Comment by jqpabc123

5 days ago

but most cameras with RTSP enabled allow any other device on the network to trivially get the camera stream, and sometimes also control the camera.

Not a real concern when the network is fully under my control. I can easily restrict access as I see fit.

I surrender all control when I give up my wifi password and allow similar access to somebody's network located somewhere on the internet. Further access can be (and has been) granted to others without user knowledge or consent. For example:

https://arstechnica.com/tech-policy/2022/07/amazon-finally-a...

10 comments

jqpabc123

bluGill 5 days ago

You can - but will you? And you are in the tiny minority of people who understand what that even means. The vast majority of humans have better things to do with their life than figure out how to secure their personal network. (I'm not saying they are too stupid to figure out how - just that they have better things to do with their time)

jqpabc123 5 days ago
The vast majority of humans have better things to do with their life than figure out how to secure their personal network.
Sure. But this doesn't have to be an either/or choice.
It's possible to make it easy for those willing to surrender all privacy and control without making it impossible for those who don't.
Example: Amcrest cameras are just fine with being restricted to the local network. If you ask nicely and order direct, they'll even give you a discount.
https://amcrest.com/
- fidotron 5 days ago
  
  We need a system so pervasive that if you order random devices from aliexpress they use it, and they cannot cause trouble because they're properly contained. It's not enough for you to have good security, you need to know your neighbours do too.
  My vision of how this should work can be inferred from https://github.com/atomirex/umbrella Essentially in the future wherever we have WiFi APs those should also be media SFUs (and probably MQTT brokers or similar) where each client will only see the AP and things the applications running on the AP have explicitly allowed, including streams piped opaquely from anywhere else.
  The idea that being connected to WiFi means ability to see other devices and the public internet needs to stop being the default.
  
  1 reply →
- bluGill 5 days ago
  
  that is the wrong take. We need to protect the people who have better things to do.
  
  2 replies →
fidotron 5 days ago
Exactly, this stuff needs to be made the easy default.
Right now domestic IoT and Home Assistant are like Windows Mobile and Symbian prior to the iPhone: proof that something interesting and useful is possible in the domain, but requiring an enthusiast level of investment in knowledge and time to maintain and operate.
Were I a billionaire I would be attempting to launch the Android (in the original intended sense) of IoT to solve that.
- unsnap_biceps 2 days ago
  
  Matter, specifically matter over thread, is pretty much the right solution for the end devices.
NoMoreNicksLeft 5 days ago

>The vast majority of humans have better things to do with their life than figure out how to secure their personal network.
One might hope this to be the case, but there are mountains of evidence to the contrary.
>I'm not saying they are too stupid to figure out how
Never fear. I'm here to say it so that you don't have to. Most are too stupid.