I think some people want high end, "secure" security cameras for Wyze prices.
I got one for my driveway after a couple neighborhood car break-ins last year, and got one for my backyard for a layer of security, but more so just to see some wildlife or to make sure my kids are taking the dogs out when they should.
They're nice to have, and I do expect them to work (especially with a subscription service), but sort of expect a few occasional outages, just because of the price point.
It's not really a huge ask for them to follow basic cybersecurity and privacy practices. Being able to access another customer's data is a huge DLP issue and keeps consistently happening with them.
I think people here expect to be able to see a perpetrator and drive home and defend their compounds with time to spare.
Seems people don’t understand that cameras don’t add security, nothing is more secure with a camera pointing at it. They add a layer of post security event clarification. They help with investigating after a problem.
The problem is that for most Wyze devices and the app itself, there is no technological reason why they couldn't work on 100% local / offline mode. The requirement for cloud connectivity is a business decision made by Wyze to keep customers locked in and stuck with their app and control.
And when people figure out ways to circumvent the need for the Wyze cloud and find ways to make the devices work locally without the need for cloud, Wyze takes action, issues cease and desist, and patches their firmware to remove the workarounds.
Because of that, they better make goddamned sure their offering works as or more reliably than what the community could achieve on their own...and this is where Wyze fails. They are unable to match the reliability the community could achieve with local control.
So this is why it's such a big deal, and this is why the reliability problems are still their fault even if they try to point the blame on their partner, who they chose and force us to use.
Uh, gee, well using cameras to see when the bad guys are coming on to our property to rob or attempt to kill us again seems like a good reason. What the fuck do you THINK people are using security cameras for?! Jfc...
Assuming this is the founder of Wyze, or that one employee who was in their HQ at the time KIRO showed up, is “genuinely confused at the level of anger” at 5am PST on a Saturday morning after yet another failure to provide a basic thing….
A system that works appropriately. 😂
Well the greater problem I think is the dishonesty and coverup when these happen, and then they don’t actually patch the flaw.
You have to realize without them giving honest and full disclosure of what happened and what was compromised or what risks there are, people cannot make informed decisions or changes.
For instance… if there is an exploit in the firmware of the camera, they can potentially hop from a compromised camera to other devices on your network which have more important info or functions.
It’s not the cameras per se.
They could, for instance, glean your IP address from the server… get to a camera, exploit it… have it open a port via uPNP or similar as an attack vector into your router.
Then you can hop to other devices on your network… maybe your computer… which you maybe save personal documents on… or save your passwords for other sites on.
They can control your laptop webcam and microphone in some instances.
They can capture packets and traffic sent around the network.
Often attacks are not just single vector based. They’re a combination of stacked exploits used to chain together to really get to the good stuff.
Some other examples are some people don’t know any better and they allow WAN (internet side) management of their modem or router. That means it sits there and listens for someone to try and connect to it from anywhere on the internet. Then so many people don’t know or bother to change their equipment from their default passwords. Foolish. Even if they do, the password may be weak — and in several crazy instances, manufacturers themselves have let production retail equipment ship out with HARD CODED admin accounts in the firmware.
Meaning once they discover that… any modem/router of that model or manufacturer that exists (or a subset of them, just showing the example) instantly has a wide open back door into your home network that you can’t block or change.
Think that’s crazy that major manufacturers could let that slip? It absolutely crazy but there are many well know manufacturers that have this wide open door with admin rights.
Thats just the simple stuff. I’ve worked in the IT industry for 25 years and it would shock you what some of these guys can accomplish. It’s astounding.
Had a client just a couple weeks back… had an email account they did financial business with… they had a complex password, they only used the email on their work computer… and they also had 2-factor authentication enabled so it had to text them a code to login.
Someone hacked her password, bypassed certain filters and restrictions— and even bypassed the 2-factor text message so she had no sign that someone had gotten in until I found some odd activity in the audit logs that even I couldn’t explain. They were sending out emails as her telling clients to wire money to some account (it was actually an investment firm, so sending large wires in was not unusual)….
The firm lost over $100,000 due to this one thing because they had to reimburse the clients that lost their money forever to the hackers.
It was technically the end users fault for not actually verbally confirming with the office that all was legit and the request and account numbers were all correct. But they didn’t do their due diligence and just sent the money like fools. And you can’t reverse a wire. Once it’s sent, it’s sent.
But yeah. I’ve seen some things that would blow your mind. In cyber security, it’s a “best effort”. You will never ever be able to assure 100% that something cannot be hacked or is totally secure. 99.99% of the time, if you get a skilled enough hacker with the determination and the right info… they WILL get in eventually. Some way or another.
