- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I've noticed that, while traffic from the netgear base station to the cloud seem to be encrypted, there's quite of a bit of plaintext being sent back.
For example, I see stuff like this:
[{"from":"123-1234567_web","to":"MYBASE","transId":"web!b0b0b0!12345678910","action":"set","resource":"subscriptions/123-1234567_web","responseUrl":"","publishResponse":false,"properties":{"devices":["MYBASE"],"url":"https://vzweb05-prod.vz.netgear.com/hmsweb/publish/123-1234567"}}]
where I've changed possibly identifying text to something like 123..., but MYBASE in the original transmission is the actual S/N of my base station. What is this information used for and why isn't it encrypted?
- Related Labels:
-
Troubleshooting
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Your right in that the video info needs a 'key' as for the some of the data, it is in plain text ...Ive noticed the same thing... on it's way to / from Amazon servers.
But I really don't worry about that, but more that someone can't tap into the vids to get an inside view of the home/layout ( which is keyed )
Morse is faster than texting!
--------------------------------------
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
At the very least it's bizarre that information uniquely identifying your hardware is available in plaintext, but what concerns me most is the rtsp link that shows up when you begin live streaming. The link is of the form
rtsp://vzwow....netgear.com:443/vzmodule/CAMERAID_123456?ingressToken=HEXSTUFF?cameraId=CAMERAIDso fa
So far, I've been unable to play this link from VLC, which is promising, but I haven't tried very hard. Even if the link is unusable (e.g. the token is single-use and is showing up in the TCP stream only after it was used), I'd still like to know why it was sent at all.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So this is interesting... I ran a few captures today, and it appears that the entire dialog betwen base and netgear/aws is now encrypted The strange "ingress tokens" and rtsp links are gone, or at least no longer in plaintext. This is a tremendous improvement.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For the record, no. It would have been nice to get some official resoponse from Netgear on a topic this serious.
_____________
Hello platron,
Your topic recently received a reply.
Topic: Encryption
Date: 2016-01-19 02:15 PM
Did it solve your problem?
Click here to view the reply and mark one as an Accepted Solution.
This helps others find helpful answers in the community too!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @platron, could you share with me how you are doing the sniffing?
I'd like to do the same on my own setup too. As I've posted before here (Arlo is being Blocked by Privoxy. What server address should I whitelist?), I can't use livestream because Privoxy in my DD-WRT modem is blocking it. I've tried whitelisting .amazonaws.com and .netgear.com without any luck, so I'd really love to know what other address it's trying to access when clicking the livestream in order to try to whitelist it too.
Thanks and please let me know also if you already know what other address I should whitelist!
Best
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Wireshark, principally. If your devices are connected over a modern ethernet switch (as opposed to a hub) or via WPA2 with session-level encryption, then you may also need to use iptables on your router to redirect traffic to wherever you're running wireshark.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No @jguerdat, I didn't actually got to it. I'm pretty sure that they'll tell me (if they reply at all) that I have to troubleshoot which address I'm trying to access first and then allow that to be bypassed. But since it's installed in DD-WRT (an embedded system), I have no easy way to generate logs in my case (I'd have to add JFFS2 storage to a physical unaccesible modem), that's why I'm still trying to figure it out myself.
Thanks for the suggestion, though. I'll certainly submit it after a couple of months, when I get more time, and if I haven't fixed it myself already.
Regards.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the reply @platron! You were just typing as I was posting my previous message!
Yeah, I've tried with Wireshark and had to install the special drivers, but I didn't have the time to mess with it and the DD-WRT configuration, so I left it there.
Would you happen to have it installed or some logs from your previous tests? Could you confirm me if there are other address besides these two that are tryed to be reached when you click on of the "Live" icons on the desktop web UI (not the app):
.amazonaws.com .netgear.com
Thanks!
-
Accessories
4 -
Activity Zones
1 -
Amazon Alexa
1 -
Apple HomeKit
2 -
Apple TV App
9 -
Applications mobile et en ligne
1 -
Apps
4 -
Arlo Go
3 -
Arlo Mobile App
567 -
Arlo Pro
36 -
Arlo Pro 2
1 -
Arlo Q (Plus)
3 -
Arlo Smart
155 -
Arlo Web and Mobile Apps
18 -
Arlo Wire-Free
30 -
base station
1 -
Batteries
529 -
Before You Buy
795 -
Can't view cameras live at all
1 -
Dépannage
1 -
Détection de mouvements
1 -
Features
929 -
Fehlerbehebung
1 -
Firmware Release Notes
93 -
Google Assistant
1 -
Hardware
1 -
home security
1 -
IFTTT (If This Then That)
105 -
Installation
1,999 -
Iphone 14 pro
1 -
Live view
1 -
Modes and Rules
1 -
Motion Detection
2 -
Object Recognition
3 -
Online and Mobile Apps
983 -
Online und mobile Apps
1 -
Order Not Going Through... help please!
1 -
Other Discussions
1 -
Partner Integrations
4 -
Security
1 -
Service and Storage
14 -
Smart Subscription
3 -
SmartThings
71 -
Troubleshooting
8,797 -
Videos
233 -
Vidéo
2 -
Warranty & Contracts
2
- « Previous
- Next »