Anker’s Eufy admits problems with unencrypted video access, pledges overhaul
- Thread starter JournalBot
- Start date
Upvote
15
(21
/
-6)
So, if we want smart home cameras that aren't selling our data, what are the options? Wait for Anker to fix Eufy, or…? I'm drawing a blank here.
Upvote
105
(106
/
-1)
This should mark the beginning of the end of that platform. To have the audacity to even argue about it is maddening. The bounty program is too late. Should have had that from the start. Come on, it's not like we live in the 1990's.
Upvote
16
(34
/
-18)
Any CCTV IP Camera system. The "smart" should be on the video storage side, not in the camera itself. Many CCTV systems can be integrated into Home Assistant.
Upvote
99
(103
/
-4)
The "notable statements" sound great - for a company whose security architecture was found to have an unexpected deficiency. This seems like a case of plain old lying for profit.
Upvote
17
(19
/
-2)
Cows aren't too bad. After a little bit of frolicking and eating stuff that will give them stomach aches, they're generally willing to go back to the barn for food and to be milked for all they're worth. Much better than horses - the wily creatures.
All in all, I think you picked a good analogy.
Upvote
14
(16
/
-2)
Too late. I removed my Eufy camera and won't buy their robovacs or 3D Printer. Anker blew it.
Upvote
56
(57
/
-1)
"a series of unfortunate events" which started with them getting caught and trying to cover it up?
The lack of apology really stands out. A sort-of promise to apologize when they have"more details on what happened" does not seem to stand up since it seems like they do have the full details now and have been detailing how fixes are happening.
This only further sours my feelings on Anker and I guess I should find some alternatives for them.
Upvote
69
(70
/
-1)
I personally am running some cheap PoE cameras feeding into blue iris for storage and also using Homebridge to feed the video into homekit so i can see it on my tv/phones.
It is not difficult to setup for someone who likes to tinker with things it is for beyond the ability for say my parents to setup. There very limited options for an out of box solution that doesn't require a monthly subscription.
Upvote
34
(34
/
0)
For me, the most disturbing and worrisome aspect of this whole mess is the company repeatedly and publicly going: "No, there are NO security issues with our products and none of what researchers are saying is true or a real issue!" At least in my view, that kind of behaviour shows a kind of culture at the company that I, for one, wouldn't want to have anything to do with; the company is rotten all the way down to the core and there is no reason to believe that they won't happily lie to everyone's faces next time there are some issues as well, like e.g. perhaps unauthorized access to their servers.
Upvote
107
(107
/
0)
Are they saying they're preventing F12 tools? Do they actually think this would stop anyone or anything? It seems so dumb, that can't be what they mean... right?
Upvote
28
(31
/
-3)
So... the gist is "yeah, ok, you caught us lying, but we promise we won't lie again?"
Upvote
36
(36
/
0)
Yeah too late. I disabled internet access to my Eufy cameras on my firewall and have been using them through Homekit Secure Video - I will never buy another Eufy product that connects to the internet. Incidentally all my Eufy cameras went unresponsive a few days ago, so maybe it's time to just bite the bullet on Unify cameras or something.
Last edited by a moderator:
Upvote
15
(15
/
0)
It is good that they have the lawyer team that can explain to those clueless security experts why there is actually no security problem here.
Upvote
25
(26
/
-1)
If it requires internet = not secure. Why I use a Synology and Surveillance Station. IP addresses on the cameras denied outbound access and are on a dedicated VLAN.
Upvote
-2
(7
/
-9)
I've been looking at https://www.axis.com/products/network-cameras recently. They are pricy and more commercial, but seem to be a well known/reliable brand in the industry and are on the US Gov list of approved vendors for their use, so should be solid.
Upvote
17
(18
/
-1)
I would add something like "remote access via phone/etc with VPN only."
Tailscale is very easy to set up, for example! Self hosted plain old Wireguard also exists but takes more tinkering. I don't have much experience with Zerotier, but that's yet another option.
Just ideas for those that are curious!
Edit: one more note for those planning changes. Create an entirely separate vlan or physical network for the cameras, and then block internet access originating from within it, but allow access from outside (so your phone can view it). This prevents the cameras from phoning home. It might help to allow a time server or two, but that's it.
Some of this requires a decent router/various network equipment with those capabilities, fyi.
Upvote
12
(12
/
0)
Since the majority of customer base that buys this is not the same folks that will find these stories, I doubt the platform will be harmed. I bet they will continue to sell.
