Arlo|Smart Home Security|Wireless HD Security Cameras

Re: Security concerns with cloud service

Reply
Discussion stats
  • 7 Replies
  • 37168 Views
  • 5 Likes
  • 3 In Conversation
FuzzyBear Tutor
Tutor

Hi,

 

I couldn't find any netgear documentation on it's secuirty policies...I was wondering, what security measures are in place to prevent unauthorized access to live streams and videos stored on the cloud service?

 

Unless the files are stored encrypted at rest, is it fair to say that Netgear employees or netgear arlo cloud employees can view customer videos? Which then means if the cloud service was ever compromised, customer videos would be compromised?

 

 

ant Prodigy
Prodigy

FuzzyBear wrote:

Hi,

 

I couldn't find any netgear documentation on it's secuirty policies...I was wondering, what security measures are in place to prevent unauthorized access to live streams and videos stored on the cloud service?

 

Unless the files are stored encrypted at rest, is it fair to say that Netgear employees or netgear arlo cloud employees can view customer videos? Which then means if the cloud service was ever compromised, customer videos would be compromised?

 

 


What about law enforcements with warrants? 😕

Guru TomMac Guru
Guru
 
--------------------------------------
Morse is faster than texting!
--------------------------------------
ant Prodigy
Prodigy

TomMac: What?

FuzzyBear Tutor
Tutor

Given that I haven't been able to find any information from Netgear, it's probably safe to assume that video files are accessible by netgear employees, or whomever happens to find their way to the file storage medium.

 

Anyways, I guess with this type of cloud service users just have to accept the fact that the files could be viewed by others in the worse case, and take appropriate measures. For example, might not be a good idea to have the camera's in one's bedroom or in any situation where privacy is a concern.

 

 

ant Prodigy
Prodigy

FuzzyBear wrote:

Given that I haven't been able to find any information from Netgear, it's probably safe to assume that video files are accessible by netgear employees, or whomever happens to find their way to the file storage medium.

 

Anyways, I guess with this type of cloud service users just have to accept the fact that the files could be viewed by others in the worse case, and take appropriate measures. For example, might not be a good idea to have the camera's in one's bedroom or in any situation where privacy is a concern.

 

 


Yep, always assume that our government (e.g., NSA), companies (e.g., Amazon since those MP4 video recordings are on amazonaws.com servers), etc. have access to them these days. 😞

Guru TomMac Guru
Guru

The data is encrypted  and uses a verisign(?) key to access with what looks like a 256 bit key... on to the amazon cloud. 

I wouldn't worry about people seeing/intercepting the stream.

If they watch mine, mostly they'll see an old/sick cat eating.

 

As to the employees of netgear or govt looking at your vids , would they be able to?, maybe, anything is possible if you have the right keys and equipment.

Some encryption methods are very hard to break, some not so much. I have knowledge of this being done (legally) all the time.

 

Remember tho, these cams aren't streaming all the time but only when turned on or motion record set ( which you'd prob know about).  If you have them in what should be a private place, you can easily move them as needed.   If your thinking about the Nanny or caretaker that may be recorded, most local laws allow for same on private property if in your employ ( and no audio so no problem with eavesdropping laws ).

 

--------------------------------------
Morse is faster than texting!
--------------------------------------
Highlighted
FuzzyBear Tutor
Tutor

The encryption you talk of is probably in flight, which is the most basic form. It's unknown if they do any server side encryption so that the data is actually stored in encrpyted format. But then again, given that netgear would have to manage the keys its pretty safe to say that employees and/or hackers could get access to the data... hackers probably will require effort, but I'm sure it's not a big deal for employees.

 

Anyways, too bad netgear does not reveal their storage policies as I think most users don't understand the implications. Dropcam at least lists a detail page describing their limitations:

 

https://www.dropcam.com/security

 

It's probably similiar, but you'll notice that they depend on amazon employees to ensure data is protected -- which means data is readable.

 

For the privacy conscious, too bad netgear does not allow streams to be uploaded to the users own private server.. never going out and being stored in some internet cloud.