Hundreds of documents obtained by 404 Media show how Fusus, a system for linking a town’s security cameras into one central hub and adding AI to them, has spread across the country.
The quote from EFF really highlights concerns about such a system.
I’d love to see the data gathering and protection policies in place for all the footage aggregated. Are the cameras constantly being recorded? Where is the footage stored? Who has access? How is the data (camera locations, footage, authorized users, access logs, etc) protected? How long is it saved? What happens to the data when the contract ends and isn’t renewed? What happens to all the monitoring software installed on a camera “grid” once the contract ends? Is it uninstalled automatically or just shut off and left there?
It’s troubling enough that towns as small as 25k people are blowing such a large chunk of money on hypothetical situations, but there’s zero mention or transparency into the security aspect of this entire enterprise. So many of these IoT outfits ignore data security, because they feel it’s somebody else’s problem. It’s the main reason why you don’t want household IoT devices on the same network as your trusted devices.
Yeah, in a perfect world this would be the case. But people want convenience (like a camera in their fridge to see if they need milk or not), consequences be damned. I still have yet to see a proper use case for ~90% of IoT shit out there. Besides harvesting data and / or leaving gaping security gaps, of course.
The quote from EFF really highlights concerns about such a system.
I’d love to see the data gathering and protection policies in place for all the footage aggregated. Are the cameras constantly being recorded? Where is the footage stored? Who has access? How is the data (camera locations, footage, authorized users, access logs, etc) protected? How long is it saved? What happens to the data when the contract ends and isn’t renewed? What happens to all the monitoring software installed on a camera “grid” once the contract ends? Is it uninstalled automatically or just shut off and left there?
It’s troubling enough that towns as small as 25k people are blowing such a large chunk of money on hypothetical situations, but there’s zero mention or transparency into the security aspect of this entire enterprise. So many of these IoT outfits ignore data security, because they feel it’s somebody else’s problem. It’s the main reason why you don’t want household IoT devices on the same network as your trusted devices.
Yeah, in a perfect world this would be the case. But people want convenience (like a camera in their fridge to see if they need milk or not), consequences be damned. I still have yet to see a proper use case for ~90% of IoT shit out there. Besides harvesting data and / or leaving gaping security gaps, of course.
Just use open source ones…
Well, they’re fine if they’re on a network with no access to anything, including the Internet.