Anker has fallen into a catastrophe over its Eufy security cameras that were caught uploading footage from users’ cameras to the cloud without users’ consent, as revealed by an information security consultant. Paul Moore We will be back in November. A bigger problem was that user content uploaded from Eufy cameras could be accessed and viewed by other users via media players like VLC. Anker claims that the company’s cameras use end-to-end encryption, with all content stored locally and sent only to devices on the user’s home network.
After months of uncertainty, Anker has finally confirmed that its Eufy cameras are not encrypted as originally claimed and the company is working to fix the issue. . in a series of emails The BargeAnker global communications chief Eric Villines said the company now updates all Eufy cameras to use the WebRTC API and fully encrypt video footage via AES and RSA algorithms. doing.
Now, based on industry feedback and due diligence, the eufy security web portal does not allow users to enter debug mode, and the code has been hardened and obfuscated. Additionally, the video stream content is encrypted, making these video streams unplayable on third-party media players such as VLC.
Currently, all videos (live and recorded) shared between the user’s device and the eufy Security web portal or eufy Security app benefit from end-to-end encryption implemented using AES and RSA algorithms doing. – Eric Villines, Head of Global Communications, Anker
Anker claims the issue is under control and all future stream requests will be end-to-end encrypted. Additionally, Anker publicly apologized for its lack of transparency and hired an independent security audit firm to help improve Eufy’s products and practices.
sauce
