Quote Originally Posted by PN View Post
I have heard about these little indoor Wyze Cams for quite some time. They are helluva buy starting at around $20. You get 14 days of free upstream bandwidth/storage. You can also add an SD card. They work with Alexa. I have also learned that they use TLS, AES 128-bit encryption to protect the security of the live stream and playback data. Every device has its own secret key and cert so they can validate the identity during a handshake.
I use a similar approach with each of my "nodes", here -- each is "introduced" to the System via a secure portal in a locked equipment closet (so the System can install the private keys without any chance of an eavesdropper interfering with the process).

An adversary won't attack the encrypted stream. Rather, they'll attack the endpoints or protocol. Most "video" is boring and of little "value" to an adversary.

E.g., I have 8 cameras monitoring the grounds around this house. A passerby can easily "see" what 6 of the cameras are "watching" -- "for free" (the front yard and each of the side yards)! The remaining two cameras cover the back yard -- and would require the passerby to come onto the property to peer over the wall (or, do so from a neighbor's yard... OR an overhead drone flyby!).

[It's possible that access to my camera feeds could allow a remote hacker to identify my actual street address; use my IP to locate my ISP and then use google street view to find imagery that matches the camera feeds from the front of my house. All of that could be done mechanically without requiring a human being to scan the neighborhood imagery!]

Two additional cameras monitor the front door. Again, visible "for free" by any passerby. A third (camera #11) acts as the doorbell and "front door key" (if The House is expecting you and recognizes you, visually, it will unlock the door for you). Again, nothing that a passerby couldn't see with his own two eyes.

There are 7 cameras in the garage (to assist with parking and verifying no obstructions in the path of the garage door or exiting vehicle) that MIGHT hold some "secrets" for a voyeur -- while the door is closed and the contents not observable by a passerby.

The remaining cameras (in addition to the garage cameras) don't provide video feeds that can be viewed by "humans". These have the most potential "value" to an adversary as they exist INSIDE our "private space".

Instead, The House uses those feeds, directly (as with the doorbell camera). There's one in each bathroom -- along with a microphone and speaker -- to monitor for "trouble" ("Help! I've fallen and I can't get up!!") and take action (the whole point of all this technology is to enable people to live independently for longer than they would otherwise be able). I'm in the process of adding 30 more such "nodes" throughout the house -- to track the locations of occupants and respond to their commands/requests. (this is currently done with BT beacons but that is subject to hacking, jamming, eavesdropping, etc. -- all the flaws that are inherent in a wireless technology)

The real value, to an adversary, lies in getting a beachhead into your network... INSIDE your firewall. You do this by exploiting sloppy ASSUMPTIONS made in the implementation... do things that "can't happen" (in the opinion of the product's designer/developer). So, you have to anticipate those assumptions and work to eliminate them.

In my implementation, you can surgically remove a camera and "harvest its secrets" (if you had appropriate tools and can do so without the System seeing an interruption in "service" from that node). But, the System won't let you do anything more than the original CAMERA could do! I.e., you can spoof the video feed to whatever is viewing/analyzing it, but, you can't talk to anything else or eavesdrop on any other transactions. You could try to mount a DoS attack -- in which case the network switch/router will simply shut down your port (because the original camera wasn't supposed to behave like that. So, it's clearly defective -- or HACKED!)

You can't do these things with COTS designs. Or, wireless technology. The individual devices -- ALL of them -- have to implement their own defenses against potential rogue PEERS! And, Company A is hardly interested in working to address problems that Company B's products might introduce.