They said No. It is still in the box on the counter after over 2 years.
The Ring situation was already slimy, having smoothly accessible channels for LE to bypass customer's refusal to cooperate with informal footage requests. Live streaming at will, would really put things in perspective, exalting the morose, lone clinical cynic to an urban archetype.
I understand folks who are into traipsing through life before a perennial, unblinking audience of strangers. I've been afflicted with diseases myself. But foisting it on neighbors seems biblically ungood.
I know it's socially acceptable to mock and belittle snowballs, but I think this will be a big one.
Or worse-yet, opt-in means "Hey our rates are going up, but not if you agree to this" (something comcast did recently).
Or opt-in is stored in some database somewhere and might "accidentally be misread" due to a "bug".
If they want real-opt-in then it should be a SMS message at the time they want to know, and a phone-number you can reach out to for more information. This would give an audit trail at the very least.
Even workaday settings for devices are scattered haphazardly hither and thither through the many pages of their app’s interface and I regularly find myself having to Google for the location of settings.
It’s crying out for, at least, some sort of smart search box.
So “hard to find” for something like this is practically guaranteed.
Consent-O-Matic
I still don't care about cookies
uBlock Origin has some filter lists to enable
And the reality is such cameras are designed to be pointed at public spaces. So what if the cops can see it? Using technology to expose that which is otherwise invisible should require a warrant, but I don't mind technology that simply provides eyeballs on what's public anyway. (Note that I feel differently about security cameras in general--they are often pointed at non-public spaces and access should be opt-in on a camera by camera basis. Cameras covering the front entrances, fine; cameras covering back entrances, ask or get a warrant!)
Or put up their own cameras on the street.
What’s the Comcast story? (just did a quick search)
relevant quotes:
Xfinity won't give folks in certain locales (maybe everywhere in the US?) unlimited bandwidth unless they use their modem/router. This seems like a good reason that practice should be illegal.
AzzyHN 19 days ago | parent | next [–]
If you want to remove the 1.2TB data cap, you can either pay $25/mo and get Xfinity's gateway router "included" OR pay $30/mo to use your own modem/router.
>> Or worse-yet, opt-in means "Hey our rates are going up, but not if you agree to this" (something comcast did recently).
We need something where they said rates are going up, but said you could keep your old price if you agreed to something.
You suggested it was the "imaging through wifi and was auto enabled for their routers".
To fit what we are looking for it would have to be that Comcast put that on their routers and enabled it and raised their rates, but said that if you kept it enabled you could keep the old rate.
That doesn't fit because (1) they made it available on their routers but you have to explicitly enable it and (2) whether or not you enable it does not affect your price at all.
The way they price unlimited data, $30/month if bought separately, or bundled with one of their routers for $25/month is annoying, but doesn't fit what we are looking for because the person said they are talking about something done recently. Unlimited has been handled that way for ages.
They did recently announce a new set of 4 plans that are nationwide and for new customers replace their olds plans. These plans make a significant change to unlimited and to modem/router rental. Current customers can switch to the new plans if they want. But I don't think this is what he was thinking of.
The new plans are 300 Mbps, 500 Mbps, 1 Gbps, and 2 Gbps no contract plans. Currently you can get them with 1 or 5 year price guarantees, but as I said they are no contract plans so you are not locking yourself into staying with Comcast.
I'm not sure why anyone would not choose the price guarantee option. For new users in my area the price without a guarantee is $80, $95, $110, and $140, respectively. With the 1 year guarantee those $40, $55, $70, and $100. (This all assumes you go paperless and use autopay--add $10 is not). With the 5 year guarantee those are $55, $70, $85, and $115.
I'm an existing customer on a plan that is $69/month with 400 Mpbs download. To switch to the new plans without the guarantee the price is $70, $85, $100, $140. For the first 3 that is also the price with the 1 or 5 year guarantees. For the 2 gig plan it is $100 with the 1 year guarantee and $115 with the 5 year guarantee.
All of these new plans are unlimited data. All of them include modem/router. You are not required to use the modem/router they provide. You can use your own, and you will get unlimited data. Whether you use theirs or yours does not affect the price.
I don't think this is what he was thinking of, because existing users can keep their existing plans. They aren't raising prices on the old plans and saying "switch to the new plans if you want to keep the old price" so it doesn't fit.
In fact it is more the opposite. Take my case, currently paying $69/month with a 1.2 GB cap and using my own modem. If I want to add unlimited to my current plan that would add $30/month, bringing it $99/month. If I switch to the 500 Mbps new plan and continue using my modem [1] that would get me a 25% speed boost and unlimited and save me $14/month over going unlimited on the old plan.
