Users only get three hours of free Nest video storage, but Google can retrieve videos much later.
See full article...
See full article...
Google recovers “deleted” Nest video in high-profile abduction case
- Thread starter JournalBot
- Start date
If anyone is concerned about keeping their doorbell camera footage after their house burns down simply set up off site backup. That doesn't really have anything to do with my comment though, which was about preferring wired cameras over wifi. Neither have anything to do with uploading to a cloud server somewhere.
As for your other comment?
a) that is the definition of physical access lol
b) you cannot get to the rest of my network that way
I'm not really worried about someone walking up to my front door, breaking off my doorbell, and plugging a laptop into the ethernet though.
Upvote
24
(24
/
0)
If you want to go the ultra-cheap route, you can even just use ffmpeg to read rtsp streams and write the video files to disk. I do this for internal wifi cameras that I set up whenever we're gone for a long time. I even use the privacy-nightmarish Eufy cameras but completely block their internet access; all they can do is talk to the linux box that reads their rtsp streams. Not for the totally non-technical types, but anyone on here can do it if you just want something simple.
ExecStart=ffmpeg -hide_banner -y -loglevel error -rtsp_transport tcp -stimeout 15000000 -use_wallclock_as_timestamps 1 -i $URL -vcodec copy -acodec copy -f segment -reset_timestamps 1 -segment_time 3600 -segment_format mkv -segment_atclocktime 1 -strftime 1 /mnt/LCARSStorage01/nvr/%i/%%Y-%%m-%%dT%%H%%M-%i.mkv^ that just writes to a new video file ever hour.
I have nice Unifi cameras for exterior, which run all of the time, but it seemed pointless to get good interior ones, since even if they're local only and trusted, I still don't want cameras inside my house when I'm there.
Upvote
4
(4
/
0)
Upvote
7
(7
/
0)
Have you found a non-wired Unifi doorbell solution? I've looked (though not in the last few months) and only found PoE ones.
My house used to have doorbell wiring, but it disappeared in one of the remodels that previous owners did over the last 50 years. Getting a cable to the front door would be a huge effort with lots of drywall patching, because there's no crawlspace anywhere and no attic over the front entryway.
Edit: Building a solar / battery-powered PoE injector would probably be fun and not too difficult. But it's beyond my capacity at the moment due to my depression. Hopefully the ketamine treatment I just started will help. (If not, at least it's a pleasant experience. Amazingly so.)
Upvote
8
(9
/
-1)
I use Amcrest AL-P402W wifi cameras. They have SD card support. There is a cloud service but it is optional and I don't use it. I can store around 2 weeks of HD video on a single SD card. Multiple camera support through their Amcrest link app that is rock solid.
Upvote
3
(3
/
0)
Taking victim blaming to a new level here, aren’t you?
Maybe Google could have just given their feed stock a little more corn, as it were. They don’t seem to be hurting for cash to spend on disks.
Upvote
5
(9
/
-4)
The G4 has a WiFi option, but it's out of stock at the moment:
https://store.ui.com/us/en/category...4-doorbell-pro?variant=uvc-g4-doorbell-pro-us
Upvote
7
(7
/
0)
Running ethernet cabling is really easy, just make sure you get plenum rated cable if it will go in the wall and watch a couple tutorials on how to terminate the ends into an RJ45 connector. Running things into the attic, basement, or crawl space will be the easiest way to move laterally from room to room. In many houses you can access the eaves through the attic, so you can run the cable out there and connect your camera that way. For a doorbell, follow the existing wire if you can (or use it to pull your Cat6 cable if you don't need it and it isn't secured inside the wall which they often aren't); the only electric risk there is at the transformer, but you can disconnect the doorbell wire (if you are uncomfortable doing it live, you can always flip the breaker off that it is connected to first). PoE is the way to go since you don't need to run power then and a PoE injector is fairly inexpensive if you don't have a switch that provides power.
That said, there are solar powered wireless options, though I am not very familiar with them since I just hardwired cameras around the house over the course of a day or so.
Upvote
9
(9
/
0)
That's not really the takeaway here, and the article even tried to preempt comments like this.
