
Who’s Watching Your Porch? - benryon
https://www.nytimes.com/2020/01/19/style/ring-video-doorbell-home-security.html
======
dhsysusbsjsi
Ring security is actually useless. We had one at our work and somebody ripped
it off the door and stole it, then transferred the device to their account.

Yes Ring allows anybody to transfer the device to their account once they
steal it. No confirmation email to original account owner.

Even worse, this clears all of the video from the original account holder SO
YOU CAN’T SEE WHO STOLE IT!!!

The whole point of owning a security camera is gone. No footage.

Its just a fundamentally poor product. And given all the other poor privacy
measures - I’ll never buy one again.

~~~
Nextgrid
This is the dumbest flaw ever. You'd think that a product so good at making
everyone feel watched & raising so many privacy concerns would at least be
good enough to protect _itself_... well apparently not.

~~~
NullPrefix
>This is the dumbest flaw ever

Actually, the dumbest flaw ever would be to give all the previous footage to
the new "owner".

~~~
WrtCdEvrydy
I wonder if this also happens, anyone got a spare ring I could transfer to my
account for a test?

~~~
rchaud
I thought Ring didn't actually record the video to the device's storage.

~~~
shubb
But if historic video from the device is no longer associated with the
original account, does it get deleted or just owner change? who is to say it
doesn't get given to the new account... You'd have to try it and see.

------
jcrawfordor
I run video surveillance at my home out of some combination of paranoia and
curiosity. But I run everything myself - cameras are recorded by an in-house
NVR, which is an inexpensive single-board computer with a 1TB hard disk, and
'alert' clips are uploaded to a VPS on the off chance of someone breaking in
and stealing the NVR.

Although open source NVR packages are, in my experience, a massive disaster
(either extremely outdated and frustrating to set up and use in the case of
ZoneMinder, or extremely feature limited as in the case of the fifty Raspberry
Pi-based solutions), commercial software packages like Blue Iris and Xeoma
(which is even cross-platform) are inexpensive and have expansive feature
sets. I use Blue Iris, which has the downside of requiring Windows, but the
upside of generating MQTT messages or HTTP requests on alerts which makes for
a lot of easy integration. Xeoma is cross-platform but relatively immature
(although I've found the vendor to be extremely responsive to emails) and has
a bizarro-land UI that's very tricky to learn to use.

On the other hand, consumers don't necessarily need to deal with any of this,
because lots of vendors sell NVR appliances that are hardware and software in
one product, and they're pretty cheap. Costco even regularly carries them from
a couple of major manufacturers. I prefer to do things myself, but I've used
appliance NVRs from Swann in a couple of cases and they work fine with
extremely easy setup. More recently Ubiquiti has gotten into this space, and I
haven't had the opportunity to try their system yet but their products tend to
be pretty good quality and ease of use for the rock-bottom prices - and as I
understand it their premises-based NVR also runs the UniFi manager, so it
makes it really easy to build out a large-campus WiFi-based solution but might
also be a neat trick for home use if you want to use the great-for-the-price
Ubiquiti APs and/or USG.

At the end of the day, I'm not convinced that cloud-based surveillance
solutions really offer much to consumers beyond being backed by vendors with
very aggressive marketing. Most people know about Ring cameras but don't know
that they can buy a completely non-cloud, on-prem solution-in-a-box at the big
box store or even, well, from Amazon. And at the end of the day, the
manufacturers of these on-premises systems don't get to loop you into a
"social network of fear" and analyze your video, so their opportunities to
monetize are a lot more limited, and so they charge higher up-front prices.

I think a lot of it is just awareness though - Amazon and their competition
are pushing their cloud-based solutions very hard, while the on-prem
surveillance vendors that have for the most part been around much longer just
don't really advertise to the consumer market.

