through an innocent motion detector or smart switch?
  • #12 20961720
    chemik_16
    Level 26  
    Sure. The same principle - each detector is a microcontroller - a computer connected to your local network.

    All controllers used in Tuya`s iot are currently supported by alternative software, the rest of which is extensively described here on the forum.
    Tasmota/ openbeken etc.
  • #13 20961751
    operator5wp
    Level 16  
    I also suggest checking whether the camera can be connected to the rx/tx serial board (baud 115200) via a USB converter, so that you can see what the system is like and the ability to send commands via putty.
  • #14 20961806
    kris8888
    Level 39  
    chemik_16 wrote:
    Sure. The same principle - each detector is a microcontroller - a computer connected to your local network.

    Well, you`ve got me a little worried. Does this mean that such a detector can monitor and collect all traffic from the local network and then send it anywhere in the world without my knowledge?
    Can this be limited somehow without giving up the tuya cloud? For example, by installing a separate router or creating a separate, separate subnet in my local network, intended only for communication with all Tuya detectors and switches?
  • #15 20962066
    Janusz_kk
    Level 39  
    kris8888 wrote:
    Does this mean that such a detector can monitor and collect all traffic from the local network and then send it anywhere in the world without my knowledge?

    You have :)
    " Nicole Eagan, president of the cybersecurity company Darktrace, revealed that one of the American casinos had fallen victim to hackers. There would be nothing extraordinary about it if it were not for the fact that they used a smart thermometer to monitor the water in the lobby. aquarium. Hackers managed to steal information from the casino`s valuable database, i.e. transaction messages, as well as employees` private data.
    - The attackers entered the network "through a thermometer," Eagan said in an interview with the Wall Street Journal. - Then they found the database and copied it to the cloud through the gateway of the aquarium device.
    Because IoT devices are usually relatively simple, they often do not contain any special security measures beyond the typical Wi-Fi solution - WPA2, which in itself is not a very strong line of defense.

    https://mlodytechnik.pl/news/29289-wlamanie-do-kasyna-prze-termometr-w-akwarium
  • #16 20962132
    kris8888
    Level 39  
    On the other hand, does such potential surveillance of a local network using smart devices such as detectors or cameras connected to the cloud differ that much from surveillance by Microsoft, Google or Apple, often with the full consent of users?
    Even if my Internet activity or the name and password of my WiFi network are transferred to the Tuya cloud, nothing should happen.
    I do not share the resources of local disks of computers connected to the network with each other, the computers do not "see" each other, so such smart devices probably do not have access to it either. Unless such access can be easily broken.

    Well, what should users of Chinese solar inverters, e.g. Sofar, also controlled and managed via the cloud (e.g. Solarman application) say? There are thousands of them.
    Not to mention Chinese smartphones from Xiaomi, Huawei and others. This is a completely open window to everything.
  • ADVERTISEMENT
  • #17 20962217
    analog_6
    Level 16  
    kris8888 wrote:
    I do not share the resources of local disks of computers connected to the network with each other, the computers do not "see" each other, so such smart devices probably do not have access to it either. Unless such access can be easily broken.
    A long time ago I purchased a Lenovo network drive, which is not a bush. the disk did not have access to the Internet. It was connected to the LAN, of course, but it did not have a configured gateway, which did not have an obvious address. And I was quite surprised when this disk started informing me about available updates... So... Since then, all the important things I store on that disk are encrypted with truecrypt (the still secure version).
    Quote:
    Well, what should users of Chinese solar inverters, e.g. Sofar, also controlled and managed via the cloud (e.g. Solarman application) say? There are thousands of them.
    They probably can`t say anything, they can at least create an independent network for this device.
    Quote:
    Not to mention Chinese smartphones from Xiaomi, Huawei and others. This is a completely open window to everything.
    That`s true. I use the "relegated" P40pro myself, because it has become unwanted in the family, and it would be a pity to sell such a solid and fancy device for pennies. But I don`t have anything on it except my Google account, which I use for "important" purposes such as emails on the Internet... :) And of course, no cloud syncing, no consent for anything beyond the basics. To what extent this is possibly respected is a separate topic... I would be more afraid of apps installed even from the Google store.
    On a side note, Samsung also tracks and collaborates well via smart TV, as I recently discovered.
    PS Monitoring, although from the domestic company BCS, because it uses Chinese servers, is running on a network completely separate from the home LAN. Their only common contact is the common 230V phase and the UPS of the modems :)
    I wouldn`t connect any smart crap to my home network FOR ANYTHING. That`s why I opened this thread, because I don`t even touch on similar topics.
    This is probably not the rule, but I think that the flood of the world with Chinese smart home devices is intentional and controlled, perhaps even sponsored. A bit like the Catholic Church cultivating followers when the children don`t speak well yet and their sister is already teaching the beads in kindergarten. Chacha was imbued with the only true religion from childhood, and then 80% of the nation`s followers...
  • #18 20962291
    dktr
    Level 25  
    Quote:
    A long time ago I purchased a Lenovo network drive, which is not a bush. the disk did not have access to the Internet. It was connected to the LAN, of course, but it did not have a configured gateway, which did not have an obvious address. And I was quite surprised when this disk started informing me about available updates... So... Since then, all the important things I store on that disk are encrypted with truecrypt (the still secure version).