"The cloud" doesn't work anything like what the layperson thinks, if they think about it at all. It's not like you handed a physical video tape to someone for safe keeping for X days and after that expires, they shred it. There are countless copies as that data is passed around "the cloud" where redundant copies are stored (you'd be pissed if a single HDD failure on Google's end took out your irreplaceable vacation videos) with who knows how many layers in between possibly caching it. When it's "deleted", they don't go around actively purging your video. Back to the video tape analogy, people rarely blanked out a VHA tape before recording over it (you can, but stick with me). You deemed a tape reusable and the next time you wanted to tape something, you taped over it. Filesystems work essentially the same way. When you delete a file, the blocks storing it are marked available to reuse. You don't go zero those blocks, you just write over them at some point in the future. With enough effort, you can go back and recover that data until it is overwritten.
But even before getting that far, they could simply be waiting to batch remove files on a longer time scale than they'll offer to provide "free" storage for you. If you could retroactively get that storage, people would only pay for the service when they needed to recover a video, then cancel. Storage isn't free.
Across a hugely distributed system with tons of redundancy, it's not surprising that data "deleted" a few days ago can be recovered if you're motivated enough. There's nothing nefarious there. The real takeaway here is that if you're high enough profile, Google (or someone bored at Google) will go through the effort to find that data.
Upvote
51
(51
/
0)
This is why I hid mine inside of an old console stereo-style cabinet.
Removed the old vacuum-tube powered innards and installed rack rails. The lid that once covered an old turntable is passive heat relief, but the UDM temps haven’t changed from keeping it in a standalone rack.
Looks like furniture from across the room because it is. Can’t even peep the LEDs.
Upvote
10
(10
/
0)
If your exterior network drops give you access to anything other than cameras, you've seriously fucked up the most basic of security practices.
Upvote
17
(17
/
0)
I know a lot of engineers at Google, and this 100% tracks with my perspective as well. The company is really far, far less nefarious than a lot of people generally think. Sure, they show ads based on data and have deeply enshittified search, but it's not some giant data-sucking conspiracy, either.
Upvote
26
(29
/
-3)
Software? https://frigate.video/
Cameras? Anything that's ONVIF and never fucking touches the internet really. Doesn't matter if you trust them or not if they can't reach or be reached from the internet.
NVR hardware? For just recording, any PC from the last decade will be fine. If you want to do simple object classification, you can just use a Coral but more advanced models are moving to GPUs.
Upvote
5
(5
/
0)
If you have the capability to get from my doorbell ethernet, through my UniFi NVR, and into the rest of my network then you are some kind of state level actor that would simply break into my house and take whatever you want or kidnap me instead of bothering lol.
Upvote
24
(24
/
0)
Besides, what would they be doing? If they wanted all my data, it'd be faster to just bust a window, rip my server out of the rack, and hightail it out of there before the cops show up. Well, as long as they brought a friend. A single person isn't running with my server on hand. Do they just want to see what the cameras see? Ok, well, if they manage to break into the cameras (granted, I don't trust that they're all that secure, that's why they're segregated in the first place), then cool, they can see around the outside of my house....just like they could if they picked their head up from their laptop?
Whatever it is, they won't have a lot of time because I'm going to get a notification as soon as they step on my property and I'll be more than a little suspicious when one of the clips shows them pulling the doorbell off the wall. Then they're going to spend a long time trying to break out of that VLAN, exploit some vulnerability on my server, and start dumping data. All while my dogs are on the other side of that door raising all hell trying to get at them. And I'm home 99% of the time, so they're about to have two dogs and a guy with a rifle facing off with him while he has his dick in his hand. I don't think he wins that one.
Upvote
10
(11
/
-1)
I always get a chuckle when I see people claiming Google sells your data.
Google sells access to eyeballs. The last thing they want to do is give up the data that lets them choose the right eyeballs to deliver your ads to. They take your data, device which buckets you fall into (outdoorsy single guy with a dog, first time new mother, grandparent with a dozen grandchildren under the age of 12) and they go to people who want to buy ads and sell them on the idea that going with them means their ad will be delivered to the largest number of relevant potential buyers. You can't even ask to target a group that would be so small that you'd likely target just a handful of specific people, let alone get Google to hand over any of that precious data.
Like you said, is that better than just selling the data? Eh. I'd say it's not as bad as selling the data. I still opt out of personalized ads.