~~~
ErikAugust
Do you have any hyperlinks to resources for those who want to go DIY-ish?
Thanks in advance.

~~~
jcrawfordor
I'm not sure if there's a good guide, maybe I ought to try to write one. I
would say the simple things to keep in mind are just to buy cameras that are
ONVIF compliant, since this more or less guarantees that you will be able to
use them with any "open standard" NVR you want. tbh the ONVIF spec itself is
frustrating and not that much help, it's just that ONVIF compliance guarantees
you that there will be RTSP streams available and that an NVR will more-or-
less be able to configure automatically.

When it comes to NVRs, there's a million options and I couldn't produce
reviews on all of them... but Blue Iris is probably the most popular
commercial NVR and ZoneMinder and Shinobi the most popular open-source. I
would describe ZoneMinder as hopelessly obsolete and Shinobi as unstable and
hard to get running on other than their supported platforms, but Blue Iris is
Windows only so everything has its problems.

The only "big" NVR solution I've worked with is Milestone, and I'd say it's
very good and actually not that expensive, but it is pretty heavy to deploy
(e.g. needs MS SQL Server) and you have to buy through a VAR which is kind of
a huge hassle to go through for a license that is only around $100 (for the
lowest-end package).

Also, if you run cheap no-brand Chinese made IP cameras like I do... the
cameras are often pretty damn good very a very low price, but sometimes it's a
real adventure figuring out how to configure them (e.g. firmware not
completely translated to English, often shared between many models so half of
the settings don't apply to your device) and I recommend blocking them off
from the internet because some have management/cloud recording features that
you can't disable and it's a little sketchy having them connect out to some
white-box overseas cloud management solution all the time.

It's a best practice to put IP cameras on their own VLAN anyway and it's not
really that expensive to get home equipment that can support this, e.g.
Ubiquiti's routers/switches and/or the TP-Link "Easy Smart" switches (which
are 'semi-managed' and handle VLANs and QoS for well below the cost of a
managed switch). But the machine I run Blue Iris on right now just happens to
be a weird x86 single-board machine with 2 GbE interfaces, so I have the
cameras on a physically segmented network just because it was easy.

------
MisterTea
Those rings certainly paid for themselves in stopping the violent break in...
oh. well the woman screaming for help was saved when... oh. Well how about...
never mind.

Ring, and CCTV in general doesn't prevent or even deter crimes nor did it save
anyone. The irony with how useless a Ring camera is, is illustrated in all
those Amazon package thefts ring captures but didn't stop. The only useful
thing is being able to prove to Amazon your package was stolen. A pointless
system of waste for lazy people. Boon for the surveillance state.

~~~
apta
The way I see it, they're a tool, part of a bigger picture that aids in
security and safety. The issue it seems is that there isn't a proper follow up
once the perpetrator gets identified and caught. There doesn't seem to be
strict enough punishment for people who get caught to deter them. Or you have
ridiculous laws where the thief can sue the owner of the house they broke into
because they got hurt or "excessive force" was used to contain them until the
police arrive.

~~~
laughinghan
The evidence is extremely weak that threat of punishment actually successfully
deters crimes of opportunity: [https://undark.org/2016/05/16/deterrence-
punishments-dont-re...](https://undark.org/2016/05/16/deterrence-punishments-
dont-reduce-crime/)

Some premeditated crimes (e.g. first-degree murder, bribery) can be deterred
by threat of punishment, but when people are making the snap-decision to
commit a crime of opportunity, they aren't carefully weighing the risk vs
reward.

~~~
apta
Studies like this always seem to be confined to Western societies (and
particularly the US). Other societies seem to be doing just fine with harsh
punishments like the death penalty. There are other factors at play here, but
having harsh punishments that are actually applied is one factor in the
system. In other countries, serial rapists would be executed for instance. I'm
not sure that's the case in the US.

~~~
Consultant32452
Not that I'm recommending we go this route, but Singapore will literally beat
you with a big stick, likely permanently handicapping you, for offenses as
small as chewing gum. They have remarkably low crime.

~~~
chickenfries
Chewing gum is a fine. There’s a lot to be said about caning in Singapore but
you’re not going to be caned for chewing gum.

------
bhauer
I look forward to Ubiquiti's upcoming "UniFi Access" line of access control
hardware (e.g., an electric bolt controller with a front-facing door camera
embedded in a nice package). Self-hosted like all UniFi gear, meaning video
and data are not exfiltrated to a third-party cloud. Plus, it will be managed
by and work alongside all of your other UniFi equipment.

~~~
Nextgrid
There's definitely a need for a _secure_ (based on actual cryptography) door
entry control system.

Most of what I've seen in the field is either HID iClass (no idea how secure
they are) or Mifare Classic. The latter doesn't even attempt to use the card's
crypto features (which are broken, but it would've at least been an attempt)
and just uses the UID of the card which is broadcast in the clear and even the
card's datasheet explicitly warns against using it for any kind of security.