    And everything was fine, the disk itself did not have access to the Internet, but the computer from which you logged in to the disk configuration panel already had access and at this stage information was provided that there was a new update.
  • #19 20962301
    elektryku5
    Level 39  
    dktr wrote:
    And everything was fine, the disk itself did not have access to the Internet, but the computer from which you logged in to the disk configuration panel already had access and at this stage information was provided that there was a new update.


    This could have been the case, but another mechanism that I encountered in the rice router could also have worked, i.e. a fixed LAN IP was set, working in AP mode, and it still downloaded a different address via DHCP.
    Besides, there has been a lack of success with routers lately, in the past, any router I could get used to run DD-WRT or OpenWRT, and now it`s very hard to find one, because modern routers can have less RAM and flash than the old ones that used to have it, and besides, Open doesn`t work I really like Realtek and MediaTek...
  • #20 20962312
    pixel7
    Level 23  
    kris8888 wrote:
    I`m asking out of curiosity, because I don`t know much about it, whether some smart home devices, such as detectors, switches operating under the supervision of servers and the Chinese Tuya cloud, also carry the same danger?


    As mentioned earlier - yes, EVERY such device is like an old tin computer. Imagine how many of these there are in your home...
    Moving them to a separate, isolated subnet will protect them from being recognized by other devices. but they themselves perfectly describe your behavior at home - what and how you use it.

    Today it may not be important, but this type of metadata builds huge databases of social behavior and people`s lives.
    Images from such cameras can be used to train networks by building a virtual environment in which they are located. They don`t even have to have goggle cars! We provide their data ourselves and pay for the devices...

    kris8888 wrote:
    Well, what should users of Chinese solar inverters say?


    So producers will have precise information on how much energy is used, when, where and by whom. In case of conflict, it is easy to attack critical areas.

    I would like to add that I would like to manage a cloud of such devices and sell services "under the counter", just like it is done on the market. There are plenty of offers and customers.
  • #21 20962484
    Erbit
    Level 38  
    kris8888 wrote:
    I`m asking out of curiosity, because I don`t know much about it, whether some smart home devices, such as detectors, switches operating under the supervision of servers and the Chinese Tuya cloud, also carry the same danger?


    Unfortunately yes. Each connection to the outside (and especially to the cloud) is a permanently open tunnel that can be used to get to the inside of your network (this is how VPNs work). That`s why I don`t use Tuya, but I use Tasmota and as my colleague @dktr described above >>20961155 I prevent all devices from accessing the cloud. What`s more, I have questionable devices on a separate VLAN, so if something happens, no one will get to my computer (because these two networks are separated). Interestingly, I have several Sonoffs which, even after installing alternative software (Tasmota), try to connect to some IP, probably Amazon (if I remember correctly).

    I also laugh that I`m waiting for one day when all washing machines connected to the cloud will break dance instead of washing clothes.

