How Did the FBI Get Nancy Guthrie's Nest Doorbell Footage?

This is a wild claim. I would think criminal charges for something like obstruction would be possible if Google intentionally hid this from investigators for up to a week. That could result in the difference between the victim being found alive or not.

I heard that Nancy Guthrie was not paying for the subscription that let her view her old video footage. So it's interesting that Google was still storing all that footage.

I don't have a Nest but I suspect it's even simpler than that. She didn't have a subscription but the devices still store video locally up to the capacity of onboard storage. These recent local clips used to all be locally accessible but to "increase subscription value", Google started making that locally stored data inaccessible without subscription.

However, the local storage is just a rolling buffer and the clips beyond the last 10 seconds are still there in local RAM and either not shown in the interface or deleted in the file system (but just by blanking the name in the directory, not a secure overwrite erase). Either the FBI forensic data recovery people or Google/Nest finally ran a sector-by-sector file recovery. I'm just surprised it took so long. I assume maybe because the local storage on those doorbells isn't a removable SD card so they had to gain access some other way.

Frankly, I'm surprised how many people buy devices which are cloud-only. At this point, I generally won't consider any IOT devices if the manufacturer even offers an optional cloud subscription (unless the firmware is open source). Too many companies have now locked down previously open devices to force cloud subscription (looking at you Chamberlain/LiftMaster assholes).

EDIT TO ADD: Saw this Verge article by someone who bothered to find out how current Nest doorbells work. It basically confirms what I thought with the nuance that some local files actually get uploaded to the cloud even without a subscription but aren't accessible until the user pays. https://www.theverge.com/tech/877235/nancy-guthrie-google-ne...

The article even says "[...] some Nest devices record event histories and store them on-device. The third-gen wired Nest Doorbell can save up to 10 seconds of clips, while the first and second-gen wired doorbells can save up to three hours of event history, all without a subscription.".

The problem is that your advice doesn't work for 99% of the customer base. Go the average person "if you absolutely need surveillance cameras for your safety, use generic IP cameras connected to your own NVR (network video recorder), possibly with Frigate for offline AI processing and notifications." and see what they say. It's important to remember if you are on this site you are an extreme minority and the average person isn't even aware enough to think about these things, let alone set up their own offline AI video processor.

I have that sort of arrangement. I've been wondering though. What's the proper data access protocol? Like I want it available, easily, if the police need it and I'm not there but at the same time, I don't want anyone to just screw around with it because I've got directions and password printed on paper somewhere.

We did have some repeated night time visitors (long story, but it was some mistaken identity that took a while to sleuth out) it wasn't difficult to export data for the police but it wasn't something I'd just ask my wife or kids to do either. Scan the footage, find the timestamps, export the data then upload the data somewhere where they can get at it. It wasn't hard but it was chores and it took time with high emotions.

First off, it's not inexpensive. It's not a giant investment either but my cameras cost in the same range as the Nest cameras do and then there is a relatively powerful mini pc, and an accelerator for AI detection and then drives to store the data, PoE switch, network segmentation... I'm rocking home assistant and frigate and 8 8k cameras. Then the much more subtle part is I have a pretty good idea when I'd like the police to have all the data and when I don't want that. That's not so easy if I was abducted. Perhaps an off the shelf complete solution is better and has that sort of law enforcement access situation sorted out. This is sort of the 0.000001% kind of thing though. Over the years, I've replaced drives a couple times too, it's becomes a living and breathing system that needs support and love.

>Their primary purpose is not to protect you but to spy on you for Google's benefit, much like the rest of their dis-services (email, cloud storage, mobile operating systems).

I know! i’d sure hate for Google and the police to be able to identify someone who has kidnapped and/or perhaps murdered me. I’ll be uninstalling all my cameras immediately. Whose with me? /s

(Notwithstanding: My cameras thermostats etc all go through a wrt3200 router logged into expressvpn on a dedicated ssid/vlan . Amazon and Google pissed me off purchasing Ring and Nest (respectively) so they can plug that into their advertising bullshit and that was my reaction to both of those companies… they get iot devices connecting from some vultr VPS or whatever, and the other way they get you is with all the crap and trackers in their smartphone apps — at least according to Exodus Project - so THATS on a burner android piped through the same SSID too.)

