Comment by dmoose
1 day ago
> This is entirely local and private. You can even air gap the UniFi Protect system from the Internet and it'll operate fine.
One week ago 3 guys broke into my shop while I was traveling. They had sense enough to power down the starlink that was providing internet which would have taken out all of the remote camera options.
They did not realize that almost everything they were doing was being recorded via the unifi system. In the end about the only thing of value left in the building was the hard drive with all of their pictures on it.
The police have used the footage to identify all of them and it will be pretty open and shut when they see a court room. Offline and air gapped the whole time they were there but did exactly what it was installed to do.
How did you hide it so that the thieves didn't find it?
A 7U cabinet in an overhead space that is difficult to access. Installation and configuration were a bit of a headache but ended up being worth it. There was a NAS in the office and they stripped 7 drives, sleds and all, out of it.
I'm guessing with such an obvious endpoint for the camera storage it never occurred to anyone there was a second box. I had something like this in mind when I wired the building. It seemed like a good idea to make onsite security footage much harder to find given the cameras were obvious and anyone breaking in would probably look to damage or destroy the system.
I really thought the cameras themselves were the deterrent, but these guys gave it a shot anyway. Cutting the cable to the starlink and walking off with the NAS drives seemed to be the plan.
In the future I'm going to add a local battery backed alarm connected to external siren and strobe that is immediate on opening the office door to draw attention. I was driving down to WWDC when the starlink went offline and saw the notice on my phone but wrote it off to equipment failure which gave them enough time to clean the place out pretty well.
The hole in my strategy was thinking nothing could happen without notification, but being in a car in the middle of Norther CA with spotty cell coverage and lots of distractions blew that up pretty hard. I'm also thinking one of ubiquiti's cellular backups is in my future. Starlink offline is annoying but not the attention grabber that a still of a guy walking in the door would have been. Cellular backup would have gotten me that.
I've read through your story and I think you're on the right track with what you're doing.
But, re: alarms, I'd like to add a suggestion: Indoor sirens. They can be intolerably, painfully loud for not very much money (because piezos are cheap and square waves are easy). Using a small, random mixture of them can let them beat at different frequencies and periods, which can make them very unpleasant to behold even with hearing protection.
If you feel like being clever, you can even run them with a local battery that activates when they're disconnected. If you feel like being extra-clever, you can make them activate when they don't have the correct termination resistance at the far end of the line, or exactly the correct voltage: This way, whether the wire goes open or short, the sirens activate.
Super-extra bonus points for using a combination of methods. Any time that a thief spends figuring this out is time they aren't carrying stuff out.
And if that still seems incomplete, then: Fill the shop with smoke. They can't function when they can't even see their hand in front of their face. https://www.youtube.com/watch?v=RPgcysyFUiI
2 replies →
Cutting Starlink and stripping drives from a NAS? This seems like a pretty sophisticated operation, much more so than the usual copper thieves and the like. Do you have reason to believe your shop was specifically targeted?
I have found that the fog generating alarm systems are the ones that will stop burglars in their tracks.
If they can't see, they're not going to hang about and if they've tooled up with NV then that's a whole different threat model.
10 replies →
I'd be alarmed that they seemed to know you were going to WWDC. Like, they were tech-aware if they took the drives while you went to tech event... how did they know any of this / scout you?
I have a few pit bulls and a Doberman.
> In the future I'm going to add a local battery backed alarm
Wait, you have an office full of expensive equipment but decided to half-ass DIY the security? No wonder you were targeted.
A proper monitored alarm system would have prevented this. They pretty much all have built-in cellular backup now. Do yourself a favor next time and call a professional.
Don't blow your entire budget on cameras then wonder if you need an alarm system because the only good the cameras will serve is to watch your stuff disappear. You mentioned California so expect these guys to be roaming free in short order if they see any jail time at all. Good luck with seeing any restitution or getting your stuff back.
3 replies →
[dead]
Any video surveillance system is foiled by a simple mask. Thieves who know to plan a break-in when you're away usually do their homework and come prepared.
> Any video surveillance system is foiled by a simple mask.
Do not under-estimate the number of thieves on the left-hand side of the bell curve: if you can deal with those that's half the population that's less of a problem.
(The thieves on the right-hand side of the bell curve generally work on Wall Street and generally don't do break-and-enters.)
This is why I think someone should market a cheap SIGINT tool that collects BT/BTLE/Wi-Fi data from nearby devices.
I've got this setup running on a Raspberry Pi near my front door and it collects all sorts of useful data, even from people walking by on the sidewalk, 30 feet and two walls away.
At some point, I'd love to explore vehicle emissions more, too.
Modern OSes randomize WiFi MAC addresses unless you ask them not to, and also do some randomization on BT MAC address.
I've worked on something to do this, it' not perfect. It listens for 24 hours, learns what is 'normal'. Calibrates strength of signal (dogwalker on sidewalk, ignore) getting closer than that, between 10pm and 5am, turn on a light or two. Not meaning to spam, but it's at wispyalert.com . Any thoughts, I'd be interested to hear.
No prosecutor is going to waste their time trying to convict someone based on metadata. Even video is often insufficient for a conviction.
Funny enough a router collecting this data near a busy enough highway can bog itself down by collecting unique Wi-Fi identifiers from all the passing cars' networks, not to mention all the hotspots on passing commuter trains.
It never occurs to router makers a static base could see a million Wi-Fi networks come and go every week.
So the radio equivalent of Flock cameras...
Uh hello police department?
I have MAC addresses!
M-A-C...
Yes, I sniff them out the air with equipment I built!
Uh no I'm not on drugs why do you ask?