    For those who don`t believe, I suggest a topic from my footer (just read what the author of that topic came with) and, for example, this topic -> https://niebezpiecznik.pl/post/olbrzymia-wpadka-ubiquity-mozna-bylo-podejrzec-cudze-kamery -and-manage-other-others-networks/

    Added after 5 [minutes]:

    siewcu wrote:
    Will they come from China and rob the house?

    In the link in my footer, the most likely scenario is the use of a hole in the router`s software or a hole in cameras and other devices exposed outside. The "guys" used the address, then wearing a balaclava they withdrew the stolen cash from an ATM (maybe even in China, but I think it was in Europe) from a seized bank account, to which they transferred the stolen cash, and the author of the topic explains himself to the prosecutor so they didn`t have to come from China and rob the house but 100% certain equipment at home became part of a botnet and was used for crime .

    Added after 6 [minutes]:

    siewcu wrote:
    Chinese = dangerous, without any specifics.

    It`s not about Chinese. This is about the ignorance of users with an approach like yours and also about the "heroes of your network". I hope that what I described above is a sufficient argument for you.
  • #22 20962805
    Nepto
    Level 20  
    kris8888 wrote:
    Is it really possible to break into a foreign network through an innocent motion detector or smart switch?

    Yes.

    An interesting example was the theft of data from a casino through a hack that started with an automated aquarium (!).
    More information e.g. here: https://www.forbes.com/sites/leemathews/2017/...cked-a-fish-tank-to-steal-data-from-a-casino/
    In short,
    Quote:
    Here`s one of the most unconventional: a fish tank. Not just an ordinary fish tank, mind you, but a fairly high-tech one that featured Internet connectivity. That connection allowed the tank to be remotely monitored, automatically adjust temperature and salinity, and automatic feedings. It also allowed hackers to swipe 10 gigabytes of data (..).

    By translating
    Quote:

    And here is one of the most unconventional: an aquarium. Not an ordinary aquarium, but very technologically advanced with Internet connection. This connection enabled remote monitoring of the aquarium, automatic temperature and salinity adjustment, and automated feeding. It also allowed 10 gigabytes of data to be stolen (...)


    Edit: @Janusz_kk: oh, I see that we remember the same case :)
  • #23 20962830
    Erbit
    Level 38  
    kris8888 wrote:
    ...Does this mean that such a detector can monitor and collect all traffic from the local network and then send it anywhere in the world without my knowledge?

    Not by itself, but if someone from outside contacts it through a cloud connection and plays around with it, then yes.

    However, you would have to be such a "casino" because someone wanted to find access to you. A better example of such a threat (real this time) is the link in my footer where one explanation for what happened there is a hole in the software (router or camera).

    kris8888 wrote:

    Can this be limited somehow without giving up the tuya cloud?

    No, because it`s about connecting to the cloud, without which Tuya stops working.
  • #24 20962843
    tzok
    Moderator of Cars
    Most "mid-range" routers and above have the option of creating multiple WiFi networks, with the option of separating them into a separate VLAN (AP isolation or guest AP, it is usually called). Connecting a camera or any other IoT element gives it access to the Internet (cloud), but not to the local network. Of course, it is still a programmable electronic device with a radio module and Internet access placed in our home/business.
  • #25 20963061
    kris8888
    Level 39  
    analog_6 wrote:
    On a side note, Samsung also tracks and collaborates well via smart TV, as I recently discovered.

    You set a good example with these smart TVs. After all, these are quite fancy "computers" permanently connected to the local network. The devil knows what they download and what they send to the outside network without the user`s knowledge. Especially the Chinese ones TCL and Hisense.
    It seems to me that we will not be able to completely escape from cloud solutions and some surveillance of user activity. It`s a matter of being aware of this and protecting your privacy as much as possible.

    It is known that the most doubts and controversies concern these cameras in the cloud. And in fact, I would never connect such a device to my network at home. And these ordinary smart sensors or switches operating, e.g. in the Tuya cloud, are probably not that dangerous. It`s true that I don`t have a permanent, public IP address, but maybe for peace of mind I`ll move all my detectors and switches to a separate VLAN in the router and separate them from the rest of the local network.
    analog_6 wrote:
    This is probably not the rule, but I think that the flood of the world with Chinese smart home devices is intentional and controlled, perhaps even sponsored.

