Please vote for and optionally comment on this Wishlist topic to show your support to Wyze:
Automatically share camera feed to police and law enforcement (as an opt-in feature)
1 Like
Police here ask if you want to register your cameras with them so they donāt have to go door to door. The form ask to many private question. Besides I donāt want them to round up any of the critters.
Funny thing is from what I recall both Blink and RIng used to have that as an optional feature that was removed for āprivacy concernsā. Now theyāre doing it forcibly and in a secretive way.
Many police departments around here have a way for you to simply register the fact that you have a camera, approximate coverage area, and how to contact you. Iāve provided them videos (which I review first) several times, but they do not have direct access.
My neighborhood has a private facebook group, and in there is a map of approximate camera coverage as well, so if a neighbor has a problem and the police want footage, they know who to reach out to.
Unfortunately the reality is the thieves know about cameras, and since wearing a COVID mask is not unusual in this day and age, they all just have hoods up and a big mask on. The footage often proves to be not that useful.
Of course we can trust all aspects of government. They are our friends. They would never do anything to hurt us.
The state of Florida sells driver personal information to private companies, data brokers, and insurers, a practice that is legal under federal law but has drawn significant criticism and calls for reform.
The Florida Department of Highway Safety and Motor Vehicles (FLHSMV) has been selling personal data such as names, addresses, dates of birth, and driverās license numbers for over 15 years. This has generated nearly $500 million for the state, with around $63 million in a recent year, deposited into the Highway Safety Operating Trust Fund. This practice is permitted under the federal Driverās Privacy Protection Act (DPPA) of 1994 for approved uses like insurance and background checks. (But they also sell driver personal data to FOREIGN FIRMS.)
Florida does not offer an easy way to opt out, viewing the records as public information under DPPA limitations. Concerns include residents receiving unwanted solicitations and potential misuse of data by third parties, including foreign firms.
Of I would be willing to bet your life that only Florida is doing this. They would simply be an outlier doing this. No other states would do it for money, would they? Do they?
Just like Good and Pretti were protected.
1 Like
Protect and serve is new Cop Code for Assassinate.
We, here, now, are experiencing our own Tiananmen Square and in many places and many moments.
Not about Wyze, but if you use Microsoft BitLocker you should read this article.
1 Like
ā¦and my heart goes to all the people on the streets in every city across the country. Stay strong and be safe.
1 Like
Iāve never seen a need to use bitlocker on my personal PCs. For stuff I store on Onedrive or other online platforms, I use the 256AES encryption built into 7Zip. Not that it canāt be broken, but probably harder to do than breaching (or asking) MS and getting your key.
My company uses bitlocker, I guess it does what they need it to, if someoneās laptop is lost or stolen the average thief isnāt going to be able to get at the data.
1 Like
Excellent idea. I admire that. I agree, not impossible to decrypt, but will certainly slow them down. AND 99% likely they will move past you to lower hanging fruit because they are driveby fishing for anything to jam someone up.
1 Like
I meanā¦it kind of dependsā¦
A 256ābit keyspace contains: 2^{256}\approx 1.16\times 10^{77} possible keys.
Thatās More than the number of atoms in the observable universe (~10^80)
Even if you had a machine that could test 1 trillion keys per second, you would still need:
10^50 times the age of the universe to bruteforce it which is physically impossible with known physics and computation.
But, they can arguably just attack weak passwords instead. AES isnāt really the weak link, itās humans (phishing, misconfig, accidental sharing, etc)
Itās even considered Quantum Resistantā¦Quantum computers running Grovers algorithm could reduce that difficulty though. AESā256 ā equivalent to AESā128 security.
But that is an ASTRONMICAL leapā¦weād first need Millions of stable, errorācorrected qubits, error rates far below anything achieved today, and sustained coherence for long periods. That may not even be physically possible, and even if it is, itās decades away and still will take time to brute force the equivalent of AES-128ā¦the only way anyone in the world is wasting those extreme resources is if it involves Nation State National Security against another Nation State.
I knew someone who had their phone seized by law enforcement to look for certain text messages to connect and charge him with some crime. The prosecutor threatened to throw him in jail until he gave them his phone unlock code. He cited case law saying the password in his head is protected by the 5th amendment. The prosecutor sent the phone to the Stateās top digital forensics team to hack into it or brute force it or recover anything off the memory, etc. They couldnāt figure it out and never got in and never recovered any of his messages. His unlock code was only a single letter, and the state digital forensics still couldnāt do anything about it. Eventually he got his phone back. --Iām just saying, unless youāre some kind of Spy national security threat, Iām pretty confident AES-256 is sufficientā¦though maybe donāt do a stupid easy one letter password if youāre actually trying to encrypt anything. 
For the most part, I consider AES-256 and higher to be reasonably quantum resistant and virtually mathematically impossible to hack if you follow best practices.
Does that mean weāre safe? asking for some friends.
2 Likes
Yeah I more meant that it isnāt bulletproof, not that 256 is easy to crack or that it causes me any concern. The one that always comes to mind is the iPhone that was supposedly uncrackable that some Israeli security company was able to get into (was it Snowden or someone, I forget).
However in the financial community at least our clients have been demanding āquantum proofā or at least āquantum safeā now, so weāve had to roll out new hardware to handle that.
