I was literally about to say.. sometimes the dumb ones are actually worse as many of them are transmitting the sound and video over the air with no encryption either :)
I imagine probably 99% of them are but I don't have any research to actually back that up.
Many use the DECT Standard that was developed for mobile handsets. It’s not high security, but it’s also not plain text.
They’re also not networked, so an adversary would have to get into range, making a potential attack much more complicated. It certainly won’t defend you from a targeted attack, but it will keep $random_person_on_the_internet reliably away and I don’t have to rely on $companies server/network security.
This is why I went with an IoT network in my house, that doesn't have access to the outside world (ingress or egress) except through a carefully controlled firewall.
And as of right now, the only 2 things that go through that firewall are the nest thermostat (yeah, it's pretty and hasn't given me any trouble, so i'm happy with the tradeoff here), and the google homes (again, another tradeoff myself and my family are comfortable making).
Everything else is on that network without access to the "internet" directly, with WPA2 encryption for protection against local eavesdropping, and pushed through an open-source home-automation controller called "Home Assistant" running on an intel NUC served up over HTTPS to our devices.
I don't have any baby monitors yet (no babies!) but we do have cameras and with this system they work great and I sleep pretty well at night knowing it's all secure enough that i'm happy buying cheap devices knowing the security is garbage.
> I was literally about to say.. sometimes the dumb ones are actually worse as many of them are transmitting the sound and video over the air with no encryption either
Many of the smart ones both broadcast like the dumb ones and, separately, send a signal on wifi to a central server for online viewing, so they fully incorporate the problems of the dumb ones.
I didn't document it, but the baby monitor we used just transmitted raw FM audio at ~900Mhz. You could listen to it with SDR# no problem. It wasn't one of those fancy video kinds though, just an old fashioned audio only monitor.
lathiat|8 years ago
I imagine probably 99% of them are but I don't have any research to actually back that up.
Xylakant|8 years ago
They’re also not networked, so an adversary would have to get into range, making a potential attack much more complicated. It certainly won’t defend you from a targeted attack, but it will keep $random_person_on_the_internet reliably away and I don’t have to rely on $companies server/network security.
Klathmon|8 years ago
And as of right now, the only 2 things that go through that firewall are the nest thermostat (yeah, it's pretty and hasn't given me any trouble, so i'm happy with the tradeoff here), and the google homes (again, another tradeoff myself and my family are comfortable making).
Everything else is on that network without access to the "internet" directly, with WPA2 encryption for protection against local eavesdropping, and pushed through an open-source home-automation controller called "Home Assistant" running on an intel NUC served up over HTTPS to our devices.
I don't have any baby monitors yet (no babies!) but we do have cameras and with this system they work great and I sleep pretty well at night knowing it's all secure enough that i'm happy buying cheap devices knowing the security is garbage.
dragonwriter|8 years ago
Many of the smart ones both broadcast like the dumb ones and, separately, send a signal on wifi to a central server for online viewing, so they fully incorporate the problems of the dumb ones.
unknown|8 years ago
[deleted]
jandrese|8 years ago
https://www.amazon.com/Sony-BabyCall-Receivers-Discontinued-...
taneq|8 years ago