Wednesday, June 14, 2017

More IP cam insecurities

These kind of issues are why you do not expose your cams to the outside world or let them talk out to just anyone. You should always have your cams talk to a local server and make that local server be the access point for the cameras. To be really secure put devices that should not be talking to the outside world on their own network that blocks any any access to the outside world.

Check out these links for more info about Foscam (and the many OEM brands using their hardware ) current issues and possible fixes. Though at the time of this writing a fixed version of the firmware is not available.
Internet cameras have hard-coded password that can’t be changed
Foscam Security Cameras Full of Security Flaws
Securing Your Foscam Camera – Important Notice
The latest firmware

Monday, April 17, 2017

Some things to keep in mind if you are thinking of cloud recording your cams

I hear a lot of people and services talking about recording to the cloud but some basic issues really put a damper on things quick.

Bandwidth needed

Depending on who you ask 720p will eat up 600 Kbps to  44.6 Mbps. 1080p 1.2 Mbps to 73.5 Mbps!

NetFlix says 5.0 Megabits per second - Recommended for HD quality It does not say if that is 720p or 1080p but I'm guessing it is 1080p.

For a more real world example Let's look at my Blue Iris severs with a mix of camera resolutions and brands.
First server is recording 13 cameras. 2 2Ks, 1 960P, 2 1080p and 8 720p. Its network usage averages around 40 Mbps with peeks near 50 Mbps.
Second server is recording 12 cameras. 1 2Ks, 1 960P, 2 1080p, 1 SD and 7 720p. Again about 40 Mbps average with 50 peeks.
Third is lighter 12 cams; 1 2K, 2 1080ps, 6 720p, 2 SD and 1 USB.  Its network usage averages around 25 Mbps with peeks near 32 Mbps.

Not a problem if you have fiber / gigabit level bandwidth but the current top of the line Spectrum (formerly Time Warner) internet connection (300 Mbps service) averages around 20 Mbps upload. The 300 is download speed only.  AT&T only claims 12 to 20 Mbps upload speeds on their top end tier that I cannot even get here. Note AT&T's web store shows a 1 TB cap in fine print for unbundled internet service. (1 TB is less than 14 hours at 20 Mbps or about 33 GB per day) Worse yet it seems TWC is one of the few left NOT capping data. So even if you dedicate a top end TWC internet connection just to your security cams, do not expect to get more than about 6 720p or 3 1080p cams to record to the cloud over it.

Security

Another issue is you REALLY do not want these cams open to the internet. The security on them tends toward cosmetic. Google "webcam security issues" for tons of examples. You want cams on their own, local only, network if possible. At very least blocked at you modem's firewall from talking to the outside except through a local firewalled  server. Otherwise it is like locking your doors while leaving some windows open.

Saving space by not recording continuously

Of course you can save bandwidth by trying to just recorded motion. This is about as useful as saving bandwidth by lowering resolution. Either way you will probably end up cussing when you actually need footage of an event. You can waste quite a bit of time trying to find the sweet spot of balance between catching the stuff you want and eliminating false alarms for each camera. Unless you are monitoring a controlled indoor setting I'd suggest you just forget it. Either you error on the side of false alerts to not miss anything (and probably still miss some stuff) or you might as well not be recording at all. Your best bet is to record continuously and set you motion triggers to the light side, uploading pic and or snippets to cloud storage. That way you get alerts for anything serious and can check the video for what lead up to it. As well as other views of the area from other cameras if available. Assuming the server is not taken of course.

Always test your setup with a person in the most extreme distance to confirm the video will not be useless when you need it by trying to get a recognizable picture from it. Odds are you will find you need better resolution and or zoom than you think to get video useful for more than just seeing someone is there. For a starting point check out the CCTV Design Lens Calculator for ideas of what you will probably need.