No need to be a jerk about it…especially because I didn’t really state something that is “so obvious” everyone would know that off the top of their head.
Even if Wyze is still using it, it can easily be secured. See this excerpt from the CISA advisory:
4. MITIGATIONS
ThroughTek recommends original equipment manufacturers to implement the following mitigations:
If SDK is Version 3.1.10 and above, enable authkey and DTLS.
If SDK is any version prior to 3.1.10, upgrade library to v3.3.1.0 or v3.4.2.0 and enable authkey/DTLS.
“Hide”? Was that parody? The question is whether our cameras are subject to eavesdropping based on a 3rd party vulnerability. I’ll assume it was parody.
I realize many are not concerned about open mics in the household. But Wyze recently increased the mic sensitivity of the V2 (and V3?) cams. Not because they couldn’t hear you muttering under your breath about something juicy. But because an (apparently) significant segment of the customer base requested it (to improve the 2-way conversation experience?)
So even if you are using cams externally but adjacent to living areas (mounted under an eave, for example) conversations in the home are now vulnerable to higher-clarity eavesdropping (and inclusion in cloud clips, etc.)
There is no hardware toggle on the V2 (and V3?) to disable the mic. Only a software setting. And that setting toggles ‘audio monitoring’ rather than disabling the mic - a co-equal or shared app user can toggle it back on at will.
Reference:
Quick V2 mic lobotomy
Privacy advice from tinyCam
(This comment may be a little wrong or incomplete. Corrections and additions encouraged.)
All my cameras are outside on my property, and the older V2’s ended up in the barn.
So the hackers/spies will be very bored watching my cams…
As far as the Audio they may get lucky and here an animal fart…LOL
I get that you’re personally not concerned, but the fact is MANY of us use these products INSIDE our own homes. The sheer fact that someone/some entity can illegally access the LIVE feeds without permission and log anything said or done should raise alarm to ANYONE. More power to anyone who “has nothing to hide” or “does t care”, but a fair share of users (ESPECIALLY in USA) DO care and there is a reasonable expectation of privacy one is constituted in their own home. And YES…that does include when PERSONAL surveillance systems are used for PERSONAL home monitoring.
Don’t get me wrong I still am concerned about the SDK vulnerability and have tried numerous times to get a response from Wyze Staff which they are totally avoiding answering that question.
It has been determined that they are using the ThroughTek’s P2P Software Development Kit (SDK) but there has been no response from Wyze on this matter as they are probably not going to admit that publicly probably until they have fixed this security issue.
As far as having anything to hide, I have nothing to hide @kae4560
I have no reason I would want cameras inside the living areas of my home, just a personal preference.
We have over 44 wyze cams at 6 sites and at customers locations if a [mod edit] ,or others want to try to get past our firewall/security have fun…if there’s an security issues then Wyze would have notified its users its in the user agreement and our customers all they care about is that there cameras are working
[Mod Edit] your firewall/security has nothing to do with the SDK vulnerability in the app and Wyze servers sending data over the public internet. Your firewall is on your side of the network and NOT the internet data going to Wyze servers.
As noted this statement is inane - your firewall doesn’t protect Wyze camera traffic. I suspect you don’t really know what it is. Complacency puts your customers in danger. Not to mention your dismissal of those who use these same cheap cameras to monitor things they consider private. I’m slightly shocked that you are seriously playing the “nothing to hide” surveillance state defense. Shameful in my opinion.