[Updated 02-13-20] Data leak 12-26-2019

I find it interesting that you chose to single out my post. Especially since I was being honest and replying to somebody else. You could’ve just as easily made your point “stay in topic” without mentioning any one post. Perhaps my position regarding the “ on topic” discussion we were having prior to that attic post, had something to do with that. Or perhaps your attic is a mess like mine???Regardless the off topic part was meant to lighten the mood, which it succeeded in doing.

One last thing there are plenty off topic discussions, it happens all the time. Boat rides comes to mind. it’s kind of arbitrary for you to come out of nowhere and mention it now, 3 plus weeks into this subject.

My only thoughts on closing is that the discussion hasn’t even been focused on Wyze for quite some time it’s been focused on other companies and what they’ve done in other situations. If it was focused on the Wyze situation only I would see leaving it open but it’s gone so far off to left-field and has been allowed to do that for quite some time that I feel it merits looking at closing it. Keep this as an official Wyze thread about the situation and have updates coming from Wyze might be an idea.

1 Like

Thank You my point exactly. As I explained earlier there is an illusion of security and then there are steps to help you to secure but in no way they can guarantee your going to be completely secure. Security starts with us! Do not go flaunting your camera, Do not post links to your house or your kids, DO not give out your address, Do not use “Password”, “God” or any simple words as your password on your routers. I hate it when people cry “FIRE”, “WOLF”, “THIEF”, “Intruder” and slander the company when they themselves are at fault for allowing the intruder inside! Go ahead and call the police they will come and asses your security and your going to look like a complete fool because they will give you a few spankings of there own on how to secure your house. IGNORANCE!!! is our worst enemy not security.

I totally agree with you on this matter and that is why I am a Wyze consumer through and through, They might not get to be president of the united states but hey do get my respect.

Your right if the company has a leak it is there responsibility to find it but what if that leak was from a third party company? What if the code they implemented into their current software from an update that tracks people that we pay for every month was the CODE that caused the data leak? Interesting right? Wyze may not be at fault because they trusted that company to have there “i” dotted and there “T’s” Crossed but I guess that’s a learning experience that will not be duplicated in the future.

As far as securing Private information, I gave up a long time ago. I just don’t do certain things not to get my data out there like for instance to curve a hackers ability to gain data on figuring out my passwords I simply put in my incorrect Birthdate like instead of 16 I put 15 or I put in 14 just enough to save it in my notes (By the way Google Notes called KEEP has over a thousand Bit encryption through there server so saving your information in the cloud is safer than transferring money between banks.) Sometimes I add or put in my incorrect name. I believe misinformation is the key to securing your passwords which is what they strive to figure out. If you do a search for my name in Florida, Javier Garcon all you will get is misinformation which will come up wrong or outdated. Information is gold but if it is tainted then it will be useless for a hacker to use or sell. So our misinformation is like a password, for instance a simple security question to gain access to your password is “do you have pets?” So the Hacker hacks a site to gain information on you and ask himself if you have cats? No? then they ask do you likes fish? they check his google search and a bunch of different fish come up so chances are you have a pet fish. If they can’t figure out the right combo of words to accessing your information then they are successful in gaining access to all of it. The correct way to secure your information is this (Security starts with you!) For me it took time to build misinformation on the internet especially when I was trying to maintain my name in the media or if your an actor or singer, the internet actually acts like a business card. Actors or anyone famous get hacked regularly because TMZ pretty much gives away all of there life information on the internet.

Your right if the company has a leak it is there responsibility to find it but what if that leak was from a third party company? What if the code they implemented into their current software from an update that tracks people that we pay for every month was the CODE that caused the data leak? Interesting right? Wyze may not be at fault because they trusted that company to have there “i” dotted and there “T’s” Crossed but I guess that’s a learning experience that will not be duplicated in the future.

A couple MORE posts have been removed that do not follow the Community Guidelines. Please keep the guidelines in mind when posting, particularly this section:

Sometimes We Disagree And That’s Okay

Sometimes we will disagree on topics. You may even think that the other person is outright wrong! That’s just part of being human talking to other humans. But when you respond, remember to criticize ideas, not people . Please avoid:

  • Name-calling
  • Ad hominem attacks (personal attacks instead of discussing content of a post)
  • Responding to a post’s tone instead of its actual content
  • Knee-jerk contradiction

Instead, provide reasoned counter-arguments that focus on the ideas instead of the person. If someone has something negative to say about Wyze or our products, there’s likely a reason for that. Just tag in a mod or admin to make sure that the feedback goes where it needs to and we have an opportunity to consider and respond to what they’re saying.

