undefined | Better HN

0 pointsbryancoxwell5mo ago0 comments

I think encouraging people to enable E2EE is more realistic than asking everyone to throw out the Ring cams they’ve potentially spent hundreds on, yeah.

0 comments

andrepd5mo ago

Why people would purchase a telescreen to place on their homes in the first place is also incomprehensible to me.

ta12435mo ago

I can see benefits to a closed circuit camera. I've never felt the need personally.

If it's not running free software and treated in a secure fashion (camera can't talk to anything other than the server, enforced at the network level, etc) then it's not a risk per-se.

However people would rather pay up front and pay subscriptions to get outside companies to run it than run their own their own equipment. In the 90s when I was excited about tech I didn't even consider that aspect.

danparsonson5mo ago

But... what makes you think that Amazon et al can't MITM the connection?

Aachen5mo ago

From the linked document (in German for some reason, so I skimmed it as best I could), it sounds like the device will generate a password and you need to enter it on your phone. So symmetric encryption, not trusting the server to distribute keys that would be susceptible to MITM, and also not leaving users the options to choose bad passwords

Sounds good from a security point of view, although it also says they disable functions like having more than one person able to view the camera (having a partner be able to answer the door seems pretty fundamental; they probably just can't be arsed to make such functionality work with safety turned on...)

Of course, just like with Signal or anything else that gets regular updates, they can push an update to your device specifically that sends the decryption key out. You'll always have to trust them to not do something like that, but that's a whole different level from subpoenaing data they have on a hard drive

j / k navigate · click thread line to collapse