Interesting. I’ve been building a home camera network and the state of this space (the nvr software) is pretty abysmal: zoneminder, blueiris, shinobi, etc… gonna take this for a spin.
This is a terrible name for an open source project though.
Generally I downvote name griping here because it's both an inevitable topic and the ultimate in bikeshedding, but this is one of those rare exceptions. Link to the "other" kerberos (a very well-referenced and utilized authentication protocol and implementation) in case anyone's curious what this is being driven by:
The name is a giant red flag. If someone doesn't care about a giant name conflict of a very uncommon word with a very common project, then they just brush it off with rationalizations, it makes me wonder what other reasonable things they are willing to ignore.
> the state of this space (the nvr software) is pretty abysmal: zoneminder, blueiris, shinobi, etc
Can you be specific on what you found to be the issue? Did you try MotionEye? They're just a front-end for motion which by itself is very configurable (I recently enabled encoding using vaapi driver for some good performance gains for multiple camera detection/recording), But you need to get past the Python 2 mess of MotionEye but the community is very active and soon I expect the Python 3 branch to reach stability.
> This is a terrible name for an open source project though.
Guess, What's the name for their management system repository is[1]
Other than the windows dependence, what’s the issue with blueiris? I’ve tried the others you’ve listed as well and found it to be the most robust by quite a bit. I wish the web interface were better, and having to use a reverse proxy or vpn to get mobile access is also… meh.
There are multiple options to run it in a container. I'm not advocating for any of them because I just broke down and bought a dedicated machine running Windows for it. Some examples:
This post couldn't have come at a more perfect time. I recently got a call from a client who couldn't access their Unifi Cameras remotely anymore. Apparently the EOL for the self-hosted Unifi Video was was announced last year.
And the replacement solution is no longer self-hosted and is a hardware solution that costs a few hundred dollars to keep the system up to date.
Careful with that. Ubiquiti doesn’t support ONVIF (industry standard for triggering motion alerts) and stopped supporting RTSP on their new stuff IIRC.
You’re going to want to do a ton of testing if you’re keeping those cameras.
It does seem like an odd choice given that Creative Commons specifically recommends against it[0]. That alone would make me unlikely to use this project.
"Open Source" means the source code is accessible, usually to the entire public. "Closed Source" means the source code is not accessible.
Whether the source is open or not does not limit what type of license that can be applied to it. For example, I can write a program and not release it to any other soul and give it an MIT license. Conversely I could publish code on github available to the public and apply a very strict license.
I ended up getting these Montavue 4k cameras largely because they have really good low light performance. They are ONVIF and work with blueiris, which is good because their NVR sucks for use on a mobile phone.
The hardware is the same as many other cameras, HIKvision also has this hardware but I couldn't get it working with blueiris or the HIKvision NVR.
The cameras are indeed amazing at low light. I felt like that was a good feature, and maybe that was misguided. But I can be fairly dark out, looking out the window, and the cameras are still in color mode and look like it's daytime. Think: Google Night Vision camera mode.
I wish there were a better mobile experience though, that's the only way we use them. Both blueiris and Montavue apps suck. Ubiquiti has the best in class here, but I've been burned by them too many times now. This replaces a unusable Unifi system.
For remote access to BlueIris.i plan to use ZeroTier.
I've come full circle with Amcrest. I work in video surveillance, and over time Amcrest just continue to work. I think of them like the consumer priced Axis. As far as their app, ditch it - they are ONVIF compatible. I'm currently using mine with both a rebranded hikvision NVR and a home brewed NVR I'm coding myself, plus a few RaspberryPIs running VLC in different rooms.
I love their cameras but the app is so abysmal. Whenever I connect over vpn to access the cams remotely it goes effectively into a boot loop. I hate it. I keep reporting the crashes on android but no updates come.
I'm surprised more video surveillance software does not leverage the APIs of the cameras. Network cameras have built in motion, object, line cross, and facial detection. The work is done in the camera and the APIs allow you to subscribe through call backs or server side events.
You could support event recording for at least a half dozen cameras with a raspberry pi.
I've prototyped this but it ended up on my shelf of incomplete hobbies. Given that many camera brands are white label products made by the same manufacturer, I would think you could cover several brands with just the first API client implementation. Or maybe this is also covered with onvif?
I believe some like Blue Iris do support this, but other open-source stuff like ZoneMinder is not as close. ZM does support controlling many PTZ cameras, which is really fun. :)
I tried Shinobi but gave up, I even spent some time on bug reports/issues/with their community.
My major issue with Shinobi was each stream is processed by ffmpeg and I had 10+ cameras all requiring 10% cpu each to handle any object/motion detection. The cameras had object/motion detection functionality built in so I figured it made more sense to just do that work on the camera and not on CPU. I also tried offloading some jobs to GPU and that was not working properly, so I tried Nvidia Jetson and still no dice.
There are ways to configure Shinobi so that you don’t need ffmpeg to record the main stream — you just write it to disk and save it.
