Screw-up: Vivint Cloud Video

Author: John Honovich, Published on Feb 11, 2013

Who can see your cloud stored video? For at least one Vivint customer, the answer is complete strangers. An ongoing concerns of cloud-based surveillance is privacy and security protections in place to prevent unauthorized viewing. In this note, we take a look at one example where 'remote video' went wrong, the questions it raised, and what alternatives avoid the problem.

Vivint's Mistake

The report below details the surprise a 'Vivint Video' customer experienced when he logged into his VSaaS account and reviewed video clips. Several of clips available for him to view were segments recorded by cameras from other user's accounts. See the video embedded below for more details:

This screen cap shows an example of the 'bug', consisting of another Vivint Video customer oblivious to the fact that others can see what his camera is recording:

In terms of mistakes, this gaffe ranks among the worst possible missteps a VSaaS provider can make. While the root cause of the problem appears to be technical and not malicious, the fact the event occurred at all indicates significant shortcomings in how Vivint's 'cloud' handles the video.

Widespread Problem?

In the clip, Vivint claims "this is the first time an event like this has been reported" and is investigating the issue in detail. Regardless of how widespread this particular issue proves, the customer detailed in the clip has been unnerved by the discovery, and lost confidence in Vivint's offering.

Adding insult to injury, the customer explains that he has repositioned his camera to disable their views, since Vivint "has locked him into a [service] contract" and he must "still pay for a security service he cannot trust". While unsatisfactory to most, this response is inline with both Vivint's sordid customer service reputation and the alarms industry in general that frequently requires multi-year monitoring contracts with punitive early termination penalties.

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

VSaaS Risk

While 'hosted' service vendors downplay this situation from being possible with claims of 'bank-grade encryption' and 'accessible only by your password', it remains an inherent risk to most cloud-based platforms. As the situation above reveals, even password protected accounts and equipment can malfunction and allow 'your' video to be seen by others.

Aside from public-facing access, support engineers and administrators usually always have (and periodically may even require) visibility of recorded video and customer data. In terms of account support, troubleshooting, and maintenance having 'master access' means that no video data is 100% exempt from being viewed by others. Even when only a 'potential' issue, the risk of unauthorized viewing can be a deal breaker for VSaaS - often excluding it from high-security/surveillance applications.

Alternatives

Many customers choose to avoid the risk of situations like the above by simply avoiding VSaaS products. Others withhold serious consideration of the platforms until privacy and security of remote video can be absolutely assured - something that is not be possible. Until the time, we expect appliance based NVRs, VMS enabled NAS appliances, and small VMS servers to remain the preferred option for many end users. "Remote Accessibility" of video is becoming increasingly less difficult even with the full physical retention of all recorded video onsite.

Comments (16): PRO Members only. Login. or Join.

Related Reports on VSaaS

Smartvue VSaaS / Cloud Video Profile on Feb 01, 2018
Smartvue, a US company, has raised over $20 million to develop 'The IoT Video Network' but what does that mean and what does Smartvue offer...
VSaaS Usage Statistics 2018 on Jan 18, 2018
VSaaS has been a 'next big thing' for more than a decade. The prospect of managing, storing and streaming video from the cloud rather than...
Eagle Eye Investor Pitch Analyzed on Dec 20, 2017
Eagle Eye CEO Dean Drako presented an investor-oriented corporate pitch at the 2017 Imperial Capital Security Investor Conference, highlighting...
Directory of VSaaS / Cloud Video Surveillance Providers on Dec 15, 2017
This directory provides a list of VSaaS / cloud video surveillance providers to help you see and research what options are available. 2018 State...
Verkada, Silicon Valley VSaaS Startup, Targets Enterprise on Oct 19, 2017
Verkada says they are building an enterprise-class VSaaS offering, calling it "The new platform for video security". This is a departure from the...
Cloud Guy Prints Book, Misses Irony on Sep 15, 2017
On-premise security systems are dead. But $75 print books are alive and well. Such are the lessons from Brivo's CEO new book "The Five...
Microsoft Video AI Cloud Services Examined on Jul 18, 2017
Microsoft has released one of the most amazing video analytics marketing videos ever. In it, they detect oil spills, track individual people giving...
Milestone / Canon Launch Cloud Startup Arcus Global, Now Arcules on Jun 27, 2017
Milestone has spun off a business, Arcus Global, funded by their parent company Canon. The new company aims to transform the VSaaS market with an...
Panasonic Sells VSaaS Company To Eagle Eye (Cameramanager) on Jun 15, 2017
While many VSaaS companies might hope for one acquisition, Cameramanager has managed to get acquired twice. First they were acquired by Panasonic,...
Instant Cloud For Hikvision - Manything on Apr 28, 2017
One ISC West exhibitor had a very specific and clear pitch - cloud for Hikvision: In this note, we examine their offering, key differentiators,...

Most Recent Industry Reports

Why 3VR Failed on Feb 16, 2018
3VR destroyed transformed ~$65 million in VC funding into a $6.9 million exit. The reason they failed is simple. They bet on analytics. They...
"Fear Mongering": Hikvision USA Cybersecurity Director Dismisses Chinese Government Ownership Concerns on Feb 16, 2018
The facts are: The Chinese government created Hikvision and is Hikvision's controlling shareholder. Hikvision's Chairman, a Communist Party...
16:9 vs 4:3 Video Aspect Ratio Statistics on Feb 16, 2018
What aspect ratio do security integrators prefer? The 'standard' 4:3 or the 'wide' 16:9 one? 100+ integrators told us what they preferred, with...
Mercury Releases New Series 3 Redboard Access Panels on Feb 15, 2018
Mercury Security has their first major product release post-HID buyout, and things literally look different. The Series 3 SIO boards now are red...
Last Chance February 2018 Camera Course on Feb 15, 2018
This is the last chance to get into the Winter camera course, starts next Tuesday. Register now. IPVM provides the best education, live online...
Hikvision DeepInMind Tested Terribly on Feb 15, 2018
While Hikvision is heavily marketing deep learning and 'AI' as their next big thing, new IPVM test results of their DeepInMind NVR shows their deep...
Genetec CEO: You Cannot Buy Trust on Feb 14, 2018
Genetec's CEO, Pierre Racz, delivered a direct message at their channel partner conference: Racz has become a focal point in the industry debate...
Assa's Lowest Power Draw Maglock: Securitron M680E Examined on Feb 14, 2018
Securitron produces some of the most extreme maglocks on the market, including massively strong maglocks and even ones with integrated CCTV cams...
Hanwha Wisenet X 5MP Camera Tested (XNV-8080R) on Feb 13, 2018
Wisenet X is Hanwha's high-end camera line. We tested their Wisenet X 1080p camera last year. Now Hanwha is offering 5MP cameras listing super low...
Top Problems For Integrator Project Management on Feb 13, 2018
Security projects routinely encounter issues that jeopardize deadlines, create confusion, and shrink profits. Unfortunately, there are common...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact