Orwell’s Nineteen Eighty-Four is often used as an analogy for the dystopian hell we seem to be sliding towards. One of the book’s creepier elements involved surveillance devices being installed in people’s homes. But if you’re jamming cameras in your own house, Orwell isn’t the only thing you have to worry about.
Many people have added indoor cameras to their smart homes, either to enhance security or just keep an eye on their pets while they’re not home. If you’ve been paying attention to the news lately, you’ll have heard about vulnerabilities that indoor cameras have. Those issues are just the tip of the iceberg. Outdoor security cameras have their place, but it turns out that the indoor models are far more trouble than they’re worth.
Most home camera systems allow users to access their feeds remotely. This is useful as it allows you to check on your home from anywhere with internet access. The downside is it means hackers who have access to your Smart home network can also view your cameras remotely. Smart home networks tend to center on something like a Google, Apple, or Amazon account — though the camera manufacturer may ask you to register with them too. It also serves as another reason why you should take account security seriously, so make sure your passwords are strong, and features like 2FA are enabled.
In terms of consequences, a hacker accessing your indoor security cameras could have dire consequences. These range from grabbing footage of you making a 3 am trip to the bathroom sans pants, to gathering detailed information about your habits and schedules. A potential burglar could theoretically work out when you leave the house, how long you tend to be gone for, and double check you’ve actually left before breaking in. All in all, indoor cameras are a pretty bad idea.
This is a twofold problem, and it led to ReviewGeek removing both Wyze and eufy’s cameras from its list of recommended products. In 2019, Wyze was informed about a vulnerability that could allow people other than the user to gain access to the videos that are stored on the camera’s Micro SD card. Instead of informing its customers about the vulnerability, the company just recommended they upgrade their camera systems. The situation with eufy is arguably worse. The company claimed its products were encrypted and didn’t link to The Cloud. According to eufy, feeds and data could only be accessed locally through the service’s app or its web interface, and eufy’s own servers never come into contact with the data.
Sadly, that last part isn’t true as users who opt into the doorbell alert’s thumbnail previews will have screenshots of their porch uploaded to the cloud and Amazon Web Services without any encryption. Hackers can also access the camera feed provided they can get hold of your camera’s serial number, a UNIX timestamp, and brute force a Hex Key. The Verge has managed to demonstrate this a few times, but despite the evidence, eufy is still denying it is possible.
Then, on top of everything else, there is the enormous amount of information tech companies already have about you and your personal life. You need to ask yourself if you’re really comfortable potentially adding 24/7 footage of the inside of your home and whatever it is you get up to in there to that long list. If a hacker can get into your cameras, there’s a good chance the company that made them could.
If you’re really interested in using cameras for home security, consider opting for outdoor cameras instead. There is a wide range of outdoor cameras with multiple functions, and they should provide the same security benefits as their indoor equivalents.
Unlike indoor cameras, outdoor cameras are designed to cope with the unique conditions they face. So if you buy a quality cam, expect it to stand up to challenging weather environments and record clearly in everything from bright sunlight to dark, moonless nights. You can even buy products like Smart Doorbells, which work as cameras while serving a number of other purposes.
Another plus with an outdoor camera system is privacy. If someone does hack into it, they’ll get a neat view of your porch, yard, or the street in front of your house. These are all locations bad actors can see any way by simply turning up at your address or just playing around on Google Street View. The layout of your home’s interior and what people are doing there will remain private.
If you’re using indoor cameras for security purposes, you may be spending more for an inefficient system. With some setups, the motion will trigger the camera, which starts recording and pushes an alert to your device. You can then open the app on your phone and check out what’s going on before deciding if you need to call the police or whatever it is you usually do with home invasions. This is terribly inefficient compared to older systems.
Firstly, you need to have access and be paying attention to, the smartphone you have hooked up to your home security network. As anyone who has slept through or otherwise not noticed a text or email knows, it’s not something you can do 24/7. Even if you spot an alert, the intruder may have moved on by the time you view a camera, and even if you do spot them — calling the police is then an extra step.
Traditional alarm systems spot an intruder, blast a loud noise which may be enough to scare the intruder off, and automatically alert the authorities if they’re not de-activated within a certain time period. Yes, they’re not perfect and can be disabled if thieves know what they’re doing. But smart home-based security systems can usually be taken out or severely hampered by disabling the WiFi.
While the recent issues have mainly affected Wyze and eufy, no camera is immune to hackers. Security will always improve, but as history has shown, hackers are never far behind.
The only way to make sure an indoor camera isn’t hacked and a bad actor isn’t watching your day-to-day life is to simply not have one. With indoor cameras, the risk involved, no matter how small, just isn’t worth the benefits.