You would need ffmpeg only if you’re going to do motion sensing, and the recommended way of doing that is to run it on a separate stream that is lower resolution and lower frame rate, which you can the monitor and take actions on the main stream for that camera based on what you detect in the lower bandwidth stream.
I agree that you don’t want to do a lot of ffmpeg processing all over the place.
The problem with offloading that to the camera is that onvif doesn't seem to have a standard way to report this. I only need motion detection on one cam so it wasn't an issue.
It doesn't use the builtin ONVIF motion detection but instead processes every keyframe and does motion detection between the keyframes. So not every frame is being decoded to process, but enough to perform motion capture.
There's some interesting work w.r.t motion detection that doesn't actually require decoding the packets but rather looks at the motion vectors to estimate motion. That would save up a lot of resources..
I've used an old phone with kerberos. You'll need an "IP cam" app that runs an mjpg or RTSP stream from the phone, then put the stream url in kerberos. I run kerberos on a Pi.
Choosing a name like "Kerberos" for a new project will make it very difficult to search for anything related to it. Kerberos is an old concept in many operating systems with 8.4 million google search results(and none of them are related to this video product). Pick a new name IMO.
It's interesting that the cached summary of the `Kerberos` article on Yahoo search has the text of the disambiguated https://en.wikipedia.org/wiki/Kerberos_(protocol), but it's now a disambiguation page that still doesn't include this Kerberos.
The biggest problem with this name clash for the creators is that help and documentation will be hard to find, which will stymie adoption.
They also lose potential good will with the rest of the tech community.
To add on to this -- the about page acknowledges how "many are confused" about the name but effectively brushes it off because "kerberos is a good name", then "it's not actually kerberos, but kerberos.io", followed by "it's a mouthful so we'll just say kerberos" (and the HN submission just says kerberos)
I feel like the name really might be an impediment to the project. Not that people can't ever re-use names, but this really feels like a pointless impediment to discoverability.
They could just call it kerbaros instead to clear up the confusion. /s
This reminds me of the way the word for "today" in French is aujourd'hui. "hui" meant "today" in old French, but it sounds like oui ("yes"). If you split it apart, aujourd'hui means something like "of the day of today".
"of the open source video surveillance software of Kerberos"
> Argus Panoptes (All-seeing; Ancient Greek: Ἄργος Πανόπτης) or Argos (Ancient Greek: Ἄργος) is a many-eyed giant in Greek mythology. The figure is known for having generated the saying "the eyes of Argus", as in to be "followed by the eyes of Argus", or "trailed by" them, or "watched by" them, etc.
> Argus Panoptes or Argos was a hundred-eyed giant in Greek mythology. He was a giant, the son of Arestor, whose name "Panoptes" meant "the all-seeing one". He was a servant of Hera; one of the tasks that were given to him was to slay the fearsome monster Echidna, wife of Typhon, which he successfully completed.
That might be something they would be willing to change their name to. It's also a commonly used name although probably nowhere near as bad to google as Kerberus.
It's a name that fits the project description well, but it's a very bad name for an open source security-related project. They could have as well named it OpenCV.
Or they could make it a multi-part name, like Bronze Kerberos. That way, they can keep the connotation they want, but avoid the problems of squatting on a used name.
Much ado about nothing. We're adults and tech literate people and we can juggle more than one conflicting identifier in our heads considering we deal with stuff like C++ routinely.
If the project is technically good and they market it well, people will get used to the name and learn to distinguish between this and the auth protocol.
I had a very similar moment a few months ago when I found out there is some kind of docker management UI named Heimdall, which is the name of another Kerberos implementation.
I don’t follow the Windows reference since my understanding was that Kerberos (the authentication protocol and associated project and software) is not platform specific, and also works on UNIX and macOS and other systems where it’s implemented for that matter. Did you think Kerberos was only on Windows?
It's not platform specific, but everything on Windows uses it, while on other platforms it's a decision people have to make (and often decide for something else, because they don't understand kerberos and it's not trivial to setup). Thus, if you haven't heard of it, you are not on Windows.
Where I’ve used it, it was not a decision I had to make (OS X, UNIX). It was a decision made by the IT departments at my organizations. So I’ve most certainly heard of it. No Windows anywhere in the picture. But I get what you are saying, you’re talking about people who have not heard of it.
> Single camera per instance (e.g. One Docker container per camera).
One camera per Docker instance? This is going to eat up hardware resources like Fat Albert.
What kind of hardware resource would this eat up? Maybe on non-linux where docker isn't as efficient?
There is next to zero extra memory overhead on Linux, as the static parts are shared. Computational overhead is also linear with work, which would mostly be the case regardless.
I’ve noticed that software more and more being designed that way. Multi-tenancy is out the window, just run multiple instances. For some applications it’s certainly easier, but as with so many other things it’s overused.
I write video security software, and the support logic to manage a single camera is quite low. Whereas the supporting infrastructure for this conglomeration is quite large. I know this field of tech intimately, yet when I see projects like this I ask myself "what are they doing with all this infrastructure? why?"
This is a terrible name for an open source project though.