Here’s a hint: if your post contains the word “you”, it probably doesn’t meet the guidelines.

5 Likes

It is time to take this down.

Getting back on track…

Some time ago Wyze indicated they would be remotely re-booting devices, and though I can’t find the exact post, I believe it may have hinted towards doing so to introduce some undescribed change.

Can we get an update on that, please?

That was done, not to introduce any change, but to deactivate existing security tokens (Alexa, if I’m not mistaken).

The changes came later.

1 Like

I think what they were referring to was when they invalidated all the login tokens. This forced all users at the time to log into the app again. I personally do not recall anything about remote rebooting any devices by Wyze.

I could be wrong but a search did not turn any such statement from Wyze? If you find it could you link to it here?

1 Like

Found it…

Phreakers?

Ha!
I havent hacked a payphone sine they essentially vanished from the
landscape.
Can we pick an activity that didnt die with car and battery pack
cell phones?

1 Like

That one went right by me. Anytime new firmware is installed the camera reboots. I assume that is what he was speaking of, a change in firmware of some type.

But that’s only a guess. Since no changes can be applied to a cameras firmware without a reboot it makes sense.

If so then there have been at least 2 firmware releases since then so maybe one of those?

I’m guessing the average user updates their firmware once every blue moon, lol…it’s similar to when I’m looking at the wifes phone cuz she’s having a issue, and there’s 50+ updates pending in the app store.

Very true, users are their own worst enemy. The same users that are outraged when a breach is not reported and acknowledged immediately have a dozen major updates waiting to be applied.

It’s a case of overcoming inertia and of course an inherent distrust of updates considering how many of those have been bungled. (I am looking at you Microsoft).

So on one hand we have the “if it ain’t broke don’t fix it group” and on the other the cyber warriors that say “apply every update no more than 2 microseconds after its available”. I am a lot closer to the 2nd group than the first but I do like to sometimes wait a day or two and see the smoke rising from the ones that did not wait and crashed and burned.

Percentage wise you can make a case that Wyze it right up there with, if not ahead, of M$. I know I don’t install their (Wyze) updates any more until there’s significant feedback from others that it actually works as intended. (Went for too long a period where I had to choose between using my cameras or using my plugs because the app would only work with one or the other - that’s never happened with any of my M$ ‘products’.)

1 Like

I trust you are correct. I personally have never had an issue with plugs or cameras and I have installed every update including beta updates. Are you iOS or Android? I think that Wyze has had many more issues with Android. But honestly I blame that as much on Android as Wyze.

Either way I do agree that Wyze has had its share and then some with issues following app or firmware updates. I know I have used or programmed on Microsoft since MS-DOS days. And the number of times “updates” from Microsoft have totally borked a machine are too numerous to count. Right up to a month ago with a Windows 10 update that left some users in a boot loop. :wink:

Hey, folks!

Looks like things went a bit sideways a couple of times recently. I think that Loki got things back on track effectively so I’m not going to dive into that any further (though I admittedly did enjoy the attic discussion even though this was not the best place for it :slight_smile: ).

A few people have asked for this thread to be closed. We’re still planning to update it later when the 3rd party actions have been concluded or if there’s something new to report so we’re leaving this open but also keeping an eye on things. Thank you for your feedback!

7 Likes

I’ll just leave this here:


Some interesting points:

  • 250 million entries from an internal customer support database.
  • The data was exposed between December 5 and December 31.
  • The database consisted of a cluster of five Elasticsearch servers.
  • Fixed Dec 31, Microsoft informed users Jan 22

I bet Microsoft wishes they had engaged a security firm to audit their systems. /s

3 Likes

That’s interesting because people jumped all over Waze for having a separate database. Wyze was honest when they said that companies do it because it’s cheaper. I believe that was their answer. Nonetheless Wyze handled it much better than Microsoft and it was a fraction of the amount of people. Actually why I did not get real worked up about it happens all the time. Nothing is safe.

2 Likes