They are now yes. Like I said, that wasn’t always the case. And even some of those US (and Canadian) providers currently in use are a bit sketchy. The OG seems to be the only cam that completely uses AWS, the rest are still talking to a couple smaller lesser known companies in addition to AWS.
If you’re a Wyze employee you should get the tag added otherwise it looks suspicious.
He is an employee and I got his name and tag fixed to show. Thank you.
In that case, welcome @WyzeMax. Always nice to have more Wyze staff in here.
I’m adding to this thread to keep it alive…this hard coded 114DNS needs to go! The DNS IP should be at the very least be populated by the DHCP server.
Also adding to this thread to keep the pressure on Wyze to address this. I’m still seeing numerous calls to 114DNS from my Wyze Base. Please address this, Wyze team!
I’m guessing if everyone here knew where all their internet traffic was actually being routed… They wouldn’t use the internet. I appreciate the sentiment but this one server is not an issue versus the 1,000,000’s of others you route through and don’t know it.
This is a non-issue.
I don’t think anyone is interest in the raccoons, cats, skunks or possums on my videos anyway.
People freak out over the weirdest things. Probably something left over from 10 year old code back when it did need to use a specific DNS server for something. Pretty much any time you see all 4 octets matching you know it is just an anycast DNS server and can verify it by confirming the port (and if you’re really paranoid, sniffing the payload).
I can only imagine if I had to track down every single unknown destination on my home network, much less a corporate one…
I mean sure, a rogue DNS server could be used for a “man in the middle” attack but the cams have several other layers of security that would prevent that from being of any use. Not like the cam is going to be tricked into filling out a page with its personal data…..
Hey, I’m the last one to trust IOT devices, they’re in a totally isolated network segment heavily firewalled from both the inside and outside. But I’m not going to sit there and analyze every IP they’re hitting. I’ve taken a peek a few times, heck some of the no-name hosting companies they communicate with in the US and Canada are more concerning than some random DNS server. That’s why I don’t have cams looking into private spaces. They also appear to communicate with some 3rd party that handles alexa/google/apple smart home integrations. No biggie.
“Traffic routing not affected by dns” [Mod Edit]?
With dns you can point client to anywhere you want? You simply change the response to a dns query. Second you product should have never hardcoded with any dns servers. It should honor what dhcp hands out. Next they should be viewable by the end user not hard coded in firmware.
you have failed at your job, social credit score will be docked in response.
MOD NOTE: Post edited to conform to the Community Guidelines.
Do some reading
You shouldn’t be throwing insults to others if you don’t understand what you’re talking about. A rogue DNS server directing you to a malicious IP only works if you then provide some sort of information to that server. Unless that person also has access to Wyze’s private keys for authentication (an authentication mechanism they’ve been strengthening even more recently) it does nothing. As I mentioned in a previous comment, it isn’t like some rogue server is going to socially engineer a wyze cam into providing personal information to it.
There are plenty of things (including Chrome and other browsers) that have hardcoded DNS in them which bypass your DHCP server’s assigned DNS. IOT devices particularly make use of this, including big names like Amazon, Google, Apple, etc. Often this is done to increase security, not decrease it. In this case that 114 server is probably just leftover code from many years ago. You shouldn’t be worried about stuff you CAN see like useless queries to an outdated server, its the stuff you can’t see that is more concerning.
wrong again that’s only valid if you are using secure dns or doh. Fix the issue with code and quit making excuses for the Chinese.
Wyze is Better at Excuses than Software & Firmware…
Yes, you are. DNSSEC and DOH have nothing to do with the negotiation between cam and server.
You do know that the wyze app itself reaches out to 114.114.114.114 also
Sounds good but not all applications use tls pinning.
Oh, please oh please tell me you are not relaying on ChatGPT…
I’ve stayed clear of this thread as it is way above my pay grade, but I would never in a million years quote ChatGPT as reliable source for anything.
Some posts were removed or edited that did not follow the Community Guidelines. Please flag posts that violate the guidelines so the moderators can respond appropriately.
Key points from the guidelines to keep in mind:
Important sections:
