Yeah, this is one reason I still don't have security cameras setup on my home network. If I decide to get them, I am going for a dedicated ethernet network just for cameras and no internet connection. I may allow a VPN to a inside the house server to see footage. According to the Wirecutter, Nest cameras are some of the better commercial one but I've still not bought one or done any review myself.

When we were shopping for a baby cam to keep an eye on the baby, I opted to get a simple RF cam [1] instead of the more popular IP cameras that allow you to use your smartphone and monitor from anywhere.

The lower tech approach means you can park a van in my driveway and probably pick up the signal but that's a lot harder (and more obvious) than scanning an IP range from anywhere in world and finding vulnerable devices.

[1] https://www.amazon.com/Foscam-FBM3501-Wireless-Digital-Monit...

I got a Wansview camera and assigned it a static IP and just don't allow any traffic not originating from the chromecasts or tablet -- it's nice because all the TVs do picture in picture with the baby camera.

Still pretty weird seeing the constant log entries trying to reach a couple servers - I've been doing traffic capture since I'd like to see what it's trying to do. One is obviously the plug-n-play stuff, but it's crazy that those packets apparently get broadcast outside the network (? - I haven't really looked into how that PnP IP/port is handled but it's getting caught at my firewall).

We have IP cameras (Axis) on a dedicated VLAN that doesn't have access to/from the WLAN, and things work pretty well. I don't trust VPN's (NSA clearly watered down the IPSEC standard and can definitely compromise most IPSEC connections [not sure about IKEv2]; OpenVPN is a messy pile of shit that is undoubtedly swamped with vulnerabilities), but do allow a VPN into my camera network. The compromise I made is to send a notification email for each established VPN connection, regardless of how it was established, so at least I'll probably know if someone else connects.

With Nest, you have to use their "cloud" for it to be fully functional, which to me makes it a no-go for anybody like you who is actually concerned with his/her security/privacy.

The most popular IP camera on Amazon is a Chinese camera gets your Wifi password through their app via the "cloud". Fuck that.

>gets your Wifi password through their app via the "cloud".

And? What does it matter that someone has a password that's only good for about 100 metres around your house?

Of all the passwords I have, my wifi password is the one I care least about.

I'd be more worried about what the app itself is doing on my phone - I caught one attempting to update outside of the Play Store. No thanks.

> I'd be more worried about what the app itself is doing on my phone - I caught one attempting to update outside of the Play Store.

If it is Chinese-made, that might just be because the Play Store is blocked by the Great Firewall. Apps in China need to use some other way to update.

This is a great point, but the app in question was Broadlink eControl - https://play.google.com/store/apps/details?id=com.broadlink....

Made in China.

I have my router firewall blocking all traffic to and from the Internet to my cameras. My router also offers OpenVPN for when I need access. It's not perfect, but it provides pretty good protection against someone attempting to use generic methods to compromise my devices as we've seen here.

If you have the interest and knowhow, you can build your own with an RPI. That's what I eventually did.

Admittedly, it's a far cry from an Off-the-Shelf solution though.

If we start down the legislative road for all elements connected to the Internet, where is that going to end up?

Keep going with the down votes...

Shall I give you a couple of hundred comments for ammunition.

On the other hand, if you disagree with my perspective, man up and present an alternate perspective.

How is that?

Please don't complain about downvotes. Keep the discussion centered around the content of the article.

Yes you are right

The thing is, I'm seriously concerned about the rhetoric on this thread. There seems to be a general bias toward legislative action and I know it isn't going to go well if that's the way things turn.

My reaction against down votes is pure frustration though. Down votes are a dead end.

I think I'll go back to my happy place...

The downvotes (for comments after the first) are more for the spamming and metacomplaints than anything else.