{"video_id":"fp_3jCRvUb7jY","title":"TQ: Should You Have An Indoor Camera?","channel":"Techquickie","show":"Techquickie","published_at":"2023-10-06T19:10:00.043Z","duration_s":310,"segments":[{"start_s":0.0,"end_s":3.34,"text":"Are you being watched?","speaker":null,"is_sponsor":0},{"start_s":3.34,"end_s":8.4,"text":"Millions of people have indoor smart cameras, but have you ever wondered exactly how resistant","speaker":null,"is_sponsor":0},{"start_s":8.4,"end_s":13.76,"text":"they are to being hacked? And whether someone could be watching you as you sit on your couch, tuck in your kids,","speaker":null,"is_sponsor":0},{"start_s":13.76,"end_s":17.68,"text":"or engage in other activities?","speaker":null,"is_sponsor":0},{"start_s":17.68,"end_s":22.88,"text":"Although many of the larger companies that sell indoor cameras tout security as a prime feature,","speaker":null,"is_sponsor":0},{"start_s":22.88,"end_s":26.28,"text":"IoT devices have a generally poor reputation","speaker":null,"is_sponsor":0},{"start_s":26.28,"end_s":29.56,"text":"for keeping hackers out. Because these devices are typically built","speaker":null,"is_sponsor":0},{"start_s":29.6,"end_s":35.76,"text":"with more of a focus on the primary function, whether that's a thermostat, a vacuum, or a camera.","speaker":null,"is_sponsor":0},{"start_s":35.76,"end_s":40.6,"text":"Their security usually isn't as good as say a PC or a smartphone.","speaker":null,"is_sponsor":0},{"start_s":40.6,"end_s":44.6,"text":"So if you're in the market for an indoor camera, how can you know there isn't some kind","speaker":null,"is_sponsor":0},{"start_s":44.6,"end_s":48.32,"text":"of vulnerability like this lurking in the model you've been eyeing up?","speaker":null,"is_sponsor":0},{"start_s":48.32,"end_s":51.6,"text":"Unfortunately, you can't, especially as there's no such","speaker":null,"is_sponsor":0},{"start_s":51.6,"end_s":57.44,"text":"thing as absolute security online. Or in life for that matter.","speaker":null,"is_sponsor":0},{"start_s":57.44,"end_s":61.76,"text":"But there are ways you can mitigate the risk to the point where you probably won't have","speaker":null,"is_sponsor":0},{"start_s":61.76,"end_s":64.94,"text":"to worry too much about it. Possibly the most obvious solution","speaker":null,"is_sponsor":0},{"start_s":64.94,"end_s":68.76,"text":"is to simply have a camera that doesn't connect to the cloud.","speaker":null,"is_sponsor":0},{"start_s":68.76,"end_s":73.66,"text":"There are plenty of cameras that can just record footage to a memory card, but if you actually want","speaker":null,"is_sponsor":0},{"start_s":73.66,"end_s":77.92,"text":"to view your camera feed in real time, you could consider self hosting,","speaker":null,"is_sponsor":0},{"start_s":77.92,"end_s":82.68,"text":"which typically involves connecting a camera to your network and installing open source software","speaker":null,"is_sponsor":0},{"start_s":82.68,"end_s":88.24,"text":"onto a computer or a server to control it. But this often involves advanced configuration","speaker":null,"is_sponsor":0},{"start_s":88.24,"end_s":92.44,"text":"beyond what a typical user who just wants a plug and play solution would go for.","speaker":null,"is_sponsor":0},{"start_s":92.44,"end_s":97.04,"text":"And just because you do it yourself doesn't mean you're immune from security holes.","speaker":null,"is_sponsor":0},{"start_s":97.04,"end_s":101.08,"text":"Namely, you need to watch out for devices that ask you to open up a port","speaker":null,"is_sponsor":0},{"start_s":101.08,"end_s":106.68,"text":"or to enable a feature called UPNP. You can think of ports as a series of doors","speaker":null,"is_sponsor":0},{"start_s":106.68,"end_s":112.2,"text":"between your network and the outside internet, each with their own number and usually a purpose.","speaker":null,"is_sponsor":0},{"start_s":112.2,"end_s":115.28,"text":"Normally your home network should have all ports closed","speaker":null,"is_sponsor":0},{"start_s":115.28,"end_s":119.58,"text":"so that you don't have randos from God knows where connecting to your devices.","speaker":null,"is_sponsor":0},{"start_s":119.58,"end_s":124.88,"text":"But some services require you to open ports for them to function correctly and UPNP,","speaker":null,"is_sponsor":0},{"start_s":124.88,"end_s":129.44,"text":"which stands for universal plug and play, can open ports automatically.","speaker":null,"is_sponsor":0},{"start_s":129.44,"end_s":135.58,"text":"Reputable smart cameras often allow you to connect without opening ports, but if you do have to open one,","speaker":null,"is_sponsor":0},{"start_s":135.58,"end_s":139.12,"text":"it can be very easy for a bad actor to locate your camera","speaker":null,"is_sponsor":0},{"start_s":139.12,"end_s":143.9,"text":"and just start watching its video feed. In fact, there's even a special search engine","speaker":null,"is_sponsor":0},{"start_s":143.9,"end_s":147.26,"text":"called Shodan, no relation to the malevolent AI,","speaker":null,"is_sponsor":0},{"start_s":147.26,"end_s":151.98,"text":"specifically designed to allow people to find IOT devices such as cameras.","speaker":null,"is_sponsor":0},{"start_s":151.98,"end_s":155.62,"text":"And if you've opened up the wrong port, you might have just given someone out there","speaker":null,"is_sponsor":0},{"start_s":155.62,"end_s":160.54,"text":"a