Allow Unsecure (no password) WiFi Networks

Removing the ability to connect to unsecured Wi-Fi came as quite a surprise to me on a vacation last week! I brought one of my cameras to use as a baby monitor in the hotel room, as I’ve done in the past, only to find out I couldn’t use it. Quite disappointed as it’s a very helpful feature to have for traveling and now I have to buy a separate monitor for traveling

1 Like

Same here. I take 1 camera on holiday to use as a baby monitor in the hotel. Now it wont work. Thanks a bunch guys… I’ve been recommending these to all my friends and now I look like a right moron.

1 Like

If you use a camera connected to a hotel wifi with no authentication, then you are very vulnerable to someone tapping into the stream and monitoring what’s going on in your room. Also, many hotels use landing/portal pages which you have to get through in order to connect to their wifi. Here’s a solution for both:

I’m not worried about someone hacking into my feed if my camera is aimed down into a crib. They want to watch my baby sleep? Go nuts. I don’t have the camera pointed into the room where they can watch me getting dressed.

I also had figured out a workaround for the hotel room landing pages. I spoofed the MAC address from my cam with my laptop and logged in through the landing page, then changed my MAC address back and voila - the cam could connect.

1 Like

Also not worried about someone hacking the connection. It’s being used as a baby cam… or it was. You think I’m buying a separate router? Dream on… buying a different camera thanks.

1 Like

That’s certainly an option. I think the other camera might cost more than inexpensive travel router. One other benefit of the travel router is that you can then run your other devices through it (eg. laptop) thus providing a layer of security for those. To each his own.

Clever!

It’s more about brand loyalty than the cost. I sold Wyze to all my friends as a baby cam… I’m not going to tell then all they need to go buy a router to make it work. The price of a Wyze cam , plus the router outs it in the price range of every cam or baby monitor on Amazon… it’s no longer a marvel, or a bargain for hotel use. I’ll just find something that works out the box and tell then Wyze messed up.

1 Like

Loki and Wyze team - I’m assuming the cameras must not be able to handle encrypted traffic (or the prevailing standards are not encrypted and creating/supporting a new standard is problematic), so you are trying to limit the ease of “tapping into the stream” by requiring a WiFi network with a passphrase. If all this is the case, then you are actually introducing a false sense of security and relying on the 'ole “security through obscurity” mechanism - which is a recipe for disaster. There are many many situations in which unencrypted transmissions over WiFi with a passphrase are just as vulnerable (e.g. many establishments use WiFi + passphrase but post the passphrase on the front desk for all guests to use; e.g. there are always upstream environments that are observable even if the local WiFi has a passphrase).

If this is not the case, and the stream is encrypted, then it is truly confusing why a secured WiFi network is being required.

At the end of the day, you are trying to safeguard/work around something the wrong way - likely because of hardware deficiencies at this price point. I get it, but I recommend optimizing for the user experience and clearly communicating about the risks instead of giving a false sense of security and making the user experience problematic. This exact same fallacy was used by a number of conference calling companies before Zoom emerged as the leader due to their focus on UX and good communication - some of the other startups imposed their idea of meeting pin and recurring invite security on the user, frustrating key use cases and ultimately allowing Zoom to put them out of business. Word to the wise.

You do realize that with this “solution” that you guys advocate, even if the connection between the travel router and the Wyze cam is secured, it’s still unsecured between the travel router and the hotel WiFi, right? So it’s actually no more secure than connecting the Wyze cam directly to the hotel WiFi. The main benefit to the travel router is allowing you to get the camera past the captive portal login more easily, but as others have noted, there are other ways around that as well.

The stream IS encrypted. I can’t speak for Wyze, but they made the decision not to support unsecured network access, they don’t appear to be willing to change that and we have to live with or work around it or not use their products in that environment.

Even with the stream encrypted, there is a vulnerability of having unknown persons on the same local network. The use of a travel router prevents this.

1 Like

The stream between the camera and the viewer is encrypted. The travel router keeps unknown persons off the same local network as the camera (and perhaps your laptop) and thus prevents attacks that can only be conducted on the same local net.

1 Like

That’s a reasonable concern, but not really related to a thread about unsecured WiFi networks, as the issue you’re describing could affect open and encrypted networks alike. That is, even if your hotel network is encrypted (requires a password), if other guests can also connect, they can potentially attempt to attack your device. Ironically, an encrypted hotel network is more likely to be susceptible to this issue because it’s more likely to be self-operated. Most hotels with a captive portal offer only unencrypted WiFi, provided by a service vendor that would typically enable AP/client isolation, so clients on the same network can’t talk to each other anyway.

I think it’s just a marketing ploy (the root of most problems it seems). They can say it’s secure and point to the required password. And it sounds more like they are concerned about someone on the same net running an attack, so maybe they know that the camera isn’t hardened in the first place.

1 Like

Which is why I use my travel router even on hotel wifi that is WPA2 protected. Plus a VPN just to be safe.

Where do U get the older version, I’m having the same issue. Pls help, your assistance in this matter is gr8ly appreciated. Sh828.

Yep, agree. A company should NOT tell a user how 2 use Wyze cams in their network, after all, it’s the customer who paid & OWN the camera, not Wyze.

1 Like

This is beyond frustrating. I won’t go into the reason’s why our networks are set up the way they are, but I just bought 50 of these cameras and now every.single.one of them is getting returned. We had a number of locations being set up for these. Wyze, security should be my concern and choice, not yours to impose.

1 Like

Just to throw my 2c in on this:

It’s cheaper for a reason. If you need wifi cameras that can connect to unsecured wifi, maybe pay more than $20/camera. I’d prefer to secure or not secure my own networks at my discretion but I can’t rely on IoT devices to conform to those standards unless I research them to do that. I’d also prefer that it connects to 5GHz, but most IoT things don’t.

The flip side: If the cameras are secured properly, it shouldn’t matter what it’s connected to. The fact is, if someone’s going to compromise your system, they’re going to compromise it. $20 is not a barrier to people who are going to buy these looking for vulnerabilities. The RTSP firmware notwithstanding, right now there’s very few services actually running on these things making it a relatively secure device in and of itself. That means any compromises are going to be target at the platform they connect to. So forcing users to run secured wifi is only insulating from potential HTTPS or other protocol issues. But that doesn’t matter because the traffic leaves the local network to go to Wyze servers so there’s a whole internet of untrusted networks that you might traverse. The local device being secured down really doesn’t matter.

Question on the TRAVEL ROUTER work around.

What if the network does not allow secondary routers to connect to the open network? How does this work>

Can someone recommend good/inexpensive travel router that would work?

Thanks,