If you want off grid then the V2 using 3rd party Dafang firmware still sounds like the best bet, from what I have heard anyway.
1 Like
not really something to worry about.
It speaks to an immature process.
moderately clear
Any firmware, especially IoT firmware, that is not kept up to date is useless. Why waste the time to do it? Again, speaks to process. If it was done correctly, the build process would be such that anything that can be built once can be built again, on demand. Again, speaks to process.
I do firmware professionally for a living, and have for a long time, for companies large and small. IMHO, three years to patch a vulnerability, and half-baking a version of RTSP firmware probably means it hasn’t been integrated into any kind of build process, nor has it gone through any kind of formal validation. Which means you can’t trust it. If you can’t trust it, you shouldn’t run it. So far, Wyze has not commented, so we have nothing to go on.
2 Likes
2 Likes
Well done !!!
………some will get it,
Others……………. not so much
3 Likes
A lot of opinions in this thread, most backed with few facts. Even The Verge which started this public commotion has quietly changed its story and admits it blew things out of proportion. The threat is low. The primary problem is the time taken to admit the problem…in part because a pandemic slowed development of solutions. It’s always best not to point out the problem until you have a fix, and that’s what Wyze did.
3 Likes
I am sorry, nope. Lack of resources is not, never will be, an excuse.
Actually being clean and open about vulnerabilities and how to mitigate in the absence of a fix would have been the correct policy.
It is rather unfortunate for Wyze, this was their choice. This would’ve been the worst case outcome when they evaluated the situation this 3 yrs ago , In fact, I hope they are rational enough to have considered this outcome.
I now have probably over US $1k invested in Wyze products. I also have a rather large amount of discretionary income, that as a geek, I like to spend on tech. Wyze has a market advantage on value.
But I currently have lost trust in Wyze’s execution. It will take a considerable amount of work on their part to make me trust them enough to continue supporting (buying) their video/audio products.
I am disappointed.
1 Like
Honestly, wyze definitely shouldn’t have made it known until it was fixed. Regardless how big or small the issue was. That’s like giving a step by step guide to criminals on how to break into your house.
Agreed, although it’s unimaginable that it would take three years to issue a fix. And the white paper published by Bitdefender gave that exact blueprint to potential miscreants. And has Wyze notified ALL cam owners with the details about it even yet?
1 Like
I find it mildly amusing that SEVERAL users have wanted a way to access their cameras SD recordings over their home network… And apparently that was possible, but no one knew how to do it. The very thing that people have wanted is now being called a vulnerability and was patched.
2 Likes
So those users should be delighted to scarf up all the v1s people have said they are trashing.
This long episode clearly indicates that Wyze does not want to provide customers with a legit way to access their cam’s sd card files remotely. I wonder why. 
I don’t think that’s the case, since it was possible, but when some third party came in and said it’s a vulnerability and not a feature…
I wish wyze would have just, I dunno, researched how to make it a feature rather than patch a ‘bug’.
Agreed. That’s why I assume Wyze doesn’t want that capability to be available to customers. Wyze had three years to implement a “safe” / company approved way for customers to satisfy their desire to access their SD cards remotely but chose not to.
So whether it’s a bug or a feature depended on Wyze’s reaction to its discovery by a third party. Wyze chose to treat it as a bug despite the opportunity it provided for Wyze to engineer it into being a feature.
1 Like
Perfect message. Note the response you received, none. They care more about promoting their life then running a business it appears.
1 Like
I agree that this really nails the salient issues that remain unaddressed and will continue to bedevil both customers and Wyze until they take the appropriate measures necessary to turn their cheap flowery assurances into action that demonstrates sincerity and trustworthiness.
1 Like
Indeed! While many seem hung up on the severity of the issues or the validity of the Verge article, your post is exactly the point - the time it took to acknowledge and the response (or lack thereof) to the reported issue. Successful companies have been created in less than 3 years!
Cheers!
1 Like
C’mon, kids, this is 2022. This ain’t over 'til there’s groveling. 
2 Likes
And it might just be that it’s taken these three years for Wyze’s own actions to destroy it.
The severity of the risk is irrelevant. There’s always gonna be risk of some nature with technology. What matters is how proactively a company communicates and responds that can make or break how confident customers feel about them.
I have money to spend on additional smart home products, but all plans are on hold for now and will ultimately be diverted to other companies unless Wyze makes a course correction in the way it deals with this issue going forward.
It seems like I’m not alone in those feelings, considering the numbers of others who have expressed their disgust.
Is this the hill that Wyze is willing to die on? If so, it’s sad and unfortunate.
1 Like
Tone and tenor. Tone trumps tenor every time. Sadly.
1 Like
Not even that. It’s a matter of action vs inaction. Wyze STILL has not reached out directly to cam customers to give them a straightforward explanation of the specifics unadorned by excuses and marketing platitudes, i.e., what customers should be concerned about and how to avoid it. Specifics. Not generalities and vagaries.
Why haven’t they? Is it because they can’t without occurring a whole lot more questions? If so, so be it. The level of the company’s maturity is demonstrated by how it responds in the face of its own customer’s questions.
Simply posting a statement on the forum will reach comparatively few customers and many of those are the most diehard loyalists who will continue to support the company regardless because they need the company to survive in order to continue to receive support for their investments both material and emotional. But Wyze can’t live by old customers alone. It needs a constant flow of new capital, new customers and ongoing sales.
New and potential customers will probably demand more in order to build confidence coming out of this situation.
2 Likes
And there should be NO groveling ………NOT EVEN A HINT
1 Like