[1] I'd probably use their modem. Mine is old and doesn't support the higher upload speeds the Comcast rolled out a while back. My current plan, and the non-gig new plans, can do 100 Mbps up, but my modem can only do 35.
Really offended me on principle, but not $40 a month level offended, so I signed it.
You have to be total naive if you still believe that this is a “safe” feature to enable.
I think this particular one is pretty important to know about because a lot of people deploy Ring stuff almost by default, and some HNers (including me as it happens) have some level of influence or even control over it. I always meant to put some effort into updating my self-hosted security system efforts but this is a major kick in the butt. Have to know this exists and be able to offer solid credible alternatives.
Edit: to add a direct pertinent example, WE LITERALLY JUST HAD 5 DAYS AGO ON HN A 500+ COMMENT HUGE THREAD ON "Oakland cops gave ICE license plate data; SFPD also illegally shared with feds" [0]. And there are people really claiming "nothing to see here, move along, local and feds would totally never conspire to abuse anything in violation of the law let alone not in violation of the law"!?
----
DHS has become lawless, and they are eager to strong arm and over reach after having dismantled their own oversight and ignoring their own regulations. They are working hard to move fast and break the law faster than the law can keep up and the Supreme Court has made it very difficult to seek remedy. Because they are not doing criminal justice but instead civil administrative enforcement the web of oversight and review and stronger civil rights for criminal justice don’t apply. They have become the largest police force, militarized, and with enormous budget, latitude, and blank check support from the highest levels of political government.
They absolutely can strong arm Amazon into doing what they want, and absolutely will use Ring camera against their owners and neighbors.
In six months we created a secret police rivaling the KGB, gestapo, State Security Police, and SSD.
Anyway, don't send potentially sensitive footage to a third party server.
Illegal recording is a pretty good rule actually. Almost every party I've been to has a rule against filming dance floors, although in German law it's only illegal to publish a recording "of" a person. The flip side to illegal recording is that it's effectively legal to do silly things without worrying it'll haunt you forever, and that's pretty cool. Note the relatively relaxed attitude to things like public nudity (which is only legal in certain places as I understand it, but still). Almost every Berlin party I've ever been to has a rule against filming.
I think there's an exception for dashcams. Might still be illegal to publish recordings. Not sure.
You can put shutters on a camera so it can't see off your property.
Also you have to tell people they're entering a video surveilled area before they enter that area. Or else you go to prison.
Fancier cameras can have filters on the motion sensor (which I wish I had--mine wasted too much recording time on the wind moving a tree), but you can't exclude the area.
But everyone else does, so what's the point? My privacy is always compromised because tech junkies (as opposed to techies) insist on indulging in stupid things like 21 and me, Gmail, or Ring and I get swept along with it.
The company sequences human DNA. The number in the name of the corp is the number of chromosomes in human DNA. I hope you and I both have more than 21 chromosomes…
The number of chromosome pairs, not the number of chromosomes.
Penalties should be in the %s of revenue or company assets. Whistleblowers should receive large sums for identifying violations.
In a broader vein, it's time for regulation forbidding the retention or aggregation of any person's data for any commercial purpose other than the one most proximal to the actual transaction in which the person engaged, unless they explicitly opt in.
What would the latter mean? Among other things, targeted ads and recommendation systems would become illegal. Cross-user aggregation (or e.g., a company engaging in any user-longitudinal data analytics) would be illegal. In SQL language, ideally the only time you could do any query with a user ID returning multiple rows for further use would be to serve data directly back to the user. In the long run, such queries should be impossible by requiring something like a) per-user encrypted storage, b) user owned data, c) non-correlatable per-user IDs across transactions.
It will never happen because -- as noted in the article -- many folks in SillyCon valley and government are technofascists, but it should, because our current situation violates all reasonable notions of privacy.
The DHS is collecting a massive database of facial geometry at the moment in preparation for nationwide constant realtime facial recognition, just China has.
The cameras are up and collecting data at every airport, as well as every traffic intersection in Las Vegas (and presumably other cities).
Is neither fascinating nor philosophically based. It's a long-running islamic tradition that gets broken and bent all the time. See https://en.wikipedia.org/wiki/Aniconism_in_Islam
I should’ve included a source to where I read about it initially and that’s below
https://apnews.com/article/afghanistan-taliban-media-moralit...
What do you mean by that?
I'm arguing that no per-user analytics should be able to be conducted. A store can track how many times product A is purchased, but not that product A and B were purchased by the same user. Using the latter info for anything other than providing a summary of what the user has purchased (to the user) should be illegal.
Yeah it would be complicated. But you could do it by creating a new obfuscated user ID for each transaction.
Or even better, by having each person store their own data and mandating that companies delete all records. The company can provide a signature on the transaction record (a receipt!) that the user keeps to prove the purchase if there's a conflict later on. But the company cannot keep a copy of any per-user info, the receipt, or the transaction info; nothing beyond the fact that product A was purchased on a certain date.
This is basically GDPR
And we know exactly how such a regulation will be met by both companies and the tech crowd. See GDPR, AI Act etc.
This will be abused by the government, by the police, and every othet nefarious organizations and individuals possible.
Hanson’s razor says never attribute to malice what is adequately explained by stupidity.
Nowhere in there, does it say that stupidity should be acceptable or accepted.
Yes, fuck them for being too stupid to know better. At some point in their life they made a decision to disengage from any use of their brain, and have remained that way to the detriment of everybody around them.
I ended up with an Amcrest IP2M-841 and Tinycam on Android (as I understand using RTSP), and blocking internet access of the camera through the router. As I found out, just connecting it to the internet will automatically connect to servers for allowing “easy setup” of the remote access feature.
My consumer-grade “walkie talkie” had a very short range in a city, like one block.
My house also came with an existing NVR camera network which I can view in home assistant over my router without it ever going to the cloud as well.
I have a Wyze camera and their janky HA integration seems to have stopped working after a firmware update. They're also the epitome of enshittification and want to nickel and dime me for every feature -- I'd be glad to ditch them.
Until one day they auto-update ...
How do you handle smartphone cameras?
IME you have no control over the baseband chip of a cell phone, no reason to trust it's not enabling its camera or microphone at any time. I have a flip phone which comes in a non-camera version. I have an iphone without a SIM I can connect to its hotspot if I need to do something smartphoney.
Relatively low tech compared to somehow hooking up a camera livestream system to ring your phone via the internet in some way but it works
1. The doorbell cam is connected only to the LAN.
2. The doorbell cam is definitely blocked from accessing the internet.
3. Having access to the LAN from your phone through VPN allows you to watch the feed and talk to people at the door through the app.
2. I have not gone through the trouble of isolating them on their own VLAN, but I don't see any traffic coming from the devices. This is something you will want to audit on your own network if it is important to you.
3. I have viewed the camera output through VPN, but have not yet tried speaking through the doorbell (or through one of my camera's audio output). I don't see why it would not work.
The Reolink doorbell camera is a typical recommendation and can work fully locally and supports well the common standards like RTSP. 2 way audio works as well.
I believe the NVR Reolink sells can also work fully locally as well. Which also can integrate to home assistant.
Not exactly what you’re asking for, but great ease of use at a good price, and good privacy.
I'd say it's economical in comparison to cloud options, but, yes, not all that practical to the less technical crowd.
I specifically block the camera and NVR local IP addresses from accessing the internet. I don't really want the possibility of an private company accessing live (or recorded) video of where I live.
Brand is Reolink. I've been slowly building up the system over five-ish years and have not yet found any reason to kick myself for choosing that brand. I also have some TP-Link Tapo cameras for more temporary things, like monitoring pets.
I've also setup Frigate as an alternative system, both for my own interest and as a way to aggregate different camera brands to a single interface. Frigate can be a bit complex.
I'd really like something that'd be apartment friendly so no drilling holes.
They're quite cheap when they're on special, and Amazon seem to have specials on them relatively regularly.
(as much as I don't like to recommend Amazon for anything)
Wireless cameras are mostly a false sense of security for homeowners, much like a deadbolt on a door with a glass window in it.
At least you can talkback and confuse the cat while you’re at work. Doesn’t do fuck-all for safety.
Cloudfare tunnels are free. You just pay for your domain name. Ngrok is also an option.
If you want to be extra secure, you can do ssh port forwarding through the cloudfar
https://www.home-assistant.io/integrations/?cat=camera&iot_c...
https://www.home-assistant.io/integrations/?cat=camera&iot_c...
The documentation for setting up the integrations should also indicate whether there's any cloud involved.
There's also thingino, I have not gone this route yet.
If you are subpoenaed then you're obligated to respond, and the same is true for Ring. But that's not what we're talking about here. This is law enforcement requesting access, and Ring doesn't require a formal subpoena or warrant. They can decide to comply to nothing more than "someone from a .gov email asked nicely".
