• cley_faye@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    It is a bad idea. On one hand, we have the mean to make them quite secure. There is no such thing as an unbreakable encryption, but with proper key management and using decent enough algorithms we can totally do something that puts your camera out of reach of most thing that are not nation-scale organisations. On the other hand, it’s mildly more inconvenient than “installing an app and entering your email”, as it might require stuff like doing a tiny little bit of setting up.

    So, the unsecure/“trust the service” way it is.

    • frododouchebaggins@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      1 year ago

      What’s the alternative to putting them on the pUbLic InTeRnEt? I pay my ISP $2000 per month for my own private commercial circuit? It’s not a bad idea because there is no reasonable alternative. Risk mitigation is the key, as you seem to be aware.

      • JonEFive@midwest.social
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        There’s certainly a middle ground between IOT cameras sending a constant stream out to an internet server and a completely private circuit.

        First, let’s put the NVR inside the network so that we aren’t constantly broadcasting to the internet.

        Then let’s not allow direct access to the cameras from the internet. Instead, we connect to the NVR via a VPN.

        You keep control of all the recording and storage infrastructure, and you don’t place your trust in these corporations that have been found over and over again to be lying or overstating their security stance.

      • cley_faye@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It’s a bad idea because of the de-facto “requirement” that people want everything available everywhere with zero setup, causing cheap, completely insecure solution to become the norm. Just don’t use “cloud-based, app-enabled zero-config ultra easy trust me bro I know what I’m doing” camera and get proper stuff that allows you to control what goes where and use decent encryption.