Upvote
24
(24
/
0)
This is annoying to me in that actual data deletion is rare and technically complicated. Usually wherever the data is becomes marked as free space. It's more energy/time intensive to actually overwrite data. Hell, even a cold boot attack can expose what "was" written in ram. Not to mention that Google has backup datacenters with what I can only guess is a "complicated" backup strategy.
I'm not even a little surprised that they can get to that data with time, resources and access.
I'm not even a little surprised that they can get to that data with time, resources and access.
Upvote
11
(11
/
0)
You are of course, right.
Obviously, what bothers most people is the fact that their behaviors are being recorded. not recorded in the sense of being followed around with a video camera, but simply that everything everyone does online now is correlated with some social graph or other way of Connecting advertiser dollars with potential customers.
I don’t resent Google for storing data that I choose to store with them. I do resent that companies are not forthright about how and what they do with the data they collect.
Upvote
4
(4
/
0)
Same here. I opt out of personalized ads, and I use an ad blocker whenever possible. I even used one when I was an Adwords engineer, though I told it not to block the text ads in the search results. Those weren't as frequent or obtrusive a decade ago, plus I needed to be able to see them to do my job.
I also had to check out some pretty sketchy sites occasionally as part of my job, back when Google allowed more porn ads. It was more amusing than traumatic, fortunately.
Upvote
6
(6
/
0)
Plenum is overkill for running inside the walls. You only need it if you're pulling the cable through air ducts. Plenum is non-toxic when burned, standard ethernet casing is toxic when burned. In the event of a fire, you don't want your air ducts to spew toxic smoke.
I just buy 100' / 30m Cat6a cables, cut the heads off, then wire it to a Cat6 jack. Every jack I've bought comes with the wire connection guide printed on the jack. Then connect a patch cable from the jack to the device. You can leave the jack hanging, or slap a faceplate with snap in holes on the wall. Ethernet is low power electrical, so you don't need a junction box or anything behind the faceplate. I just screw mine directly to the drywall. When I pull the cable, I also pull a string with it. Next time I need to pull a cable through the wall, I have a string ready to go. Attach new cable AND a replacement string, and pull out the old string.
PoE switches are more expensive, but easier than pulling electrical cable too.
Links to examples:
Jack: https://www.amazon.com/Cable-Matter...e/dp/B06Y8T7NSH/ref=sr_1_1?crid=16HSGS0QEPOUS
Faceplate: https://www.amazon.com/Cable-Matter...ne/dp/B074HHDJWT/ref=sr_1_1?crid=SWIEQRSTTRN0
The pictures of the Jack have the color coding visible. They show using a punch down tool, but you don't need one. Get a flush cutting tool, and snip the wires flush with the edge of the jack.
Tool: https://www.amazon.com/dp/B000GTMZHG?ref=nb_sb_ss_w_as-reorder_k0_1_8
Last edited:
Upvote
8
(8
/
0)
At work, we keep even the most temporary files for 7 days. That way if something goes wrong, I have a few days to figure out what and reprocess everything. Add a few more days in case something happens over a holiday, and nobody notices until we're back at work.
Upvote
6
(6
/
0)
I agree that (specific technical details aside) the circumstances in this case support that Google isn't just saving everything for nefarious purposes, and had to actively work out a way to retrieve "deleted" data that was only deleted in the standard, fast-but-non-destructive, "mark this as deleted" sense.
That being said, they did work out a method to retrieve it to assist in this case. It raises the question: how often have they done something similar with less publicity to assist LEOs or other government agents in gathering "deleted" evidence? Obviously not often enough to have a standard, speedy process, but... never? I'd be surprised if the answer was "never".
Upvote
5
(5
/
0)
Duh?
But also... did Google ever even claim to delete old doorbell data?
I'm looking at the web page for the Nest doorbell subscriptions and all it says is that if you pay money, you'll have access to X days of "event-based video history."
There's literally nothing on the page that even suggests that any data might ever be deleted.
Upvote
2
(2
/
0)
Sigh. What likely really happened: Google is likely using some sort of a "garbage collection" algorithm for video records. When a video is "deleted" from the account, only a pointer to the video record is immediately deleted.
Then some background process sweeps the blob storage and deletes records that are not referenced. This typically takes some time, and in this case employees likely were able to get in and manually retrieve the stored video.
And yes, GDPR actually is fine with that. It's OK for the deletion requests to take reasonable time to be processed.
