
Hacking a $30 IoT camera to do more than it’s worth - wolframio
https://hackernoon.com/hacking-a-25-iot-camera-to-do-more-than-its-worth-41a8d4dc805c
======
StavrosK
There's a virtuous cycle thing going on here: Someone releases a product with
hackable/open specs (Xiaomi has a good track record here), people are
overjoyed because you can't easily get good hardware for cheap and build a
bunch of software around it, thus (usually greatly) extending the capabilities
of the product, other people buy that product because it's much more advanced
than competitors (because of all the extra software), profit for the parent
company.

Basically, the company gets a bunch of people to do work for free, the product
gets improved, the company makes profit, everybody wins.

~~~
zaroth
Except when the business model was to sell the hardware at breakeven and make
it up with the monthly subscription, and people are buying subsidized hardware
and skipping out on the subscription fees.

If the company sets out to create an open platform and has a business model
which works in that world, that is a beautiful thing.

Is that the case here and are we seeing a virtuous cycle, are features
contributed back to the company and actually integrated into their product? I
think that’s a beautiful model but I’m not sure that’s actually what’s
happenning here?

Literally the first sentence of the article;

“...its price is cheap but in exchange you are tied to the Xiaomi’s Mi Home
App & Cloud.”

~~~
StavrosK
Xiaomi is, in general, quite good about opening its products up. The YeeLight
bulbs, for example, have a nice open API.

~~~
metafex
Yeelight is just a startup marketing under the Xiaomi brand and is promoted by
them, it's not technically Xiaomi. Same as with other branches of products
(e.g. the vacuum robots).

It also happens that Xiaomi later releases products which actually compete
with their partners (in this case yeelight and their bedside lamps). Also the
whole Yi Camera brand. First marketed with the help of Xiaomi and now a
competitor to the Mijia brand (Xiaomis own brand).

(Citations and more insight needed, that was just from memory).

------
cloverich
This ecosystem is ripe for software based innovation. There's a lot of great
hardware out there but the API's are often closed and the existing software
lackluster. After some research I recently purchased a Wifi camera, and am
planning on using it to track my 6mo old's sleep habits (using some custom
scripts / classification / etc). Guide's like this are great because they help
make these things possible. I hope over time as more people publish hacks and
cool projects based on them, some of these companies will start to open up
their platform / API's. There's so many potentially cool projects that will
hatch out of these.

------
VectorLock
I see a lot of products like this on Alibaba that I wish I could put my own
firmware on. I've messaged a few of them telling them "I'd buy 1000 of these
if I can put my own firmware on them" but haven't gotten any good responses.
What I'm aiming for sometimes gets lost in translation, but mostly I think
they just don't get the premise I'm presenting to sales people who answer the
Alibaba inquiries.

~~~
samfisher83
A lot of the seller in Alibaba are just buying camera OEM from a factory so
they wouldn't be able to get you the software. The factory itself might be
just copying the reference design from chip manufacturer and they might not
have access to the code or under a NDA. The chip manufacturer does not have an
incentive to provide you custom firmware. You aren't their customer.

~~~
tomer_shalev
These are exactly the same reasons which prevented mp3 players manufacturers
back in the day from opening up their specifications to open source projects,
such as Rockbox

------
salki04
I wonder how he got the root password. I see he found it but not a description
of how. Does anyone know how can this be done?

~~~
ultratrash
The trick for most device is to get a serial console and set uboot "flashargs"
or using the init=bin/sh trick, grab the root hash, shove it through hashcat.

~~~
jasonjayr
You are exactly correct.

[https://github.com/EliasKotlyar/Xiaomi-Dafang-
Hacks/blob/mas...](https://github.com/EliasKotlyar/Xiaomi-Dafang-
Hacks/blob/master/hacks/getroot.md)

------
hashgowda
I want to buy bunch of them and setup a grid in small farm. My challenges are
* how do I connect to wifi router which is located in the farm house, because
some will be very far from the router. * Also another challenge is how to
charge the cameras?

Has anybody worked on above issues ?

~~~
i2pi
We have p2p wifi between our barn and farm house. The barn is powered by
solar.

I use engenius WAPs, a 100Ah battery, 2 100W solar panels, a $15 solar charge
controller, various buck/boost converters for other power requirements. The
system also powers an LTE repeater and LTE modem, to provide the farm with
internet access.

------
diggan
Speaking about cheap cameras. I'm planning to setup some cameras at home.
Anyone have any recommendations for devices that are cheap, can see moderately
good in the dark, can be connected to a raspberry and doesn't force you to
connect to some cloud service?

~~~
freehunter
I have a Wyze cam that I installed OpenIPC on. Very simple process if you’ve
ever flashed a firmware before. OpenIPC lets you turn off the cloud stuff and
I have mine pushing video over my local network to MotionEye on a Raspberry
Pi. The Wyze has IR night vision but the IR can’t see through windows at night
so be aware of that.

It was like $25 on Amazon, pretty good deal I think.

~~~
lozaning
I've got the same thing going at home, tough to beat ~7 of these cameras
flashed with OpenIPC for the cost of a single drop cam.

Got the rtsp stream connected up to smartthings and blue iris and have had
zero trouble with them.

They're only $20 if you order from wyze.com

~~~
StavrosK
Does anyone know of a good Android viewer for RTSP? I'm probably going to
proxy it with an HTTP webserver over TLS (if I can do that with RTSP? EDIT:
Apparently I can't, I'll have to find a way to add authentication) to add
basic auth, so the viewer will need to support that.

~~~
freehunter
I use TinyCam on an Amazon Fire tablet to view my RTSP stream but only
locally. Over the Internet I view the stream from MotionEye on my RPi using
their authentication. In that case I can view it in the browser, no app
needed.

~~~
StavrosK
Thank you, I didn't know of those apps, I'll try them now.

------
atupis
Any cool use cases?

~~~
Nexxxeh
In the UK, that makes it cheaper than the Philips Hue PIR-based motion sensor,
which is crazy. And while non-Zigbee, you could easily integrate it into an
existing Hue setup.

It enables you to add more intelligence to your home automation because not
only can it detect motion, if you offload the processing, it can enable object
recognition.

So your cat doesn't trigger it. Or triggers a different action.

Because you can control the IR leds and filtering, you can mount it in a dome
for ultra-cheap external pan and tilt with an external IR illuminator.

