> The average consumer doesn't have a remote server or the knowledge to set one up.
Which is fine to say, but doesn't really address the main issue of the IoT Cameras and honestly comes off as exploitative as an excuse. Just because something provides a convenient service does not mean it should get a free pass on basic and reasonable security precautions, nor should it be able to exfiltrate data, much less in a lazy way.
To be 100% clear, I'm not meaning to put words in the parent's mouth; I understand that the statement is just a factual statement that most people don't know how to set up a remote server. However, small SOC boards have never been cheaper and continue to grow cheaper; a "remote server" to feed data to can be bundled easily at extremely low cost to the manufacturer, let the user provide their own storage, and then work on making the discovery experience elegant. (Plug in the cameras and the SOC box close to one another. Plug the SOC Box into a monitor/TV. Follow the on-screen prompts to discover the local WiFi and Cameras and connect all of them)
Apple has found ways to make their wireless vision almost complete; setting up remote printers, connecting via Airdrop, etc, is all fairly close to elegant with some minor bumps. Xiaomi's line of hardware ties in neatly to Mi-Life fairly well also and discovery is easy (though the actual connectivity is in dire need of work). The idea that consumers need to let their data be exfiltrated due to lack of knowledge is silly; there are numerous examples on how to do it right, and the tech has never been more ready.
We generated many candidates beginning with facebook, so I don't recall when that one was found--it just happened to be the one that looked the best. There's a number of backup memorable domains that we kept the keypairs for just in case facebookcorewwwi gets compromised somehow.
I don't remember how long we ran it for, but IIRC we had enough candidates to stop after a week or two. I'm guessing something like 100-200M cpu hours?
Which is fine to say, but doesn't really address the main issue of the IoT Cameras and honestly comes off as exploitative as an excuse. Just because something provides a convenient service does not mean it should get a free pass on basic and reasonable security precautions, nor should it be able to exfiltrate data, much less in a lazy way.
To be 100% clear, I'm not meaning to put words in the parent's mouth; I understand that the statement is just a factual statement that most people don't know how to set up a remote server. However, small SOC boards have never been cheaper and continue to grow cheaper; a "remote server" to feed data to can be bundled easily at extremely low cost to the manufacturer, let the user provide their own storage, and then work on making the discovery experience elegant. (Plug in the cameras and the SOC box close to one another. Plug the SOC Box into a monitor/TV. Follow the on-screen prompts to discover the local WiFi and Cameras and connect all of them)
Apple has found ways to make their wireless vision almost complete; setting up remote printers, connecting via Airdrop, etc, is all fairly close to elegant with some minor bumps. Xiaomi's line of hardware ties in neatly to Mi-Life fairly well also and discovery is easy (though the actual connectivity is in dire need of work). The idea that consumers need to let their data be exfiltrated due to lack of knowledge is silly; there are numerous examples on how to do it right, and the tech has never been more ready.