Granted some of that’s by necessity because half the apps for this kind of crap aren’t available in the Mexico iTunes Store but I’ll just shut up now.

> Their primary purpose is not to protect you but to spy on you

Here I was thinking the primary purpose was to see who's at the door and check if Doordash and packages have been delivered. We've also used them to "spy" on our cats to be sure they're using the litter box while on vacation, and even to "spy" on wildlife in our backyard.

Not everything needs to be a conspiracy. These devices are useful and practical and have value.

Also, lest it get lost in the chorus of voices telling us to throw these things out: the actual news here is that the device appears to have provided an actual evidentiary lead in the investigation of an actual (and horrifying) crime. That has value too, even if kidnappings are rare.

There was an article the other day called something like "How is Google helping the investigation?"

It said she didn't have a cloud subscription, but that there are data pipelines that make these sort of devices work. (Imagine there's a thumbnail of the video in the product somewhere, so there's a pipeline that takes a video stream and generates thumbnails.)

According to the article, it was a matter of having someone figure out which pipelines her videos might have touched, and then go looking to see if there were any ephemeral artifacts that hadn't been lost yet.

> Most of these cloud connected cameras always stream footage through their cloud service, regardless of whether you pay for a subscription. Because people don't know how to configure port forwarding, etc, in their firewall.

No consumer product should have users do port-forwarding or punch holes in the firewall. You don't want an IoT device on your network accepting packets from the internet.

The proper way to do this is with a cloud server arbitrating connections, which is what a lot of products do.

The reason most consumers want cloud storage isn't for ease of access, though. It's because they want the footage stored securely somewhere. If the thief can just pick up your camera and walk away with the evidence, it's not very useful to you.

Some (ironically the cheap Chinese ones) use UDP hole punching for a P2P connection. Assumedly because it saves server costs.

The surprise revelation is that the footage is still recoverable after 3 hours.

Because online journalism is journalism jr. and they can't be bothered to do basic research on their story.

> This reminds me of when people were surprised that Alexa devices listen all the time

Alexa devices are not recording audio and uploading it all to the cloud all the time.

Nest cameras are designed to upload recordings to the cloud, even without subscription. It's literally one of the selling points.

I suspect that it really might have been 'buried deep'. If you are capturing the data short term, to allow a small scroll back, then you wrote the data to some storage system. At three hours or whatever the short term storage limit is, you delete the file. Usually deleting a file leaves the data intact on the storage device. Only the file entry and a list of what low level storage blocks actually contained data. It could take awhile before the data is actually overwritten. Up until the point it is, you could scan the contents of unallocated blocks looking for the data. It could theoretically take awhile to find a customer id or something else that helps you identify the deleted data.

This is correct. It has to be buried below the frost line else we would have frozen footage.

They ultimately found it sandwiched between the videos of epstein uncut jail cell footage and Jan 6's lost video exhibits.

She apparently didn't have a subscription so it shouldn't have been uploading anywhere... however things get murky with notification settings.

>> no warrants needed as it's part of an ongoing case ...

Thats a rather chilling interpretation of the law. Every case is ongoing until trial.

I'm not familiar with Nest, if you don't have a subscription to store video, and someone rings your doorbell, and you take 5 seconds to bring it up in the app, can you scroll back and see those 5 seconds? Or is it literally a feed from the camera to the app over bluetooth? Probably not. The video stream probably gets sent to some backend system and, while she didn't pay for storage, it probably persists for a few hours to days in cache.

Not set to save recordings likely means "saved in a memory buffer and never given a file handle", that is how most consumer recording devices that offer limited playback work.

I recently had to attempt to piece together dash cam footage from my wife's car in the same way when she witnessed an accident but the file had been "aged out".