    It`s definitely sponsored. After all, who would benefit from maintaining and powering servers that control millions of smart devices around the world for free? Therefore, Tuya is "free" for users.
  • #26 20963102
    Erbit
    Level 38  
    kris8888 wrote:
    And these ordinary smart sensors or switches operating, e.g. in the Tuya cloud, are probably not that dangerous.


    That`s exactly how people think. You show them, you explain... and that`s it.

    Of course, they are not dangerous as long as they work as intended and no one (no hacker) has broken into such a cloud. At the same time, I will write once again that I am far from saying that a "hacker" will want to personally attack my network. It won`t be because I`m a "nobody", but as the example from my footer shows, I can act as an intermediary in a crime without even knowing about it.

    Well, they are definitely safe... stick to it.
  • #27 20963155
    Janusz_kk
    Level 39  
    kris8888 wrote:
    Well, what should users of Chinese solar inverters, e.g. Sofar, also controlled and managed via the cloud (e.g. Solarman application) say? There are thousands of them.

    You can choose not to plug in the WiFi module, that`s what I did. I don`t need remote reading, so no one will break into it.
    I recently read about popular inverters in Germany, where a man discovered a fairly trivial way to hack into them and either make a fool of the user or create an army of bots, because for this purpose hackers most often use devices such as routers, cameras and similar small items permanently connected to the network. There are scripts combing the web and trying to hack into standard passwords. Therefore, it is essential to change your password to a strong one.

    analog_6 wrote:
    On a side note, Samsung also tracks and collaborates well via smart TV, as I recently discovered.

    Here, a good solution is to cut it off from the network, either completely or block Samsung`s websites, I have the TV completely disconnected and connected to the network and I have it connected
    "Xiaomi Mi TV Stick SMART 8 GB media player" is also Chinese, but at least it does not have access to the camera from the TV :)
    This also has the advantage that the original TV software becomes outdated quite quickly for e.g. new codecs or vod company applications, and it is easier to update such a pen.
  • #28 20963200
    Erbit
    Level 38  
    Janusz_kk wrote:
    I don`t need remote reading, so no one will break into it.


    If someone needs "remote reading", they run VPN at home. You log in to your network from the outside and view data through an encrypted channel, which means it can be done more safely. With a VPN you can break down everything the same as from the local network.

    [edit]
    At the same time, I somehow get the impression that most users use the "cloud" while at home, i.e. in the local network.
  • #29 20963322
    tzok
    Moderator of Cars
    A VPN server with a fixed IP is a sure and constant target of attacks ;)

    Janusz_kk wrote:
    to the network and I have "Xiaomi Mi TV Stick SMART 8 GB Media Player" plugged in
    You know this thing has a built-in microphone ;)
  • #30 20963335
    Erbit
    Level 38  
    tzok wrote:
    A VPN server with a fixed IP is a sure and constant target of attacks ;)


    I thought there was no need to write this, but if necessary, I will write it. Drop input on WAN solves all the problems of attacks.

    [edit]
    I didn`t read it: in the case of VPN itself, strong passwords are enough, and for those who are very scared, changing the port and possibly port knocking.
Reply Cool? Ranking DIY | New topic
Notify about new articles
Report a violation of the law

Topic summary

The discussion revolves around a cheap IP camera purchased online, which requires connection to the Alibaba cloud for remote access, raising concerns about security and privacy. Users share methods to disconnect the camera from the cloud without altering its firmware, including using alternative software like OpenIPC and Tasmota. The risks associated with IoT devices, particularly those connected to foreign servers, are highlighted, including potential data breaches and unauthorized access to local networks. Participants also discuss the implications of using smart home devices, such as those operating under the Tuya cloud, and suggest isolating these devices on separate VLANs to enhance security. The conversation emphasizes the importance of understanding the privacy policies of such devices and the potential for surveillance through seemingly innocuous technology.
Summary generated by the language model.
ADVERTISEMENT