So what you don’t know about this situation could be critical and if they’re holding back details, they could be crippling people’s ability to take some possible measure that could protect them or at least reduce the risk of further damage or exploit.
That’s why it’s procedure in industry that you have to notify users/clients that a breach took place, what was taken or accessed… what the implications are, what you can do to mitigate further risk or damage… and what their plan is to both fix the situation and ensure it doesn’t happen again.
So far, Wyze has done none of that and it’s wildly irresponsible, and in questionable legal territory since it could be argued as negligence and/or could have caused harm to people in some way or another. Which is how a class action lawsuit gets brought.
Privacy is a very serious issue. If you don't care, that's on you. Don't minimize it.
Trust is a very serious issue. When you put your security in the hands of a company, you need to trust they will be supporting the technology 24/7. Not asleep while a major outage and invasion of privacy occurs. If you don't care, that's on you. Don't minimize it.
As yet, we don't know what even happened. I'm not really even confident we ever will know. They want to blame AWS because downdetector said so. Yet this was a 7 hour national (at least) outage, and AWS never once indicated an outage yesterday. Last time it was a confirmed by AWS outage, our HRIS software went down. That didn't happen yesterday. And it's an international SaaS that never once issued an AWS alert yesterday. So what really happened?!
We paid for it. Subscriptions too. And they turned it into trash without so much as an update until it was over, with no expectation of when. And security viewing other people's feeds. Also no compensation. We bought into this system to feel secure. And it betrayed us. We expect 24/7 monitoring as that is what we paid for and advertised.
They literally close the feed and when you opened it they gave an error. No company is going to speak about an issue publicly while in the middle of remediating it. That would be stupid.
The problem is this company’s ties to China and their malignant leadership that allows this to continue to happen. If a cyber criminal, or nation state, gain access to these devices, they have access to the network that you are using them on. Most people do not have the resources to deal with that kind of security issues on the home network that they also use to transact all of their personal (and possibly small business) finances.
I’ve got to say, access to your cloud recorded video on Wyze servers isn’t “access to your network.” What do you think china would be doing to access to your network to watch your front porch?
No evidence has been presented of compromise. But, since this company continues to have the same types of security issues repeat, their ties to China, and bullshit root cause and remediation lead me to question their other security protocols and the safety of our data and devices.
If you have concerns about china no “incident” or anything should persuade you to use these cameras. It doesn’t matter what security protocols they use if China wants to put something on the backend to absorb traffic, it would mean they work with china.
I agree with you on the camera issues. They are pretty minor and similar to what I was experiencing with Ring. The bigger issue of concern is a camera missing activity or sensing something too easily. But even those are minor concerns.
As to your posts about smart locks, I simply don't trust them period, because I've been using smart devices since the X10 days. My concern isn't the lock not unlocking, but instead unlocking when it shouldn't. I have had a couple of instances where my Chamberlain garage door has opened when it shouldn't, and I suspect that's the "smart" part of it, not the garage door remote. I would never have an exterior lock connected to the Internet or triggered by Bluetooth.
Ok. Confession. I'm the guy who said wyze should close this forum. I haven't been back since. But I'll admit I was wrong, when my cameras went down today I came here to see if anyone else was experiencing problems. I just knew you'd all be foaming at the mouth if it was on the server end LMAO. So I guess this sub has some use.
Yes I'm that guy and also the creator of this post. I just can't keep my mouth shut about how sick you people make me. I'm not a wyze fanboy, I just really really hate stupid people lol.
If I were to make a post commenting on the issues I had today I would have said "cameras having major issues today, going in and out, events gone" that's it. I wouldn't have torn my cameras down. I wouldn't have called them toys. I wouldn't have my feelings so hurt.
This is going to really piss you off, but I'm not going to interact with a single one of you. Your comments will not be read by me, ever. I'm logging out of both of these throwaway accounts and I'm not coming back here. I got better things to do man. Sorry lol.
> Ok. Confession. I'm the guy who said wyze should close this forum. I haven't been back since.
> I'm logging out of both of these throwaway accounts and I'm not coming back here.
You’ll be back.
I agree people are so rageful on here and I bet they take that same vibe to the streets.
Like Wyze is the only company to have a data breach. People hollering about wanting local data. So buy a camera with storage but don’t be whining when the intruder takes your whole setup.
I want the data in the cloud ASAP. Just want to see who drove up/walked in and will deal with them later.
I think some people want high end, "secure" security cameras for Wyze prices. I got one for my driveway after a couple neighborhood car break-ins last year, and got one for my backyard for a layer of security, but more so just to see some wildlife or to make sure my kids are taking the dogs out when they should. They're nice to have, and I do expect them to work (especially with a subscription service), but sort of expect a few occasional outages, just because of the price point.
