Be careful if you have surveillance cameras installed at home! Someone may be live streaming your home online

In 2019, a piercing sirens suddenly passed through the camera and scared a family in Florida, USA.

"Is this your child?" an unfamiliar voice said from the Ring camera. "How are you? How are you? Welcome to NulledCast."
NulledCast is a podcast that airs live on Discord, where hackers show how easy it is to hack into Ring and Nest smart home cameras and use their built-in speakers to chat with and harass their unsuspecting owners.

??? How scary! Image source: "Everything" magazine

Such things are not uncommon, and many netizens said they had the same experience:
"I originally installed a camera at home to prevent my cat from getting into trouble when left alone at home, but it was hacked. The person directly controlled the camera to move around, looking at the environment at home, and even paused and zoomed in. I was really scared when I watched the playback..."
"I installed a camera in my bedroom. When I checked it that day, I found [2 people online] and my scalp went numb for a moment."

"I have a say! I used to work in the back office installing surveillance cameras, and I can see the images of every surveillance camera sold!"

According to statistics, as of October 2022, about half of American households with Internet access have installed home security systems, surveillance cameras, visual smart doorbells and other devices . But at the same time, these cameras have brought new "troubles": neighbors' daily travel is inevitably captured in the camera, and the visual smart doorbell recognizes them as strangers and issues warnings; people with ulterior motives secretly take pictures of others in the name of personal safety; videos saved in the cloud may be sold...

The Federal Trade Commission fined Ring $5.8 million after finding that employees of Amazon-owned company Ring had unfettered access to customer videos for years . The agency said Ring employees were able to easily download any customer's videos and then view, share or upload them to other networks at will.

Home surveillance cameras have become a nightmare for many people. Many people choose to unplug them or cover them with blankets as soon as they get off work. Image source: tenor

In addition to the fact that employees of the monitoring equipment company can view the video themselves, the main reason for the camera footage leak is probably the leakage of the fingerprint feature of the camera port , plus the setting of an overly simple password . In the same report discussing the privacy issues of Ring, the Federal Trade Commission also pointed out that Ring does not limit the number of times an individual (or program) enters an incorrect login password, making it easy to use brute force to crack the password.

A 2019 investigation by Motherboard revealed that the Ring system even allowed accounts to log in simultaneously in different countries, and did not mark the number of users logging into the same account or record login information . The company also did not actively respond to multiple incidents of stolen usernames and passwords and fix the vulnerabilities. It was not until a year later that Ring enforced two-factor authentication with end-to-end encryption without going through the cloud.

Even without malicious hacker access, these home surveillance devices have other security issues. For example, in 2019, Wirecutter reported that Google Nest home security cameras still allowed their previous owners to access the camera even after restoring factory settings and then selling the device . "We only discover new privacy and security issues when we are harmed," said Matthew Guariglia, a senior policy analyst at the Electronic Frontier Foundation who studies surveillance and policing issues. "Until then, we don't know which vulnerabilities have been exploited by bad actors."

So, how can we protect our privacy after having to install home surveillance cameras?

First of all, don’t buy cheap or second-hand cameras . Technology products all have certain R&D costs. Although many cheap/second-hand cameras look good and inexpensive, with a high cost-effectiveness, and can be purchased for just a few dozen dollars, the risk of leakage behind them is doubled.

Image credit: Gifer

Secondly, be cautious when opening cloud services . Currently, home cameras have very little built-in storage, and the storage space on the card is also limited (usually 32 GB or 64 GB). In order to store more video, camera manufacturers have introduced the concept of "cloud service", but cloud privacy is very easy to leak . If you have already opened this function, you can choose to regularly clean up videos stored in the cloud and pay attention to the upload nodes of the cloud service to avoid being "viewed" by criminals in the event of a cloud leak.

Finally, set a strong password . According to reports, several recent Ring hacks were caused by passwords that were too simple. If you use the same login or password on different services and websites, that information may have been leaked and can be easily accessed by malicious people.

Just watching you quietly... Photo credit: Marc Teyssier

In order to call on everyone to pay more attention to the devices with monitoring functions around them , several researchers from the Human-Computer Interaction Laboratory of Saarland University in Germany have designed an Eyecam that can move its eyeballs, blink, and stare at you, just like the human eye camera that appears in horror movies.

It is covered with soft artificial skin and can move its eyes like a real person, blink or raise its eyebrows. Eyecam can observe and recognize humans in its field of view, and can even use its eyebrows to express its emotions, such as happiness or disappointment.

You should be reminded after reading it! ? Image source: Marc Teyssier

This is an open source project, and the author Marc Teyssier has also published the CAD files and control software needed to manufacture the "human eye camera" on GitHub.

In other words, if you are afraid of forgetting the danger of privacy leakage, you can try to make one at home to remind you at all times...

References

[1]https://www.popsci.com/diy/home-security-camera-privacy-risk/

[2]https://www.popsci.com/story/technology/security-camera-privacy-tips/[3]https://marcteyssier.com/projects/eyecam/

Planning and production

Source: Bringing Science Home (id: steamforkids)

Author: Ah Xian Editor of "Everything" magazine

Reviewer | Cloud, editor of Everything Magazine

Editor: Wang Mengru