~~~
secabeen
In the commercial space, sure. In the residential space, it would be a pretty
small market. A door lock is there to slow down an attacker, or to force them
to make a destructive entry via a window. Going much beyond long screws to
prevent kick-in, and good tolerances to prevent trivial bump keys is rarely
cost-effective.

~~~
jakobegger
I've talked to a few people who were victims of burglaries, and the value of
the stolen stuff never worried them. The violation of their home was what
worried them. It messes with you when you know someone broke into your home.

So people probably don't worry about cost-effectiveness of their home security
system, they just want to feel safe in their home.

~~~
michaelt
Even if cost is no object, every commercial electronic entry system I've ever
seen has had at least one door with a bypass with a conventional key, in case
the electronic entry system fails. And any electronic lock with a manual lock
in parallel with it can never be more secure against attacks like lockpicking
than the manual lock alone.

Of course, there are security benefits if you have a cleaner/dog
walker/whatever and want to give them access you can revoke without the cost
of changing your lock. Or if you're running a commercial installation like an
office or AirBnB.

Still, I don't think electronic door locks will become mass-market until
someone makes one so reliable it doesn't need a mechanical bypass key, which
might be impossible.

~~~
namibj
You can pin a lock that's practically impossible to pick by permanently
blocking when one attempts to pick them. Yes, the owner needs to drill the
lock after such a picking attempt, but it prevents non-destructive entry.

------
wry_discontent
If you haven't checked it out, there was a Citations Needed podcast episode
about this recently. It's a great show, self described as about "media, power,
PR, and the history of bullshit." It's usually an interesting listen.

[https://citationsneeded.libsyn.com/episode-97-porch-
pirate-p...](https://citationsneeded.libsyn.com/episode-97-porch-pirate-panic-
and-the-paranoid-racism-of-snitch-apps)

------
analog31
My suggestion for porch piracy is for everybody in the neighborhood to leave a
few random looking packages on their porch. It would greatly raise the effort
of a thief to figure out which package is worth stealing.

~~~
rzzzt
I sense a business opportunity... selling decoy packages, including delivery.

~~~
nikk1
There is a youtube video out where someone created a decoy package and left it
on their porch until someone stole it. The theif opened the package only for
it to explode glitter everywhere.

[https://www.youtube.com/watch?v=xoxhDk-
hwuo](https://www.youtube.com/watch?v=xoxhDk-hwuo)

~~~
gnicholas
That was partially a hoax (the legit creator enlisted helpers, some of whom
hoaxed him/us): [https://www.vice.com/en_us/article/yw7jej/glitter-bomb-
video...](https://www.vice.com/en_us/article/yw7jej/glitter-bomb-video-staged-
fake-package-thieves-youtube-mark-rober-explained-vgtrn)

------
trekrich
what better way to build a surveliance state than get people to do it to them
selves.

~~~
nick_kline
This is kind of like the classic book "Fahrenheit 451" by Ray Bradbury. There
is a scene where a character is running down the street, and a ubiquitous tv
show is on that tells everyone to look out their window for the dangerous
person "Right now!" (with their photo shown) so that you can find and capture
anyone running away through the city, with everyone coordinated.

------
danans
Banditry/highwaymen have been a feature of societies with high inequality for
a long time. It's a big reason that people congregated behind city walls since
time immemorial.

These cameras are our new city walls and guards, and given a continuation the
trend toward greater inequality, these sorts of technologies will become even
more ubiquitous.

~~~
unishark
I think bandits/highwaymen would be those who steal by physical force.
Burglars steal surreptitiously.

And I think the main reason the wealthy build the walls is because they're the
only ones who can afford to. Everyone's safety is improved by hiding behind
some good walls.

~~~
danans
> I think bandits/highwaymen would be those who steal by physical force.
> Burglars steal surreptitiously.

Fine, add burglary to the list. The _how_ matters less than the _why_.
Addressing the _why_ makes us consider how the structure of society
incentivizes the crime. Camera systems are also going up in public spaces to
deter robberies.

------
neonate
[http://archive.md/sLqSi](http://archive.md/sLqSi)

------
bozoUser
How does Nest compare to Ring ?

I have seen so many deals on Ring security system and not surprised my entire
community is on Ring (since its closer to a Costco) and we are the only
household without any kind of security system atm.

~~~
EricE
Quality wise, I'm very satisfied with my Nest Hello.

However Google keeps removing features and neutering functionality as they
painfully absorb Nest into their Google home crap.

For once I'd like one of these vendors that isn't incompetent or evil and
actually brings some value to the table :(

------
EricE
Want some real fun? Try to set up Ring without UPNP enabled.

Let the games begin!

------
ErikAugust
[https://beta.trimread.com/articles/3168](https://beta.trimread.com/articles/3168)

