• 0 Posts
  • 54 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle








  • Yes, you can obviously build your own version of event detection and remote storage, and then appify it in a way which is secure and ergonomically useful, nobody is claiming otherwise. This requires a considerable amount of expertise to do safely, and additional complexity generally expands your threat surface. For you, that may be fine. I’m pretty tech literate and have a bunch of other self hosted services, but I just don’t think the additional complexity is worth maintaining for push notifications. Again, that might be different for you.


  • Relatively minor from the perspective that the actual information which will leak from a Nest camera isn’t really that unique. And as a network device, it’s fairly simple to isolate and secure. The video a doorbell camera shoots is generally of “in view” public space, already visible to any camera. Your identity is already likely tied to the installation address where you’ve paid for the account with your credit card, which is also probably tied to that same address. If these things are not true, then you should obviously defer to your individual threat profile and disregard what I say.

    The worst part of it is that these doorbell cameras could provide a state actor with a daily face shot database, but if you control it, then it can also be an adversarial source to that end.

    But “minor” for me, is different from “minor” for you. For me, petty crime, and maybe some local cops with beef are a much bigger deal than hiding from the feds. That’s my whole point here. Know your own threat profile. If officer Barbrady kicks down your door and violates your rights, he’s going to take your local video server, but he’s much less likely to get access to some random silicon valley colo farm. Don’t fear the cloud, understand how to use it as a tool within your own threat profile.


  • Which is once again, the reason why understanding your threat surface properly so that you set up security enclaves which let you get value from cloud services without sacrificing privacy is more important than ever. Honestly, these posts frustrate me a bit. People are going to give up real, tangible security benefits of these modern security services over the spectre of relatively minor privacy issues which can be almost entirely mitigated with some pretty simple best practices that anyone interested in security should be doing anyway.


  • As a tangent, for me the entire utility for this stuff is cloud integration and alerts. Otherwise the only use of the camera is sending your insurance company videos of the break-in. This is one of those places where I am willing to give up a bit of privacy in a controlled way for the ability to get alerts in real time in case I need to call emergency services while away from home. Or tell my wife the delivery driver left the gate open and to close it so the dog doesn’t get out.

    To be honest, if you have a good security framework to begin with, there’s no reason why a ring camera is super dangerous.




  • socsa@lemmy.mltoPrivacy@lemmy.mlGoogle has a VPN service now
    link
    fedilink
    arrow-up
    51
    arrow-down
    8
    ·
    edit-2
    1 year ago

    Damn, people here really misunderstand the threat surface. The Google VPN is just fine for staying safe from things like rogue wifi hotspots and even Stingray devices to some extent. It’s also makes it much harder for your ISP to data mine your web activity. Obviously if you have an Android device using Google services, Google already has access to pretty much any information they might get from the VPN service. If you are de-Googled, then obviously you’d never use this.

    For the vast majority of people, privacy should be what happens outside of your curated public image. Everyone has a public image. If you try to be completely dark all the time, chances are you will slip up and just end up in an even worse position because you don’t understand when or how you’ve lost control. This is counterintelligence 101. Real first day stuff, but so many of the ‘pop-security’ influencers on the internet struggle with it, because they don’t have any practical CI training. However, having a public image doesn’t mean you cede all control to every observer. Obviously there are many choices for VPNs, but for everyday use, this VPN Google bundles with various other products is generally high quality.


  • They’ll just focus on baking obscure side channel attacks into firmware wherever they can. Consumer devices also leak a ton of EM energy, and there have been a bunch of “proof of concepts” at deriving device state remotely by observing such energy. I’d be pretty surprised if the right folks can’t read private keys being loaded into cache under the right circumstances already.

    In a way it’s kind of a poetic compromise. They can’t do mass surveillance like they want, but they can still “tap” devices via physical access, preferably with a healthy dose of due process.


  • Just in general, discount airlines are always better to book directly through the website because they will give you options to bundle upgrades much cheaper during that initial purchase than later on. It is often like $75 for a seat upgrade, checked bag and priority boarding, vs $70 just for the bag if you do it later on.