End-to-End encryption (E2EE)

Cloud security is hard and everyone makes mistakes. To eliminate any possible data breaches in future or hacks I propose to shift whole Wyze cloud infrastructure to end-to-end encryption (E2EE).

All major cloud cameras like Nest, Arlo, Xiaomi, Yi, Ring, etc. use the same approach as Wyze - username and password hashes (tokens) stored in the cloud. So there are at least a couple admins in that companies who have full access to your recordings and can view live streams for any cameras.

In E2EE context no-one except for the user have access to video stream and cloud recordings. Even if whole cloud database is compromised, users data will remain safe.

The idea behind E2EE that besides username and password hash stored in the cloud there is an E2EE encryption key which is stored locally by user - on user phone, written on paper, etc.

There is only one (?) E2EE camera available on the market today called Haicam with a very poor hardware. They claim that “no encryption keys are stored in the cloud–this means, unlike other solutions, your privacy is not compromised if there is a security breach with your provider. Only devices you own and have installed onto the YouIPCams app can view your video.”

I think that feature will completely stand out Wyze from competitors in the long term and bring piece of mind for Wyze clients and it will be safe to put cloud camera into bedroom .

There are some cons of E2EE approach like it will be impossible to make any cloud based analytics (e.g. object detection) since all video will remain encrypted for server. But I’m sure Wyze will find a way to reimplement AI object detection on camera and not go cloud AI object detection way.

haicam1440×2880 562 KB

P.S. Some discussions are on Reddit as well https://www.reddit.com/r/wyzecam/comments/einbjv/feature_request_endtoend_encryption/

I present this wishlist item as news of the second data leak has just been posted.

I request that all user data be encrypted at all times - including email addresses.

A Reddit user was concerned that the processing requirements of the camera encrypting before sending would make this unfeasible.

Alexy (OP) replied there saying:
Not necessarily. You can encrypt only some parts (beginning) of keyframes and that will be enough not to allowing to decrypt it. This is how it is done in Yi and CamHi cameras.

There is no reason to encrypt emails. They are still needed in plain text for login verification and account restore.

I like it. If they do end up using any cloud-based analytic features in the future, (For example, if their reintroduced person detection ends up needing to be in the cloud.) they could make end-to-end encryption an optional setting per camera, with two-factor authentication required any time you turn it on or off. That would allow people to use cloud-based analytics on their less-sensitive cameras while making their more sensitive cameras more secure.

Yes, E2EE key per device could be a better solution than E2EE key per account. If you’ve lost E2EE device key you can reset a device and create a new one. If you have lost E2EE account key you need to create a new account and reset all devices to be assigned to that new account.

Yes! Zero knowledge!

Salt and hash. The only reason they are needed is so Wyze can send you marketing materials and other communication.

EDIT: Then they could just dump email addresses into whatever email management system they use (e.g. ConstantContact, MailChimp). My email address absolutely does not need to be in plaintext to be used for login purposes. Fact.

Adding E2E encryption would be a big step towards regaining customer trust.