Writing in the context of home security cameras from Anker’s Eufy brand, Sean Hollister of The Verge notes:
Eufy’s commitment to privacy is remarkable: it promises your data will be stored locally, that it “never leaves the safety of your home,” that its footage only gets transmitted with “end-to-end” military-grade encryption, and that it will only send that footage “straight to your phone.”
So you can imagine our surprise to learn you can stream video from a Eufy camera, from the other side of the country, with no encryption at all.
Anker’s denial that its security cameras make their footage available via the Internet in unencrypted form is just the start of this twisted tale of security ineptitude. In “Wyze Labs Discontinues First-Generation Security Camera” (1 February 2022), Josh Centers briefly recommended the Eufy Security Solo camera because it’s HomeKit-compatible—we can hope that HomeKit prevents such unauthorized access. I’d be hesitant to use any Eufy device that records personal information until Anker fixes the problems and independent security researchers confirm that data isn’t being exposed.