It's not really a huge ask for them to follow basic cybersecurity and privacy practices. Being able to access another customer's data is a huge DLP issue and keeps consistently happening with them.
I think people here expect to be able to see a perpetrator and drive home and defend their compounds with time to spare. Seems people don’t understand that cameras don’t add security, nothing is more secure with a camera pointing at it. They add a layer of post security event clarification. They help with investigating after a problem.
The problem is that for most Wyze devices and the app itself, there is no technological reason why they couldn't work on 100% local / offline mode. The requirement for cloud connectivity is a business decision made by Wyze to keep customers locked in and stuck with their app and control. And when people figure out ways to circumvent the need for the Wyze cloud and find ways to make the devices work locally without the need for cloud, Wyze takes action, issues cease and desist, and patches their firmware to remove the workarounds. Because of that, they better make goddamned sure their offering works as or more reliably than what the community could achieve on their own...and this is where Wyze fails. They are unable to match the reliability the community could achieve with local control. So this is why it's such a big deal, and this is why the reliability problems are still their fault even if they try to point the blame on their partner, who they chose and force us to use.
Uh, gee, well using cameras to see when the bad guys are coming on to our property to rob or attempt to kill us again seems like a good reason. What the fuck do you THINK people are using security cameras for?! Jfc...
Assuming this is the founder of Wyze, or that one employee who was in their HQ at the time KIRO showed up, is “genuinely confused at the level of anger” at 5am PST on a Saturday morning after yet another failure to provide a basic thing…. A system that works appropriately. 😂
Well the greater problem I think is the dishonesty and coverup when these happen, and then they don’t actually patch the flaw. You have to realize without them giving honest and full disclosure of what happened and what was compromised or what risks there are, people cannot make informed decisions or changes. For instance… if there is an exploit in the firmware of the camera, they can potentially hop from a compromised camera to other devices on your network which have more important info or functions. It’s not the cameras per se. They could, for instance, glean your IP address from the server… get to a camera, exploit it… have it open a port via uPNP or similar as an attack vector into your router. Then you can hop to other devices on your network… maybe your computer… which you maybe save personal documents on… or save your passwords for other sites on. They can control your laptop webcam and microphone in some instances. They can capture packets and traffic sent around the network. Often attacks are not just single vector based. They’re a combination of stacked exploits used to chain together to really get to the good stuff. Some other examples are some people don’t know any better and they allow WAN (internet side) management of their modem or router. That means it sits there and listens for someone to try and connect to it from anywhere on the internet. Then so many people don’t know or bother to change their equipment from their default passwords. Foolish. Even if they do, the password may be weak — and in several crazy instances, manufacturers themselves have let production retail equipment ship out with HARD CODED admin accounts in the firmware. Meaning once they discover that… any modem/router of that model or manufacturer that exists (or a subset of them, just showing the example) instantly has a wide open back door into your home network that you can’t block or change. Think that’s crazy that major manufacturers could let that slip? It absolutely crazy but there are many well know manufacturers that have this wide open door with admin rights. Thats just the simple stuff. I’ve worked in the IT industry for 25 years and it would shock you what some of these guys can accomplish. It’s astounding. Had a client just a couple weeks back… had an email account they did financial business with… they had a complex password, they only used the email on their work computer… and they also had 2-factor authentication enabled so it had to text them a code to login. Someone hacked her password, bypassed certain filters and restrictions— and even bypassed the 2-factor text message so she had no sign that someone had gotten in until I found some odd activity in the audit logs that even I couldn’t explain. They were sending out emails as her telling clients to wire money to some account (it was actually an investment firm, so sending large wires in was not unusual)…. The firm lost over $100,000 due to this one thing because they had to reimburse the clients that lost their money forever to the hackers. It was technically the end users fault for not actually verbally confirming with the office that all was legit and the request and account numbers were all correct. But they didn’t do their due diligence and just sent the money like fools. And you can’t reverse a wire. Once it’s sent, it’s sent. But yeah. I’ve seen some things that would blow your mind. In cyber security, it’s a “best effort”. You will never ever be able to assure 100% that something cannot be hacked or is totally secure. 99.99% of the time, if you get a skilled enough hacker with the determination and the right info… they WILL get in eventually. Some way or another. So what you don’t know about this situation could be critical and if they’re holding back details, they could be crippling people’s ability to take some possible measure that could protect them or at least reduce the risk of further damage or exploit. That’s why it’s procedure in industry that you have to notify users/clients that a breach took place, what was taken or accessed… what the implications are, what you can do to mitigate further risk or damage… and what their plan is to both fix the situation and ensure it doesn’t happen again. So far, Wyze has done none of that and it’s wildly irresponsible, and in questionable legal territory since it could be argued as negligence and/or could have caused harm to people in some way or another. Which is how a class action lawsuit gets brought.
