Screw-up: Vivint Cloud Video

Author: John Honovich, Published on Feb 11, 2013

Who can see your cloud stored video? For at least one Vivint customer, the answer is complete strangers. An ongoing concerns of cloud-based surveillance is privacy and security protections in place to prevent unauthorized viewing. In this note, we take a look at one example where 'remote video' went wrong, the questions it raised, and what alternatives avoid the problem.

Vivint's Mistake

The report below details the surprise a 'Vivint Video' customer experienced when he logged into his VSaaS account and reviewed video clips. Several of clips available for him to view were segments recorded by cameras from other user's accounts. See the video embedded below for more details:

This screen cap shows an example of the 'bug', consisting of another Vivint Video customer oblivious to the fact that others can see what his camera is recording:

In terms of mistakes, this gaffe ranks among the worst possible missteps a VSaaS provider can make. While the root cause of the problem appears to be technical and not malicious, the fact the event occurred at all indicates significant shortcomings in how Vivint's 'cloud' handles the video.

Widespread Problem?

In the clip, Vivint claims "this is the first time an event like this has been reported" and is investigating the issue in detail. Regardless of how widespread this particular issue proves, the customer detailed in the clip has been unnerved by the discovery, and lost confidence in Vivint's offering.

Adding insult to injury, the customer explains that he has repositioned his camera to disable their views, since Vivint "has locked him into a [service] contract" and he must "still pay for a security service he cannot trust". While unsatisfactory to most, this response is inline with both Vivint's sordid customer service reputation and the alarms industry in general that frequently requires multi-year monitoring contracts with punitive early termination penalties.

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

VSaaS Risk

While 'hosted' service vendors downplay this situation from being possible with claims of 'bank-grade encryption' and 'accessible only by your password', it remains an inherent risk to most cloud-based platforms. As the situation above reveals, even password protected accounts and equipment can malfunction and allow 'your' video to be seen by others.

Aside from public-facing access, support engineers and administrators usually always have (and periodically may even require) visibility of recorded video and customer data. In terms of account support, troubleshooting, and maintenance having 'master access' means that no video data is 100% exempt from being viewed by others. Even when only a 'potential' issue, the risk of unauthorized viewing can be a deal breaker for VSaaS - often excluding it from high-security/surveillance applications.

Alternatives

Many customers choose to avoid the risk of situations like the above by simply avoiding VSaaS products. Others withhold serious consideration of the platforms until privacy and security of remote video can be absolutely assured - something that is not be possible. Until the time, we expect appliance based NVRs, VMS enabled NAS appliances, and small VMS servers to remain the preferred option for many end users. "Remote Accessibility" of video is becoming increasingly less difficult even with the full physical retention of all recorded video onsite.

Comments (15) : PRO Members only. Login. or Join.

Related Reports on VSaaS

Directory of 50+ LPR / ANPR Providers on Feb 21, 2018
License Plate Recognition / Automatic Number Plate Recognition are a type of video analytics software that can identify and match license / number...
Smartvue VSaaS / Cloud Video Profile on Feb 01, 2018
Smartvue, a US company, has raised over $20 million to develop 'The IoT Video Network' but what does that mean and what does Smartvue offer...
VSaaS Usage Statistics 2018 on Jan 18, 2018
VSaaS has been a 'next big thing' for more than a decade. The prospect of managing, storing and streaming video from the cloud rather than...
Eagle Eye Investor Pitch Analyzed on Dec 20, 2017
Eagle Eye CEO Dean Drako presented an investor-oriented corporate pitch at the 2017 Imperial Capital Security Investor Conference, highlighting...
Directory of VSaaS / Cloud Video Surveillance Providers on Dec 15, 2017
This directory provides a list of VSaaS / cloud video surveillance providers to help you see and research what options are available. 2018 State...
Verkada, Silicon Valley VSaaS Startup, Targets Enterprise on Oct 19, 2017
Verkada says they are building an enterprise-class VSaaS offering, calling it "The new platform for video security". This is a departure from the...
Cloud Guy Prints Book, Misses Irony on Sep 15, 2017
On-premise security systems are dead. But $75 print books are alive and well. Such are the lessons from Brivo's CEO new book "The Five...
Microsoft Video AI Cloud Services Examined on Jul 18, 2017
Microsoft has released one of the most amazing video analytics marketing videos ever. In it, they detect oil spills, track individual people giving...
Milestone / Canon Launch Cloud Startup Arcus Global, Now Arcules on Jun 27, 2017
Milestone has spun off a business, Arcus Global, funded by their parent company Canon. The new company aims to transform the VSaaS market with an...
Panasonic Sells VSaaS Company To Eagle Eye (Cameramanager) on Jun 15, 2017
While many VSaaS companies might hope for one acquisition, Cameramanager has managed to get acquired twice. First they were acquired by Panasonic,...

Most Recent Industry Reports

Stealth / UCIT - Remote Video Monitoring Provider Profile on May 18, 2018
Can 2 remote video monitoring companies, Stealth Monitoring from the US and UCIT from Canada combine to impact the market and compete in a changing...
Cybersecurity for IP Video Surveillance Guide on May 18, 2018
Keeping surveillance networks secure can be a daunting task, but there are several methods that can greatly reduce risk, especially when used in...
Forced Entry / Duress Access Tutorial on May 17, 2018
Even though access control normally keeps people safe, tragedies have revealed a significant issue. If users are forced to unlock doors for...
ADT Stock Drops 50% Since IPO on May 17, 2018
It has been a brutal 4 months for ADT. They first expected to IPO at ~$18. They IPOed at $14, dropping immediately to $12.39 And now, not even...
Dahua 12MP Fisheye Camera Tested (NK8BR4) on May 16, 2018
Continuing our coverage of 12MP sensor fisheye cameras, we bought and tested the Dahua NK8BR4, examining: Default vs. Optimized...
Worst Manufacturer Technical Support 2018 on May 16, 2018
5 manufacturers stood out as providing the worst technical support to 190+ integrators in new IPVM results. These integrators answered: In the...
Installing Cameras in Plenums Tutorial on May 15, 2018
There is often confusion about plenum ceilings, with misinformation about what is required when running cables through them and mounting cameras...
Top Benefits Of Attending Trade Shows (Statistics) on May 15, 2018
150 integrators told IPVM: What are the top benefits of going to trade shows? The clear top 2 responses in order: (1) Networking (2) New...
Measuring For Security Installation Guide on May 15, 2018
Accurate measurement is a fundamental skill, yet many installers do not know how to do it. Using these tools are a key skill needed for security...
Arecont Files Ch.11, Agrees To Sell To Turnaround Specialist on May 14, 2018
The long-anticipated sale of Arecont Vision is finally happening. After raising $80 million in debt in 2014, a failed sale in 2017 and the...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact