In a series of emails to The Verge, Anker has finally admitted its Eufy security cameras are not natively end-to-end encrypted - they can and did produce unencrypted video streams for Eufy’s web portal, like the ones we accessed from across the United States using an ordinary media player.īut Anker says that’s now largely fixed. So shortly before Christmas, we gave the company an ultimatum: if Anker wouldn’t answer why its supposedly always-encrypted Eufy cameras were producing unencrypted streams - among other questions - we would publish a story about the company’s lack of answers. It repeatedly deflected while utterly ignoring our emails. Paul have some serious questions to is irrefutable proof that my supposedly “private”, “stored locally”, “transmitted only to you” doorbell is streaming to the cloud – without cloud storage enabled.Īnker finally comes clean about its Eufy security camerasĪnker admits its always-encrypted cameras weren’t always encrypted - and promises to do better.įirst, Anker told us it was impossible. The security hole was first discovered on Eufy’s Doorbell Dual camera which utilizes two cameras to view both people walking up to your door as well as your doorstep where packages may be left… In the thread and accompanying videos, Moore shows proof that Eufy cameras are sending data that is said to be “stored locally” to the cloud, even when cloud storage is disabled. Paul Moore, a security researcher, posted on Twitter last week a frightening security situation with Eufy home security products including camera-equipped doorbells. …Anker’s Eufy brand claims to keep data local, but a security researcher has exposed that the claim is far from true, with footage not only going to the cloud, but remaining visible even after it was supposed to be deleted.Įufy sells several of its security cameras with the promise that video footage and other data are local only, explicitly saying “no one has access to your data but you” on its website. Eufy caught lying about local-only security cameras with footage sent to cloud, accessible in unencrypted streams
0 kommentar(er)
