• @[email protected]
    link
    fedilink
    English
    1410 months ago

    Hypothetically I want to secure my home with Cameras…

    What’s the best way to do this? OSS preferably.

    • vortic
      link
      English
      2110 months ago

      So, just an FYI, I bought Eufy cameras because I believed their marketing bullshit about being secure and end-to-end encrypted. About two months later they changed how they describe their security and quietly modified their privacy policy. Turns out they’re not really end-to-end encrypted and it is possible to gain access to the streams sometimes.

      My recommendation, after doing my research is not to buy anything that is able to be viewed remotely. Buy something that stores the video locally, in your home. If possible, buy and install wired cameras.

    • @recapitated
      link
      English
      1510 months ago

      The most important thing is just to have cameras that are positioned to watch you in bed.

    • @vpklotar
      link
      English
      910 months ago

      I’m just about to setup TP-link cameras connected to Frigate (NVR software) with a Coral TPU for offline object detection. This means I can block access to internet for the cameras and use a VPN home if I want to watch them.

    • @Blue_Morpho
      link
      English
      5
      edit-2
      10 months ago

      Onvif camera (It’s the standard. Any camera that supports onvif will be plug and play). Block the cameras’ Mac addresses at your router so they can’t get out directly. Install zoneminder on Linux. If you need remote access follow all the guides to securing a Linux server that has ports open to the Internet. (Ssl, tailscale etc.)

      Blueiris for Windows is great but it’s not open source.

    • @[email protected]
      link
      fedilink
      English
      510 months ago

      No-internet cameras hooked up to local storage.

      For remote access, you could use whatever you want to use for remotely accessing local files.

    • @[email protected]
      link
      fedilink
      English
      2
      edit-2
      10 months ago

      I use a old phone with IP cam on it, and only allowed local network access connected to my home assistant.

      I can view it remotely via home assistant cloud, which is E2EE from instance to phone.

      I presume Raspberry Pi Camera is also a great solution. And also I dont put any camera in bedroom or bathroom, because there is no reasonably accessible entrance there.

    • @pete_the_cat
      link
      English
      -210 months ago

      The first step is to set a strong password.

      • @WetAndFlummoxed
        link
        English
        910 months ago

        Didn’t they just have a security incident where people could access other people’s full unifi account including devices?

        • @Empyreus
          link
          English
          210 months ago

          Correct but that’s only if you enable the remote connection through ubiquity, if you have that turned off its all local.

          • @WetAndFlummoxed
            link
            English
            19 months ago

            Ah, I wasn’t aware there was an option to keep it local. Does that keep your entire site from being remote manageable or just the camera system?

            • @Empyreus
              link
              English
              19 months ago

              My understanding is that it’s all or nothing, but I’m not complete sure.

        • @lama
          link
          English
          110 months ago

          The security issue you mentioned I think only affected when they handle access to the cameras. I think you can set up a VPN and then turn off remote access on the NVR, so it seems possible to avoid that issue.

          That being said that’s a lot of work for something they should have handled securely in the first place and doesn’t give me much confidence about their security in general.

          • @Empyreus
            link
            English
            19 months ago

            It’s an interesting read since the cause of the issue was something to do with a database change that caused an overlap of groups.