Secure/hackability of cams on local network

What proof of this do you have?
Can u show a wireshark capture?

I recall reading an article years ago when Wyze first put out their cams that folks sniffing the traffic reported shaddy connections to servers in China or other country…but they later closed that up and it was later confirmed that WYZE cams no longer do that.

@SpeedingCheetah I posted the following in another forum thread a few minutes ago. I did this test a couple weeks ago. I haven’t analyzed the data itself, just logged the connections so far. I’m running the latest firmware, so, any claims by WYZE that it isn’t doing this anymore are false.

I ran my camera on a separate wireless network which is connected through a PC with two NICs and logged the connections from the camera for a short period of time. The following are all the servers that it connected to.

DestinationAddress DestinationPort Connections WhoisOrganization
129.6.15.29 123 4 National Institute of Standards and Technology (NIST)
52.218.209.137 443 6 Amazon Technologies Inc. (AT-88-Z)
34.208.107.136 8443 6 Amazon Technologies Inc. (AT-88-Z)
34.211.38.141 8443 2 Amazon Technologies Inc. (AT-88-Z)
52.25.151.84 8443 4 Amazon Technologies Inc. (AT-88-Z)
52.89.157.200 8883 2 Amazon Technologies Inc. (AT-88-Z)
192.99.8.134 10001 4 OVH Hosting, Inc. (HO-2)
207.244.91.206 10001 4 Leaseweb USA, Inc. (LU)
23.82.8.76 10001 4 Nobis Technology Group, LLC (NTGL)
114.67.85.205 10240 4 Beijing Jingdong 360 Degree E-commerce Co., Ltd.
198.16.70.58 10240 4 FDCservers.net (FDCSE)
50.7.98.242 10240 4 FDCservers.net (FDCSE)

I’m running the latest firmware which is 4.9.4.37. The camera is a WYZE Cam v2.

Someone from WYZE, please explain what these servers are. In particular, I would like to know what the Chinese server is being used for, but, also the other non-Amazon servers. What are ports 10001 and 10240 used for?

Note, the Android app connects to the same Chinese server that the camera does.

There are many old redit threads about this.
https://www.reddit.com/r/wyzecam/comments/7cykgf/wyzecam_sending_data_to_servers_other_than_aws/?utm_source=BD&utm_medium=Search&utm_name=Bing&utm_content=PSR1

and this thread here:

I recall reading a statment from WYZE that stated that the connection to a china server is only for outsourced notification service support, and not anything tied to the video stream. But I can’t seem to find that at the moment.

“I have MEMU Android emulator installed on my Windows PC. I’ve found it to be more stable than BlueStacks.”

@angus.black I have tried MEMU, however, it causes an INSTANT BSOD on my 2 windows 10 computers. I am trying NOX, but the version of Android it uses is quite old. (5.0) many apps require 6.0 or newer these days.

Why do you need to run an emulator when they added RTSP support? You can use whatever viewer you want with it.

RTSP is only in special beta test firmware and is not actively worked on as the main channel, said the page where u get that firmware to enable it.

Second, one can not operate the functions of the cam with RTSP, like the Pan ability, or view recordings.

3rd. RTSP only seems to work when u are connected to the same local network as the cam. I am not and thus can not make use of it.