Then some background process sweeps the blob storage and deletes records that are not referenced. This typically takes some time, and in this case employees likely were able to get in and manually retrieve the stored video.
And yes, GDPR actually is fine with that. It's OK for the deletion requests to take reasonable time to be processed.
Upvote
16
(16
/
0)
To be honest I don't know, we ripped ours out. I think no though.
Upvote
0
(0
/
0)
If there even is a deletion request.
Did Google ever even claim to be deleting old videos?
It seems like the assumption here is that if the user can only see the most recent N days worth of videos, then anything older must be getting deleted. But that's a pretty stupid assumption.
Upvote
1
(2
/
-1)
It’s possible to conclude the exact opposite from this story. Why does anyone have security cameras? So that the video can be used later. If you are using a cloud service, you should be paying to have the video stored for some amount of time.
I have ring cameras, outside only, and I pay so that they are stored in the cloud for 30 days. If criminals get recorded, the videos will be accessible.
I mean, it’s outside. I have no idea if my neighbors across the street have a security camera recording my front yard all the time. I really don’t expect privacy in my front yard. I don’t care if the cloud storage provider truly deletes it after the designated time.
Upvote
-1
(3
/
-4)
Years ago I had Arlo cameras with free 7-day cloud storage. At some point I upgraded to a paid plan, and immediately 30 days of past recordings appeared. They'd been storing 30+ days of videos the whole time, not just the 7 days specified for the free account.
Didn't have a particular issue with it but it was a reminder of the illusory nature of control over your data in cloud services. The privacy policy at the time (which is a third the length of the current one, and covered all of Netgear's products) simply said "we store the videos that you take with your systems for various time periods depending up the subscription plan that you have". Not sure what the current practice is, but I'm not a fan of cloud-dependent cameras in general except where there's no other practical option.
Didn't have a particular issue with it but it was a reminder of the illusory nature of control over your data in cloud services. The privacy policy at the time (which is a third the length of the current one, and covered all of Netgear's products) simply said "we store the videos that you take with your systems for various time periods depending up the subscription plan that you have". Not sure what the current practice is, but I'm not a fan of cloud-dependent cameras in general except where there's no other practical option.
Upvote
4
(4
/
0)
I mostly have security cameras so I can see when someone comes up to the door without having to interrupt my work if it's not important, or to check on the dogs if they're playing outside without me having to get up from whatever I'm doing.
I don't need Bezos to have an exact record of my coming and going, who visited my house and when, or how many times my dog takes a shit. It's my data and he can fuck right off.
Upvote
3
(3
/
0)
Or pulled from tape. Google absolutely murders tape drives because of the volume they store.
Upvote
1
(1
/
0)
Kansas! Actually that’s very unlikely but it’s the only other data store I could remember off the top of my head you didn’t mention.
I’m thinking tape as a last resort to be honest. I don’t think it was long enough for that but they might have been lucky.
Upvote
0
(0
/
0)
I really doubt Nest cam videos ever make it to tape. They don't keep them around that long and what they do store is expected to be more or less immediately available if it gets called up.
Upvote
4
(4
/
0)
Of course they can make it to tape. The whole idea is recovery if something catastrophic takes place after all. It's been used to rebuild a lot of GMail at one point (it's in the public SRE handbook, so it can be talked about)
Upvote
2
(2
/
0)
It can be spectacular when the garbage collector starts quietly failing too in a subtle way... the disk usage starts creeping up and suddenly "oh shit, we need to clean up petabytes of data..."
Upvote
1
(1
/
0)
I scrapped my Ring, sold my chimes to buy a Reolink for a fraction of a Ring. No monthly charges, no data stealing and backed up to my NAS (ftp, so you can send it anywhere really)
Upvote
0
(0
/
0)
Even if your live data has redundancy you still need point in time backups to deal with the equivalent of an accidental rm -rf. You could keep different retention period data in separate pools with different snapshot policies based on the customers subscription tier. However it’s probably easier to just keep the backend storage the same at that layer even if the primary copy ages out more quickly.
Upvote
0
(0
/
0)
More and more the urge to disconnect grows, but the will power is lacking. Tech says one thing, but something else is entirely the case. I myself use the blink system, owned by amazon, its not any better. Maybe someday...
Upvote
0
(0
/
0)
Upvote
0
(0
/
0)