Anker admits that Eufy cameras were never encrypted

Anker has admitted that its line of Eufy security cameras was not fully end-to-end encrypted but has begun implementing changes to solve the issue.

In November, A security researcher discovered that Anker's Eufy security cameras sent user images and information to the cloud without the owners' consent — even if the user didn't pay for a cloud subscription.

As it turns out, not only did Eufy upload content to the cloud, its camera streams could be watched live using an app like VLC if you knew the URL to the videos.

And, instead of patching the issue, the company merely warned users that their content was uploaded to the cloud under specific circumstances.

In a series of emails to The Verge, Anker admitted that Eufy security cameras are not natively end-to-end encrypted. In addition, the cameras also produced unencrypted video streams for Eufy's web portal, which can be accessed using media players.

However, the company has gone on to say that it has begun implementing fixes to solve these issues. It plans to update Eufy cameras to use WebRTC, which is encrypted by default.

Anker has also apologized for its lack of communication and agreed to bring in outside security companies to audit its practices.

Eufy has had prior security issues, too. In May of 2021, Eufy owners discovered cameras owned by other users were viewable in the app instead of what they were expecting to see from their own cameras, and settings could be changed by those granted bogus access.

9 Comments

bonobob 13 Years · 395 comments

About 1 year ago

This sort of egregious behavior is why I will no longer be buying Anker products.

22july2013 11 Years · 3736 comments

bonobob said:

This sort of egregious behavior is why I will no longer be buying Anker products.

I'm also scared of Google and Microsoft these days. It goes without saying that I'm petrified of Meta/FaceBook and Amazon. I do have "mild concerns" with Apple too, but fairly light ones for now.

I won't buy a "Smart TV" from many manufacturer. Since almost all TVs these days are smart, I'll probably never buy another TV.

adyb 13 Years · 205 comments

22july2013 said:

I won't buy a "Smart TV" from many manufacturer. Since almost all TVs these days are smart, I'll probably never buy another TV.

My solution is not to connect my Smart TV to my home wifi and use my AppleTV to provide my 'smart' services instead.

healthy_scratch 5 Years · 8 comments

adyb said:

22july2013 said:

I won't buy a "Smart TV" from many manufacturer. Since almost all TVs these days are smart, I'll probably never buy another TV.

My solution is not to connect my Smart TV to my home wifi and use my AppleTV to provide my 'smart' services instead.

This is the way

mknelson 9 Years · 1148 comments

adyb said:

22july2013 said:

I won't buy a "Smart TV" from many manufacturer. Since almost all TVs these days are smart, I'll probably never buy another TV.

My solution is not to connect my Smart TV to my home wifi and use my AppleTV to provide my 'smart' services instead.

You don't necessarily need to go that far. Depending on the brand you can often disable most of the trackable smart services.

Then you can still update the firmware, and use Homekit to control it (if it has that support). I use my AppleTV for all the Smart functions otherwise.