According to the most recent report, the data from the recently introduced Eufy security cameras is unencrypted, allowing users access from anywhere without having to acknowledge them. Here is all the information we have on the current Eufy situation!
Eufy Camera System’s Vulnerabilities
These charges follow the discovery by security experts that Euft’s operation was based on a camera that was cloud-free and had chips that constantly worked to transfer thumbnails with face data to cloud servers.
The talented security researcher Paul More and his team have asserted that due to the way Eufy has been operating, it is very simple for someone to directly stream the live events through this camera on a VLC Media Player, which is already available to many for free of charge.
The following evidence researchers have indicates that this problem should be pursued further! The security researcher wasabi discovered and tweeted about the fact that Eufy camera feeds are entirely decrypted within the Eufy server, and The Verge collaborated with wasabi on this project.
This raises serious doubts about the Eufy assurances! Since the data is end-to-end encrypted and can only be sent to your phone, the company has stated that the data, or in this case, the portable that was captured by the camera, will never leave the security of your home.
Eufy, however, has yet to respond to their allegations. All you will need to do to stream someone’s feed is to obtain the correct URL.
The Verge also provided information regarding the act, including the fact that individuals who apply to the possibly hosted thumbnail just need a login and password before they can quickly view all of the stream’s free encrypted URLs.
UPDATE: Eufy’s response to the vulnerabilities
Although the business has always disagreed with the lawsuits on the security and privacy it has offered to its customers.
The organization has been certain that they regularly test their security mechanisms and that they welcome helpful criticism from both consumers and security industry professionals. Additionally, all of the disclosed security flaws have been saved and given significant attention.
The business ends its statement by asserting that it has done a good job of adhering to all the necessary regulations put out by market regulating agencies.
UPDATE: Eufy rectifying the issue
According to an update from one of the purported security researchers, Wasabi, Eufy is striving to find a fix for this significant issue. According to reports, the business has implemented an upgrade that prevents Eufy cameras from broadcasting on networks where such cameras are not registered. Streaming will only begin when the original network users have authenticated themselves. Additionally, Eufy has been attempting to prevent users from reading the data generated by its program.