Letās just say nothing in my onedrive, even financial info, is going to be attacked by any quantum computers or world leading security companies anytime soon. You can have the best password and the best algorithm, but as was seen recently with OpenSSL, there could be decades old vulnerabilities that the top minds havenāt found, but some AI Bot can spot easily.
1 Like
Iāve found that nothing is unbreakable by those guys.
This is the thing where Apple refused to unlock or decrypt a phone after the San Bernardino attack, or are you thinking of something else?
It is a faint memory at this point but yes I do recall that Apple refused to assist and/or claimed it was not possible. I donāt remember the particular incident that led up to it.
The FBI bought Israel software to break the encryption. Here is the story.
1 Like
And thereās the āyou canāt win no matter whatā category. A couple of years ago, a neighbor when to Hong Kong. Said he was need the docks and dropped his new Samsung in the water. Gone. He said, had his life on that phone. But didnāt bother to learn how to use the backup. He said he had no idea the benefits of ālogging inā on the phone. So, there was no backup data stored in the cloud. That was only half his problem.
He bought a cheap burner phone there just to have a phone. Was there a couple of weeks and came back to U.S. At the port of entry, CBP wanted to look at his phone as they know want to look at everyoneās phone. He unlocked it, (he said), but other than the pictures from this trip, there was nothing on it. They did not believe it was his only phone. They demanded to know where his real phone was. He explained. They didnāt believe him. They held him for hours at entry and went through his and his wifeās luggage. They interviewed people on the plane trying to determine if some new friend was carrying his phone. He said, they contacted him numerous time after he got home trying to get him to āconfessā. He said, long after they had arrived, they were finally released, missed connecting flights, confiscated his wifeās phone. Weeks later returning it. All because their suspicious nature could not believe someone was so tech illiterate. So, watch your back. Government is not dumb, they are evil. Only reason I know, he asked for help to learn how to backup his contacts and new apps to the cloud. Sends shivers up my back.
This is the best point. 
Iāll complement it in agreement too:
Yeah, I donāt know why anybody has ever thought that an iPhone is unbreakable. It is very well known that there are lots of zero-day exploits for every operating system.
Nation states and large hacking groups and others with tons of money often purchase them through pretty widely known brokers such as:
- Zerodium
- Crowdfense
- NSO Group (Pegasus)
- Candiru
- Intellexa
- Government contractors
Thatās not to say that phones have no security. Itās pretty rare nowadays to find a single chain zero-day exploit anymore. Usually they are a chain of exploits now that together add up to a full 0-day exploit. 0-Day chains are known to frequently sell for around $5 million for Android and iPhone through many of these brokers. The bThe brokers are primarily used because they can negotiate certain terms including exclusivity rights so that it is not uncommon that it doesnāt get discovered or patched soon. Soon after the exploit gets used. It is basically burned and no good any longer. But the cost of $5 million to access an iPhone or an Android device means that these available exploits are extremely rarely ever used unless it is for an extremely valuable critical target, which I presume disqualifies basically everybody reading this. 
Law enforcement is basically never going spend $5M to get an exploit from a broker to unlock your phone for some localized state crime that already happened. It would never get approved. I remember a recent article reporting that a few years ago the consistent availability of iOS zero day exploits available and for sale finally surpassed that of Android, and that iOS as a closed system has technically become less secure than the open source OS based solely on unique zero day exploit availability and sales.
But the truth is that every system out there has confirmed zero day exploits out there that are regularly found, sold and used, constantly and the US, and Israel intelligence are among the biggest buyers of theseā¦ At least outside of Russia. The highest reported sale of a zero day exploit was $20M involving a company in Russia.
We actually have some interesting facts about the whole process of brokering zero day exploits through leaks, court cases, and investigative reporting.
I guess my point is that anyone claiming any OS is unbreakable is totally ridiculous. Weāve always known there were known exploits for all of them. There always will be. The best you can do is to take reasonable precautions with āgood enoughā security and donāt do anything stupid to make yourself into a critical high value target that is worth paying $5M for a possible one time use complex full control over your device. We know almost every nation-state has the ability to access almost any system that either online or that they can physically access. The question is when itās worth it for them to waste their expensive, limited (low supply), possibly one time use, and time sensitive (could get patched at any moment) arsenal to do it.
Another interesting thingā¦ Decades ago, I had a neighbor who was a big military guy from a European country who was here to work with my local Air Force Base. He was telling all about how he was able to capture data from a computer remotely when that computer is totally offline and sandboxed. They were using electromagnetic monitoring (antennas within meters, not miles of the computer) to reconstruct a lot of the intercepted data including writing and images. It was new technology at the time, And while things are more complicated now, electromagnetic monitoring is also more advanced and evolved as well. Itās used all the time for spying on close proximity camera views nowadays without needing to actually hack the camera system, just have an antenna close enough to copy and interpret the electromagnetic resonance. Point was that even being totally sandboxed and offline, And even if you keep your data stored with encryption, there are ways to intercept it remotely without having to know the password.
So yeah, your point is great. Having the best password and other things in the world Donāt necessarily mean that something is impenetrable. That word doesnāt exist when weāre dealing with humans. Itās a big joke that in a lot of cases, some of the best security in the world can be bypassed with a $5 wrench attack (ie: you get kidnapped and hit with a wrench until you cooperate with them).