During the summer our home was broken into and things were stolen. Cash and nice but broken laptop, they left the working ones.
Looking for video monitoring with motion detection to trigger video and timed image capture.
The solution must include audio and video and have a live uplink to a private site/servers.
Secure real time up link to private servers is required, I don’t want to pictures of my family walking to and from the shower all over the web, if we forget to turn it off.
Ideally the solution should be able to show/detect differences in the timed images captured. And the timed imaged capture rate should be programmable.
I used digital ocean VM (referral link) its just a FTP server. The server was already paid for by other projects.
The “motion” application that I used is about 2 years old. I am sure there are other applications out there that might have more features.
It is simplest to encrypt the images stored on cloud.
I guess there are 2 ways of doing that.
Encrypt the images/video locally before upload.
Encrypt the images/video via a cloud server before storing the image on
cloud storage.
Find a cloud service that does that one of the above.
I want the key walk to through a key space, so losing a key does not mean
opening all the images, with a local key space walker “app”.
I guess to start right now,
I would be happy with encrypting the images/video locally before upload and
changing the encryption key manually every week/month or so. Can automate
changing the encryption key and building an app to to it later.
That sucks that your home was broken into… sorry to hear that.
What does this mean?
Also, do you need to keep more than a month’s worth of images? If it’s just for surveillance, I would expect not. Also, there isn’t much reason to change your encryption keys that often unless you think someone might have obtained them somehow.
The short term idea is to keep about a month of images, unless there is an event such as a break in requiring images to be stored longer. If the images don’t need to be retained, they can be deleted and their keys forgotten
The longer term idea is to hand over the key(s) to the court/investigator for a time frame of images without opening up all of the images to public view. Since only want to hand over time a 3 hr window of time, this requires a high granularity of keys. The seed key and the key generation algorithm producing the large number of required keys would NOT be handed over. Only the reproducible keys associated with the time window.
The longer term goal is turning this into a private security product.
Ah I see why you’d want that now. The short-term solution is to manually move images that need to be archived or sent to an investigator, to a different location where they can see them. If it’s implemented as a web service, you can have whatever login credential system you’d like and the web service can manage encryption/decryption, or access to the encrypted files. You need both the files and the encryption keys for either to be of any use. Client-side encryption makes it more challenging to implement all the features you’re listing, but it’s all doable if that’s what you think is important.
That sounds somewhat like forward secrecy. It’s part of all current
encryption standard (anything that has DHE in them, see Grafana for some
examples). In principle the implementation is meant to be
non-deterministic, but I’d be surprised if there wasn’t a scheme where you
could specify a secret seed for the key generating procedure.
I feel obliged to also point out a product like Dropcam or Nestcam which does this. You would have to pay them per year for storage, however you would have to pay for offsite storage with a DIY solution anyways. I realize that using a new off-the-shelf product might not be exactly in the spirit of VHS, but it might be nice to have something that doesn’t require a lot of thought or maintanence.
To put this back into the realm of hacking, there was a pretty interesting presentation at Defcon this year about hacking these devices.
Ah sensibility added to this conversation. I tend to always look for the home brew solution and forget that there are cheaper better commercial solutions too. Drop cam is a wonderful product, My sister uses it as a baby monitor and it works great!
Dropcam is really cool, I’d definitely get one if not for the inability to
save to local storage. I have a Synology NAS, which comes with an app for
storing video from home monitors (and other apps to hook it to cloud
storage if you want that too), but you cannot save dropcam video locally.
Another issue it has is that video is recorded constantly, rather than when
motion activated, so there’s a constant dent on your bandwidth (although it
seems to compress well).