It's written out in their terms of service:
> you also acknowledge and agree that Ring may access, use, preserve and/or disclose your Content to law enforcement authorities, government officials, and/or third parties, if legally required to do so or if we have a good faith belief that such access, use, preservation or disclosure is reasonably necessary to: > > (a) comply with applicable law, regulation, legal process or reasonable preservation request; (b) enforce these Terms, including investigation of any potential violation thereof; (c) detect, prevent or otherwise address security, fraud or technical issues; or (d) protect the rights, property or safety of Ring, its users, a third party, or the public as required or permitted by law.
So Ring is quite happy to hand over your footage to anyone so long as Ring believes it's "reasonably necessary" to protect the rights or property of anyone.
This isn't about Ring complying with a legal request. This is about Ring undermining the fourth amendment entirely by saying "we'll give law enforcement whatever they want".
In any case, you're mistaken about what the terms allow. When you paraphrased the terms as saying they can "hand over your footage to anyone so long as Ring believes it's 'reasonably necessary' to protect the rights or property of anyone", you neglected to account for the clause: "as required or permitted by law". Under the Stored Communications Act, 18 U.S. Code § 2702 (b), there is only a short and narrow list of circumstances under which it is permissible for a provider to disclose communications content without a warrant. The most pertinent is an emergency involving danger of death or serious physical injury (exigent circumstances), which is what the link in the OP regarding warrantless and consentless disclosures is about. But exigent circumstances are also a longstanding exception to fourth amendment search protections in general: law enforcement can break into your house without a warrant if there are exigent circumstances requiring them to do so.
> you're mistaken about what the terms allow. When you paraphrased the terms as saying
I didn't paraphrase. I quoted them directly. Feel free to check them yourself https://ring.com/terms
> you neglected to account for the clause: "as required or permitted by law". Under the Stored Communications Act, 18 U.S. Code § 2702 (b), there is only a short and narrow list of circumstances under which it is permissible for a provider to disclose communications content without a warrant.
There are so many exceptions it doesn't matter. From the same code, (b) (8) states "if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of communications relating to the emergency", and (b) (7) (A) (ii) "to a law enforcement agency if the contents appear to pertain to the commission of a crime".
This is exactly how Ring shared content with the cops previously. https://www.cnet.com/home/security/ring-google-and-the-polic...
No, the entire point of the article is the introduction of a new feature which allows law enforcement to request a certain kind of access from end users.
>I didn't paraphrase.
This wasn't a paraphrase? "hand over your footage to anyone so long as Ring believes it's 'reasonably necessary' to protect the rights or property of anyone"
>From the same code, (b) (8)
That is the exigent circumstances exception I mentioned.
> (b) (7) (A) (ii)
Only applies if (i) also applies: the contents "were inadvertently obtained by the service provider".
Install that and your open source backend of your choice and Bob's your aunty.
Then again, doesn't seem like the law matters anymore at least on a federal level.
https://ring.com/support/articles/pmod0/Using-MicroSD-Cards-...
https://community-ring.sprinklr.com/conversations/ring-alarm...
It's not Orwellian overreach or, as the EFF claims a breach of Ring's customers' trust, if the customer gives up the data willingly and knowingly.
And lots and lots of people will.
There is no such thing short of a physical switch. To believe otherwise is the absolute height of naïveté.
Based on the articles, do you really think Ring and police cannot just get whatever they want?
https://consumer.ftc.gov/consumer-alerts/2023/05/rings-priva...
https://www.reviewed.com/smarthome/features/ring-changes-pol...
https://www.silicon.co.uk/e-regulation/surveillance/amazon-r...
https://theintercept.com/2019/01/10/amazon-ring-security-cam...
Or scarier, a National Security Letter the government claims the company can't even talk about except maybe in secret court. Or perhaps scariest, a """"National Security Letter ;^)"""", ie, the company absolutely wants to gleefully cooperate with the government and give it whatever it wants for the right price, but also wants to maintain a veneer of "we totally care" and the government obligingly produces some demand and the company then goes "oh geez we totally place customers first and privacy is our highest priority ....but we had to because of terrorist pedo murder rioter jaywalkers, the government ORDERED us to not our fault nothing we could do!" while facilitating it without any challenge at all.
* At the moment I only have sensors so that Ring tracks movement inside the house. Only when I'm out of the house for an extended amount of time (days), I turn on the cameras.
The last time I checked, they're custom (read: expensive) and require building out your own backend video storage.
Don't worry, you have nothing to hide, don't you ? They forgot "legaly" in this sentence. Police already has access to it.
I think a better question is... why do we all need this? I get that everyone these days is afraid of everyone and everything, but it's not rational. Very few people actually need a doorbell camera.
And if something actually does happen where you think video evidence might be useful, nine times out of ten the police aren't going to help you anyway.