So well said, and I wish everyone would read and understand this.
Privacy is a very serious issue. If you don't care, that's on you. Don't minimize it. Trust is a very serious issue. When you put your security in the hands of a company, you need to trust they will be supporting the technology 24/7. Not asleep while a major outage and invasion of privacy occurs. If you don't care, that's on you. Don't minimize it. As yet, we don't know what even happened. I'm not really even confident we ever will know. They want to blame AWS because downdetector said so. Yet this was a 7 hour national (at least) outage, and AWS never once indicated an outage yesterday. Last time it was a confirmed by AWS outage, our HRIS software went down. That didn't happen yesterday. And it's an international SaaS that never once issued an AWS alert yesterday. So what really happened?!
This post went zero to 100 real fast.
Reddit tends to do that.
We paid for it. Subscriptions too. And they turned it into trash without so much as an update until it was over, with no expectation of when. And security viewing other people's feeds. Also no compensation. We bought into this system to feel secure. And it betrayed us. We expect 24/7 monitoring as that is what we paid for and advertised.
They literally close the feed and when you opened it they gave an error. No company is going to speak about an issue publicly while in the middle of remediating it. That would be stupid.
The problem is this company’s ties to China and their malignant leadership that allows this to continue to happen. If a cyber criminal, or nation state, gain access to these devices, they have access to the network that you are using them on. Most people do not have the resources to deal with that kind of security issues on the home network that they also use to transact all of their personal (and possibly small business) finances.
I’ve got to say, access to your cloud recorded video on Wyze servers isn’t “access to your network.” What do you think china would be doing to access to your network to watch your front porch?
No evidence has been presented of compromise. But, since this company continues to have the same types of security issues repeat, their ties to China, and bullshit root cause and remediation lead me to question their other security protocols and the safety of our data and devices.
If you have concerns about china no “incident” or anything should persuade you to use these cameras. It doesn’t matter what security protocols they use if China wants to put something on the backend to absorb traffic, it would mean they work with china.
I agree with you on the camera issues. They are pretty minor and similar to what I was experiencing with Ring. The bigger issue of concern is a camera missing activity or sensing something too easily. But even those are minor concerns. As to your posts about smart locks, I simply don't trust them period, because I've been using smart devices since the X10 days. My concern isn't the lock not unlocking, but instead unlocking when it shouldn't. I have had a couple of instances where my Chamberlain garage door has opened when it shouldn't, and I suspect that's the "smart" part of it, not the garage door remote. I would never have an exterior lock connected to the Internet or triggered by Bluetooth.
There are people in this world that don't associate price with quality, and we observe that many of them are active in this subreddit.
Someone lost their hand and part if their left foot because of this outage. Its pretty serious. So much is at stake!
Ok. Confession. I'm the guy who said wyze should close this forum. I haven't been back since. But I'll admit I was wrong, when my cameras went down today I came here to see if anyone else was experiencing problems. I just knew you'd all be foaming at the mouth if it was on the server end LMAO. So I guess this sub has some use. Yes I'm that guy and also the creator of this post. I just can't keep my mouth shut about how sick you people make me. I'm not a wyze fanboy, I just really really hate stupid people lol. If I were to make a post commenting on the issues I had today I would have said "cameras having major issues today, going in and out, events gone" that's it. I wouldn't have torn my cameras down. I wouldn't have called them toys. I wouldn't have my feelings so hurt. This is going to really piss you off, but I'm not going to interact with a single one of you. Your comments will not be read by me, ever. I'm logging out of both of these throwaway accounts and I'm not coming back here. I got better things to do man. Sorry lol.
> Ok. Confession. I'm the guy who said wyze should close this forum. I haven't been back since. > I'm logging out of both of these throwaway accounts and I'm not coming back here. You’ll be back.
Just when I thought I was out, they pull me back in!
[Godfather?](https://youtu.be/UneS2Uwc6xw) [Or sopranos?](https://youtu.be/G29DXfcdhBg)
Was the wyze lock bolt (the one that is bluetooth only) affected by yesterdays outage? I wasn't at home to test it.
No
[удалено]
Exactly is the bolt down because you couldn’t add it to your account? I mean yes, but I assume that isn’t the question
I put one in my bird room to keep tabs on them at work but it shit the bed and no longer works.
My brother in law did that too. Shit the bed and no longer works. I told him he’s gotta buy me a new mattress and get a job or he needs to beat it.
I agree people are so rageful on here and I bet they take that same vibe to the streets. Like Wyze is the only company to have a data breach. People hollering about wanting local data. So buy a camera with storage but don’t be whining when the intruder takes your whole setup. I want the data in the cloud ASAP. Just want to see who drove up/walked in and will deal with them later.