If its not on the front page of MSM sites (CNN,FOX,MSNBC,CBS,ABC..etc) they will not know
If its not on the front page of MSM sites (CNN,FOX,MSNBC,CBS,ABC..etc) they will not know
Upvote
13
(13
/
0)
It doesn't help that all the sites people like us go to for deals and recommendations (coughcough ars dealmaster) still whole heartedly recommend Anker products when they go on sale without any sort of disclaimer.
* Granted dealmaster doesn't usually bring them up anyways but still.
Upvote
22
(22
/
0)
Ubiquiti camera systems are pretty awesome, though sometimes hard to acquire because they are so popular. I have a Ubiquiti system at the office and at home. They have the option to enable cloud access, but certainly not required. All video is stored locally.
That said, I no longer recommend their network gear. TP-Link Omada is where its at for network gear.
Upvote
15
(15
/
0)
They failed at the one thing people were buying their cameras for. Local storage. I don't think that should be forgiven.
Upvote
14
(14
/
0)
"Can no longer access the debug mode"!? 
Man, these guys are going to crap their pants after they bring in the pen tests and risk auditors... I'll prepare the popcorn.
Man, these guys are going to crap their pants after they bring in the pen tests and risk auditors... I'll prepare the popcorn.
Upvote
12
(12
/
0)
I was taken aback by the part of the exchange where The Verge says "to be clear, you are not apologizing?" and Anker's Global Head of Comms replies that no, they are absolutely not apologizing for anything, but they might at some point in the future. I don't think I've seen that particular move before.
Upvote
74
(74
/
0)
Yeah, good advice. It's honestly more of a PITA than it should be since you're deliberately avoiding what the camera manufacturers clearly want to be the default setup, and it requires decent understanding of networking as well as the skills/resources to safely hook up the system without creating your own security holes. It's one of the reasons I personally have kept putting it off, even though I technically have an appropriate back-end in my setup (a Unraid server that I can tunnel into via Wireguard).
Upvote
6
(6
/
0)
I hope someone at Eufy gave Paul Moore a letter of apology and a big cheque. The "'lengthy discussion' with Eufy's legal team" sounds extremely unpleasant.
What do you think the chances are?
What do you think the chances are?
Upvote
17
(17
/
0)
VelvetGlove
Ars Tribunus Militum
The more IoT advances, the truer this phrase becomes. Also: The P in IoT stands for "Privacy".
Upvote
35
(36
/
-1)
Upvote
10
(10
/
0)
DIY. Unfortunately it is beyond the abilities of most people.
My system is built around as little trust as possible. The cameras themselves cannot reach the internet or any other devices on my network. They can try to phone home all day if they want to, they'll never make it. I just have to trust my NVR and Home Assistant really.
Upvote
5
(6
/
-1)
I had considered switching to Eufy but not anymore. My Wyze V3s work well enough and this whole cluster is why there aren’t any inside the house unless I’m traveling. Even then those are unplugged and put away once I get home.
Upvote
3
(4
/
-1)
Yup, but it still comes down to how you set them up. Don't forget to update the firmware, change the admin passwords, ideally put them on a VLAN or otherwise isolate them from public access, etc.
Upvote
8
(8
/
0)
Is there such a person as a "leading and well-known security expert?" I certainly can't think of any. Now that you mention it, I also can't name any "middling and well-known security experts" or even "rubbish and obscure security experts" for that matter.
Upvote
-13
(3
/
-16)
I've heard great things about Blue Iris. (Except that it's Windows only). Did they ever get the doorbell to the phone part added? Can that be done with PoE cameras and homekit?
Upvote
2
(2
/
0)
I tried running Blue Iris at my parents house for about a year. Honestly, I'm not a fan. I wonder how much of the praise it gets is just because of inertia. Once someone gets something working, they're not likely to fuck with it.
Upvote
5
(5
/
0)
caution live frogs
Ars Centurion
Picked up a set of 3 Eufy cameras and home base for our own home security a while back. As far as I can tell, if you set the system up using HomeKit it doesn't touch Eufy's servers at all. I didn't even need the Eufy app. Everything runs through HomeKit. I can only access camera feeds via HomeKit. Saved videos are on my iCloud storage, not Eufy's servers. I don't have a Eufy account.
Say what you will about their own security for their platform, but I have to applaud them for releasing hardware that doesn't need their infrastructure for anything. If you're looking for less expensive cameras and are happy using HomeKit to manage them, something tells me you should be able to find them on sale pretty soon...
Say what you will about their own security for their platform, but I have to applaud them for releasing hardware that doesn't need their infrastructure for anything. If you're looking for less expensive cameras and are happy using HomeKit to manage them, something tells me you should be able to find them on sale pretty soon...
Upvote
30
(30
/
0)