Secure/hackability of cams on local network

Yea. That would be easy and nice.
A way to do it is to use an Android Emulator like BlueStacks.
I have that installed and the WYZE app shows as if it is a regular app on my PC and I can just open the app and see the cams on my PC that way.
Also, Chromebooks, i can install Android apps so u can use WYZE on those.

I am complementing dropping a small fortune to switch over to Ubiquiti Unifi cams, which are wired and POE. but, they do no have the feature to just 'Turn off" each cam in the app, like WYZE does. I really like that as I don’t want the cams on while I am at home. I only use them to monitor things when I am away.

I have MEMU Android emulator installed on my Windows PC. I’ve found it to be more stable than BlueStacks.

1 Like

Can’t talk about it. Notional security. :sunglasses:

My cameras are uploading to an ip that resolved to Mar-A-Lago :man_shrugging:

2 Likes

Swarm!

Are the any people outside the Wyze Cam group that are working on security flaws?
I assume they’ve got a crack team, but I’m sure that outside pen testing would be welcomed given the bug report system, etc.
Just curious if anyone is publishing or if this is an appropriate place to share hacking vulnerabilities.
Might be a good time to start mapping the potential inroads or holes that need to be plugged, as with any network system, to ensure security.
Access to the cameras physically would allow someone to flash a firmware of their choosing that could route traffic anywhere, potential masking as Wyze app, possibly as Tiny Cam as been able to reverse the auth protocoenmasse. l and “non-public” API (read unpublished), and get cam streams into the app.
Again, open official Wyze feedback, and otherwise.
Edit: Also understand the official Wyze stance on ensuring that the cameras, unadulterated, communicate with the phone apps, and cloud storage in a super safe and secure manner is paramount to the unlikelihood of physically altering every camera sold by Wyze. But also consider physical person-in-the-middle logistics hacks that we saw with crypto wallets or U2F being sold via 3rd party that had been comprised en masse. Given the right incentive…

Hey robert

I’ll defer to… well, anyone else… on those questions. As to appropriate place, I know there’s a Wyze reddit group where they juggle the acronyms with (seeming) ease.

I know a little and infer a lot. As long as I don’t forget that fact I get along ok. :wink:

1 Like

Interesting article.

There are a lot of vague statements dressed up to sound like facts in that article.

For instance, when it says “it’s security camera systems which are the most hacked IoT devices” they are talking about some early models that people set up as baby monitors and never changed the default password.

I would classify the “article” as click-bait.

1 Like

Is the WYZE live and playback video stream Peer to Peer?
Meaning that nothing is connected to or stored on any WYZE or otherwise servers (excluding the 12sec cloud stored clips wich i think is stored on AWS).

There’s some good info in this article:

Security and Privacy

Hi Rex, I don’t have the chops to endorse or dismiss this piece:

but it does go beyond click-bait, I think. :slight_smile:

After re-reading I must agree. There’s only one source for the info and I’m sure someone is getting a kickback from that source to write this article. My apologies.

If WYZE cared that much about security, they wouldn’t have their cameras connecting to servers in China for North American customers. And a bunch of random other servers as well. I don’t know what kind of protocols they are using, but, it doesn’t give much confidence at all with regard to security and privacy. If they cared about security and privacy, they would make them configurable so that you don’t have to use the cloud.

What proof of this do you have?
Can u show a wireshark capture?

I recall reading an article years ago when Wyze first put out their cams that folks sniffing the traffic reported shaddy connections to servers in China or other country…but they later closed that up and it was later confirmed that WYZE cams no longer do that.

@SpeedingCheetah I posted the following in another forum thread a few minutes ago. I did this test a couple weeks ago. I haven’t analyzed the data itself, just logged the connections so far. I’m running the latest firmware, so, any claims by WYZE that it isn’t doing this anymore are false.

I ran my camera on a separate wireless network which is connected through a PC with two NICs and logged the connections from the camera for a short period of time. The following are all the servers that it connected to.

DestinationAddress DestinationPort Connections WhoisOrganization
129.6.15.29 123 4 National Institute of Standards and Technology (NIST)
52.218.209.137 443 6 Amazon Technologies Inc. (AT-88-Z)
34.208.107.136 8443 6 Amazon Technologies Inc. (AT-88-Z)
34.211.38.141 8443 2 Amazon Technologies Inc. (AT-88-Z)
52.25.151.84 8443 4 Amazon Technologies Inc. (AT-88-Z)
52.89.157.200 8883 2 Amazon Technologies Inc. (AT-88-Z)
192.99.8.134 10001 4 OVH Hosting, Inc. (HO-2)
207.244.91.206 10001 4 Leaseweb USA, Inc. (LU)
23.82.8.76 10001 4 Nobis Technology Group, LLC (NTGL)
114.67.85.205 10240 4 Beijing Jingdong 360 Degree E-commerce Co., Ltd.
198.16.70.58 10240 4 FDCservers.net (FDCSE)
50.7.98.242 10240 4 FDCservers.net (FDCSE)

I’m running the latest firmware which is 4.9.4.37. The camera is a WYZE Cam v2.

Someone from WYZE, please explain what these servers are. In particular, I would like to know what the Chinese server is being used for, but, also the other non-Amazon servers. What are ports 10001 and 10240 used for?

Note, the Android app connects to the same Chinese server that the camera does.

There are many old redit threads about this.
https://www.reddit.com/r/wyzecam/comments/7cykgf/wyzecam_sending_data_to_servers_other_than_aws/?utm_source=BD&utm_medium=Search&utm_name=Bing&utm_content=PSR1

and this thread here:

I recall reading a statment from WYZE that stated that the connection to a china server is only for outsourced notification service support, and not anything tied to the video stream. But I can’t seem to find that at the moment.

“I have MEMU Android emulator installed on my Windows PC. I’ve found it to be more stable than BlueStacks.”

@angus.black I have tried MEMU, however, it causes an INSTANT BSOD on my 2 windows 10 computers. I am trying NOX, but the version of Android it uses is quite old. (5.0) many apps require 6.0 or newer these days.

Why do you need to run an emulator when they added RTSP support? You can use whatever viewer you want with it.

RTSP is only in special beta test firmware and is not actively worked on as the main channel, said the page where u get that firmware to enable it.

Second, one can not operate the functions of the cam with RTSP, like the Pan ability, or view recordings.

3rd. RTSP only seems to work when u are connected to the same local network as the cam. I am not and thus can not make use of it.