I love all the apologists in this thread that try to justify Wyze screwed up completely untrustworthy protocols they use for these cameras. Wyze lists the ports that are required for the cameras to operate at https://support.wyze.com/hc/en-us/articles/360031479511-What-ports-are-necessary-for-Wyze-Cams-to-operate#:~:text=Here%20is%20a%20list%20of%20the%20necessary%20ports%3A,TCP%3A%2080%20Local%20timelapse%20download%20Timelapse%20TCP%3A%20123. I have a connection going to naturecuredhule.com on port 8000. 8000 isn’t on the list of ports that Wyze lists in their document. I’ve also seen it connect to that site using port 10001, which the document states is used for P2P streaming. It says in the document that it’s used for “Local live streaming over WiFi”.
whois says that that host is registered in Iceland, but, I also did a search on Google and it appears that there is a business under that name in India.
root@wireless:~# whois naturecuredhule.com
Domain Name: NATURECUREDHULE.COM
Registry Domain ID: 2923549457_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com
Updated Date: 2024-11-09T11:23:45Z
Creation Date: 2024-10-08T10:41:15Z
Registry Expiry Date: 2025-10-08T10:41:15Z
Registrar: NameCheap, Inc.
Registrar IANA ID: 1068
Registrar Abuse Contact Email: abuse@namecheap.com
Registrar Abuse Contact Phone: +1.6613102107
Domain Status: clientTransferProhibited EPP Status Codes | What Do They Mean, and Why Should I Know? - ICANN
Name Server: NS07.DOMAINCONTROL.COM
Name Server: NS08.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: Submitting a Complaint to ICANN Contractual Compliance - ICANN
Last update of whois database: 2024-11-10T16:06:20Z <<<
For more information on Whois status codes, please visit https://icann.org/epp
NOTICE: The expiration date displayed in this record is the date the
registrar’s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant’s agreement with the sponsoring
registrar. Users may consult the sponsoring registrar’s Whois database to
view the registrar’s reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services’ (“VeriSign”) Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain name: naturecuredhule.com
Registry Domain ID: 2923549457_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namecheap.com
Registrar URL: http://www.namecheap.com
Updated Date: 0001-01-01T00:00:00.00Z
Creation Date: 2024-10-08T10:41:15.00Z
Registrar Registration Expiration Date: 2025-10-08T10:41:15.00Z
Registrar: NAMECHEAP INC
Registrar IANA ID: 1068
Registrar Abuse Contact Email: abuse@namecheap.com
Registrar Abuse Contact Phone: +1.9854014545
Reseller: NAMECHEAP INC
Domain Status: clientTransferProhibited EPP Status Codes | What Do They Mean, and Why Should I Know? - ICANN
Domain Status: addPeriod EPP Status Codes | What Do They Mean, and Why Should I Know? - ICANN
Registry Registrant ID:
Registrant Name: Redacted for Privacy
Registrant Organization: Privacy service provided by Withheld for Privacy ehf
Registrant Street: Kalkofnsvegur 2
Registrant City: Reykjavik
Registrant State/Province: Capital Region
Registrant Postal Code: 101
Registrant Country: IS
Registrant Phone: +354.4212434
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: 48680f54142e476bbff54e9919e51447.protect@withheldforprivacy.com
Registry Admin ID:
Admin Name: Redacted for Privacy
Admin Organization: Privacy service provided by Withheld for Privacy ehf
Admin Street: Kalkofnsvegur 2
Admin City: Reykjavik
Admin State/Province: Capital Region
Admin Postal Code: 101
Admin Country: IS
Admin Phone: +354.4212434
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: 48680f54142e476bbff54e9919e51447.protect@withheldforprivacy.com
Registry Tech ID:
Tech Name: Redacted for Privacy
Tech Organization: Privacy service provided by Withheld for Privacy ehf
Tech Street: Kalkofnsvegur 2
Tech City: Reykjavik
Tech State/Province: Capital Region
Tech Postal Code: 101
Tech Country: IS
Tech Phone: +354.4212434
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: 48680f54142e476bbff54e9919e51447.protect@withheldforprivacy.com
Name Server: ns07.domaincontrol.com
Name Server: ns08.domaincontrol.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
Last update of WHOIS database: 2024-11-09T18:42:45.51Z <<<
For more information on Whois status codes, please visit https://icann.org/epp
Someone explain to me why my camera would need to be connecting to a host in India, and on a port that the documentation says is for local streaming.
Here is another address that is being connected to on port 443. ip186.ip-192-99-36.net which appears to be in Canada.
This whole thing is designed in a really screwed up fashion. The only thing the cloud should be needed for is uploading clips and retrieving clips. Any sane system wouldn’t be doing things in such a screwed up manner.
This is just the way corporations operate these days though. They don’t value anyone’s privacy or care about security.
If what is supposed to be happening is load balancing, servers on the other side of the world shouldn’t be being connected to. Wyze’s document on the required ports isn’t even accurate. I’ve seen random other ports used in the past as well.
There are a lot of connections to amazonaws.com on port 8883 which isn’t documented.