eufy
After three weeks of silence, eufy finally acknowledges that its cameras have a “security flaw.” The company published a blog post explaining how it will increase the privacy, security, and transparency of its smart cameras. Still, eufy hasn’t apologized to customers or explained how camera streams were accessed in VLC.
Here’s a quick recap; eufy’s smart security cameras rely on a “base station” to store video locally. This keeps your data off the cloud and away from hackers. But security researchers found that eufy cameras feeds can be accessed through VLC, a free media player. (As far as we know, this vulnerability hasn’t been utilized by hackers.)
Researchers also discovered that eufy cameras send some data to the cloud. Encrypted video thumbnails are dumped into AWS to serve mobile push notifications, for example. Customers don’t seem to care too much about these video thumbnails, but they’re frustrated by eufy’s lack of transparency on this matter.
Initially, eufy denied the existence of any vulnerabilities. It stopped responding to press inquires related to this matter, and it quietly deleted several lines from its “Privacy Commitment” page.
But the company now admits…
Read Full Article Source
