Cve-2021-32934

No need to be a jerk about it…especially because I didn’t really state something that is “so obvious” everyone would know that off the top of their head.

Even if Wyze is still using it, it can easily be secured. See this excerpt from the CISA advisory:

4. MITIGATIONS

ThroughTek recommends original equipment manufacturers to implement the following mitigations:

  • If SDK is Version 3.1.10 and above, enable authkey and DTLS.
  • If SDK is any version prior to 3.1.10, upgrade library to v3.3.1.0 or v3.4.2.0 and enable authkey/DTLS.

See here for the full advisory: ThroughTek P2P SDK | CISA

1 Like

And they’ve had 3 months and yet are silent about it. :frowning:

The last time people had concerns about TUTK Wyze was very quick to address them, so this is a bit surprising.

1 Like

Anyone whom followed and read the original posts and links would know about the SDK :stuck_out_tongue_winking_eye:

Wyze is using the vulnerable SDK and that’s why we get ZERO response from Wyze.

Glad All my cameras are outside, and in barn.
No cameras in living areas of home.

Shame on Wyze for not fixing this vulnerability in all their cameras :rage:

2 Likes

The possums, raccoons and cats around here will be happy to know they are internet influencers. I hope they don’t ask for a raise. :moneybag:

1 Like

Well who cares,only people that are doing bad stuff must hide…who gives a [bleep]
let’s just hope that all cameras are working.

MOD NOTE: Post edited to conform to the Community Guidelines.

“Hide”? Was that parody? The question is whether our cameras are subject to eavesdropping based on a 3rd party vulnerability. I’ll assume it was parody.

:astonished: :astonished:

Petronella says

3 Likes

I realize many are not concerned about open mics in the household. But Wyze recently increased the mic sensitivity of the V2 (and V3?) cams. Not because they couldn’t hear you muttering under your breath about something juicy. But because an (apparently) significant segment of the customer base requested it (to improve the 2-way conversation experience?)

So even if you are using cams externally but adjacent to living areas (mounted under an eave, for example) conversations in the home are now vulnerable to higher-clarity eavesdropping (and inclusion in cloud clips, etc.)

There is no hardware toggle on the V2 (and V3?) to disable the mic. Only a software setting. And that setting toggles ‘audio monitoring’ rather than disabling the mic - a co-equal or shared app user can toggle it back on at will.

Reference:

Quick V2 mic lobotomy

Privacy advice from tinyCam

(This comment may be a little wrong or incomplete. Corrections and additions encouraged.)

2 Likes

All my cameras are outside on my property, and the older V2’s ended up in the barn.
So the hackers/spies will be very bored watching my cams…
As far as the Audio they may get lucky and here an animal fart…LOL

I here that…we are just happy that all cameras work,that’s all we care about.and we are not hiding anything on our property’s

I get that you’re personally not concerned, but the fact is MANY of us use these products INSIDE our own homes. The sheer fact that someone/some entity can illegally access the LIVE feeds without permission and log anything said or done should raise alarm to ANYONE. More power to anyone who “has nothing to hide” or “does t care”, but a fair share of users (ESPECIALLY in USA) DO care and there is a reasonable expectation of privacy one is constituted in their own home. And YES…that does include when PERSONAL surveillance systems are used for PERSONAL home monitoring.

2 Likes

Don’t get me wrong I still am concerned about the SDK vulnerability and have tried numerous times to get a response from Wyze Staff which they are totally avoiding answering that question.

It has been determined that they are using the ThroughTek’s P2P Software Development Kit (SDK) but there has been no response from Wyze on this matter as they are probably not going to admit that publicly probably until they have fixed this security issue.

As far as having anything to hide, I have nothing to hide @kae4560
I have no reason I would want cameras inside the living areas of my home, just a personal preference.

We have over 44 wyze cams at 6 sites and at customers locations if a [mod edit] ,or others want to try to get past our firewall/security have fun…if there’s an security issues then Wyze would have notified its users its in the user agreement and our customers all they care about is that there cameras are working

MOD NOTE: Post edited to conform to the Community Guidelines.

[Mod Edit] your firewall/security has nothing to do with the SDK vulnerability in the app and Wyze servers sending data over the public internet. Your firewall is on your side of the network and NOT the internet data going to Wyze servers.

2 Likes

[mod edit] Your choice to use derogatory slurs pretty much sums up your character (or lack-thereof).

2 Likes

Its ture when you see all that data hacking going on in the world,those 3 world countries

It’s these guys :upside_down_face:

[mod edit] Hackers are worldwide and not just in 3rd world countries, I’m willing to bet there hackers even in [US City] :rofl:

MOD NOTE: Post edited to conform to the Community Guidelines.

So not a parody post then. :frowning:

As noted this statement is inane - your firewall doesn’t protect Wyze camera traffic. I suspect you don’t really know what it is. Complacency puts your customers in danger. Not to mention your dismissal of those who use these same cheap cameras to monitor things they consider private. I’m slightly shocked that you are seriously playing the “nothing to hide” surveillance state defense. Shameful in my opinion.

2 Likes