free pass into your living room. Hope you laid out some snacks, cause they're hungry.","speaker":null,"is_sponsor":0},{"start_s":160.54,"end_s":165.66,"text":"Of course, this doesn't mean a solution that involves opening ports is always a terrible idea.","speaker":null,"is_sponsor":0},{"start_s":165.66,"end_s":170.46,"text":"If you have a good piece of equipment with strong security, including two-factor authentication,","speaker":null,"is_sponsor":0},{"start_s":170.5,"end_s":176.1,"text":"opening a port may not be that big of a deal. Now, if self-hosting safely seems a bit too complicated,","speaker":null,"is_sponsor":0},{"start_s":176.1,"end_s":181.04,"text":"but you still want remote access to your cameras, it's likely you'll end up purchasing a camera","speaker":null,"is_sponsor":0},{"start_s":181.04,"end_s":184.14,"text":"from a big brand that offers a cloud-based app.","speaker":null,"is_sponsor":0},{"start_s":184.14,"end_s":188.82,"text":"But these can have their own issues. Avoiding security issues with cloud-based products","speaker":null,"is_sponsor":0},{"start_s":188.82,"end_s":193.82,"text":"starts with choosing a camera manufacturer with a good track record of being privacy focused,","speaker":null,"is_sponsor":0},{"start_s":193.82,"end_s":197.06,"text":"as some of them have made headlines for the wrong reasons.","speaker":null,"is_sponsor":0},{"start_s":197.06,"end_s":202.0,"text":"Anchor, for example, caught some serious heat after their Eufy brand of security cameras","speaker":null,"is_sponsor":0},{"start_s":202.0,"end_s":206.08,"text":"was found to have a pretty big flaw that would allow an attacker to tap","speaker":null,"is_sponsor":0},{"start_s":206.08,"end_s":210.6,"text":"into a live camera feed fairly easily if they knew the unit's serial number.","speaker":null,"is_sponsor":0},{"start_s":210.6,"end_s":213.92,"text":"So, theoretically, a bad actor could purchase a camera,","speaker":null,"is_sponsor":0},{"start_s":213.92,"end_s":217.0,"text":"make note of the serial number, sell it secondhand,","speaker":null,"is_sponsor":0},{"start_s":217.0,"end_s":220.96,"text":"and then spy on the poor sucker who bought it. Confidence in a company, though,","speaker":null,"is_sponsor":0},{"start_s":220.96,"end_s":225.88,"text":"isn't just a question of have they been hacked, but also their response.","speaker":null,"is_sponsor":0},{"start_s":225.88,"end_s":231.6,"text":"Anchor took quite a while to admit their cameras had security issues after the issue came to light.","speaker":null,"is_sponsor":0},{"start_s":231.6,"end_s":235.04,"text":"And Wise, another IoT company that makes cameras,","speaker":null,"is_sponsor":0},{"start_s":235.04,"end_s":239.04,"text":"didn't disclose a different vulnerability for around three years from the time","speaker":null,"is_sponsor":0},{"start_s":239.04,"end_s":243.2,"text":"they were first informed about it. Wise was also criticized for instructing customers","speaker":null,"is_sponsor":0},{"start_s":243.2,"end_s":246.44,"text":"to open ports in order to get around a software bug","speaker":null,"is_sponsor":0},{"start_s":246.44,"end_s":252.68,"text":"that caused home routers to block access to the camera feed, which, in turn, caused a security hole.","speaker":null,"is_sponsor":0},{"start_s":252.68,"end_s":255.8,"text":"So if you wanna feel a bit better about the camera you choose,","speaker":null,"is_sponsor":0},{"start_s":255.8,"end_s":261.28,"text":"find a company that has dealt with any previous security breaches in a proactive manner.","speaker":null,"is_sponsor":0},{"start_s":261.28,"end_s":266.52,"text":"But aside from avoiding messing with ports and vendors with spotty security records,","speaker":null,"is_sponsor":0},{"start_s":266.52,"end_s":271.24,"text":"you should also take common sense precautions. For a camera that depends on cloud services,","speaker":null,"is_sponsor":0},{"start_s":271.24,"end_s":277.54,"text":"such as those sold by Google's Nest brand, have a strong password and enable two-factor authentication.","speaker":null,"is_sponsor":0},{"start_s":277.54,"end_s":281.76,"text":"Consider using a camera shutter when you're at home and ensure your home Wi-Fi network","speaker":null,"is_sponsor":0},{"start_s":281.76,"end_s":286.24,"text":"is protected by a strong password. Of course, there's also something to be said","speaker":null,"is_sponsor":0},{"start_s":286.24,"end_s":289.76,"text":"for simply pointing your smart camera towards an area of your home","speaker":null,"is_sponsor":0},{"start_s":289.76,"end_s":295.16,"text":"where you're not going to be walking around without your clothes on, just an idea.","speaker":null,"is_sponsor":0},{"start_s":295.16,"end_s":300.2,"text":"And seems like it was a great idea for you to click this video because you watched it to the end, wasn't that fun?","speaker":null,"is_sponsor":0},{"start_s":300.2,"end_s":304.12,"text":"Hey, thanks for watching, like the video if you liked it, dislike it if you disliked it,","speaker":null,"is_sponsor":0},{"start_s":304.12,"end_s":307.8,"text":"check it out or other videos below, comment the video suggestions in.","speaker":null,"is_sponsor":0},{"start_s":307.8,"end_s":310.44,"text":"Hey, subscribe and follow.","speaker":null,"is_sponsor":0}],"full_text":"Are you being watched? Millions of people have indoor smart cameras, but have you ever wondered exactly how resistant they are to being hacked? And whether someone could be watching you as you sit on your couch, tuck in your kids, or engage in other activities? Although many of the larger companies that sell indoor cameras tout security as a prime feature, IoT devices have a generally poor reputation for keeping hackers out. Because these devices are typically built with more of a focus on the primary function, whether that's a thermostat, a vacuum, or a camera. Their security usually isn't as good as say a PC or a smartphone. So if you're in the market for an indoor camera, how can you know there isn't some kind of vulnerability like this lurking in the model you've been eyeing up? Unfortunately, you can't, especially as there's no such thing as absolute security online. Or in life for that matter. But there are ways you can mitigate the risk to the point where you probably won't have to worry too much about it. Possibly the most obvious solution is to simply have a camera that doesn't connect to the cloud. There are plenty of cameras that can just record footage to a memory card, but if you actually want to view your camera feed in real time, you could consider self hosting, which typically involves connecting a camera to your network and installing open source software onto a computer or a server to control it. But this often involves advanced configuration beyond what a typical user who just wants a plug and play solution would go for. And just because you do it yourself doesn't mean you're immune from security holes. Namely, you need to watch out for devices that ask you to open up a port or to enable a feature called UPNP. You can think of ports as a series of doors between your network and the outside internet, each with their own number and usually a purpose. Normally your home network should have all ports closed so that you don't have randos from God knows where connecting to your devices. But some services require you to open ports for them to function correctly and UPNP, which stands for universal plug and play, can open ports automatically. Reputable smart cameras often allow you to connect without opening ports, but if you do have to open one, it can be very easy for a bad actor to locate your camera and just start watching its video feed. In fact, there's even a special search engine called Shodan, no relation to the malevolent AI, specifically designed to allow people to find IOT devices such as cameras. And if you've opened up the wrong port, you might have just given someone out there a free pass into your living room. Hope you laid out some snacks, cause they're hungry. Of course, this doesn't mean a solution that involves opening ports is always a terrible idea. If you have a good piece of equipment with strong security, including two-factor authentication, opening a port may not be that big of a deal. Now, if self-hosting safely seems a bit too complicated, but you still want remote access to your cameras, it's likely you'll end up purchasing a camera from a big brand that offers a cloud-based app. But these can have their own issues. Avoiding security issues with cloud-based products starts with choosing a camera manufacturer with a good track record of being privacy focused, as some of them have made headlines for the wrong reasons. Anchor, for example, caught some serious heat after their Eufy brand of security cameras was found to have a pretty big flaw that would allow an attacker to tap into a live camera feed fairly easily if they knew the unit's serial number. So, theoretically, a bad actor could purchase a camera, make note of the serial number, sell it secondhand, and then spy on the poor sucker who bought it. Confidence in a company, though, isn't just a question of have they been hacked, but also their response. Anchor took quite a while to admit their cameras had security issues after the issue came to light. And Wise, another IoT company that makes cameras, didn't disclose a different vulnerability for around three years from the time they were first informed about it. Wise was also criticized for instructing customers to open ports in order to get around a software bug that caused home routers to block access to the camera feed, which, in turn, caused a security hole. So if you wanna feel a bit better about the camera you choose, find a company that has dealt with any previous security breaches in a proactive manner. But aside from avoiding messing with ports and vendors with spotty security records, you should also take common sense precautions. For a camera that depends on cloud services, such as those sold by Google's Nest brand, have a strong password and enable two-factor authentication. Consider using a camera shutter when you're at home and ensure your home Wi-Fi network is protected by a strong password. Of course, there's also something to be said for simply pointing your smart camera towards an area of your home where you're not going to be walking around without your clothes on, just an idea. And seems like it was a great idea for you to click this video because you watched it to the end, wasn't that fun? Hey, thanks for watching, like the video if you liked it, dislike it if you disliked it, check it out or other videos below, comment the video suggestions in. Hey, subscribe and follow."}