Matt Brown Digs Deep Into an IP Camera's Firmware — and Finds a Hard-Coded Root Password - eviltoast
  • corroded@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    3 months ago

    I have always used Amcrest cameras; they’re not expensive, and they tend to work well. They do make requests back to amcrest.com, but I don’t know for sure if that’s anything nefarious or if it’s just part of their built-in “cloud” capability or perhaps they’re looking for firmware updates. They integrate nicely with BlueIris or Frigate. I use BlueIris in a VM with virtual network adapters to my home network and my “camera” VLAN. BlueIris is accessible through a reverse proxy, but the cameras themselves have no access to the outside world.

    If you’re able to find a camera that doesn’t try to “call home,” I’d be surprised. At the very least, most manufacturers build in some kind of cloud accessibility into the camera’s firmware. In their defense, I think that most consumers want this capability; it’s much easier just to use the manufacturer’s app than to set up a self-hosted DVR.

    So to answer your question, no, I don’t have a good suggestion, but I also don’t think that what you’re asking for really exists (as unfortunate as that is). You could always set up a small SBC (like a raspberry pi) with a USB camera, but at that point, it’d probably be more cost-effective to just buy off-the-shelf cameras and some VLAN-aware networking hardware.

    • qjkxbmwvz@startrek.website
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 months ago

      Thanks! That sounds like a good option. Mostly would want to avoid something that’s flooding the network with DNS requests — a few attempts at phoning home now and then are, like you say, probably inevitable.