Screw-up: Vivint Cloud Video

Author: John Honovich, Published on Feb 11, 2013

Who can see your cloud stored video? For at least one Vivint customer, the answer is complete strangers. An ongoing concerns of cloud-based surveillance is privacy and security protections in place to prevent unauthorized viewing. In this note, we take a look at one example where 'remote video' went wrong, the questions it raised, and what alternatives avoid the problem.

Vivint's Mistake

The report below details the surprise a 'Vivint Video' customer experienced when he logged into his VSaaS account and reviewed video clips. Several of clips available for him to view were segments recorded by cameras from other user's accounts. See the video embedded below for more details:

This screen cap shows an example of the 'bug', consisting of another Vivint Video customer oblivious to the fact that others can see what his camera is recording:

In terms of mistakes, this gaffe ranks among the worst possible missteps a VSaaS provider can make. While the root cause of the problem appears to be technical and not malicious, the fact the event occurred at all indicates significant shortcomings in how Vivint's 'cloud' handles the video.

Widespread Problem?

In the clip, Vivint claims "this is the first time an event like this has been reported" and is investigating the issue in detail. Regardless of how widespread this particular issue proves, the customer detailed in the clip has been unnerved by the discovery, and lost confidence in Vivint's offering.

Adding insult to injury, the customer explains that he has repositioned his camera to disable their views, since Vivint "has locked him into a [service] contract" and he must "still pay for a security service he cannot trust". While unsatisfactory to most, this response is inline with both Vivint's sordid customer service reputation and the alarms industry in general that frequently requires multi-year monitoring contracts with punitive early termination penalties.

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

VSaaS Risk

While 'hosted' service vendors downplay this situation from being possible with claims of 'bank-grade encryption' and 'accessible only by your password', it remains an inherent risk to most cloud-based platforms. As the situation above reveals, even password protected accounts and equipment can malfunction and allow 'your' video to be seen by others.

Aside from public-facing access, support engineers and administrators usually always have (and periodically may even require) visibility of recorded video and customer data. In terms of account support, troubleshooting, and maintenance having 'master access' means that no video data is 100% exempt from being viewed by others. Even when only a 'potential' issue, the risk of unauthorized viewing can be a deal breaker for VSaaS - often excluding it from high-security/surveillance applications.

Alternatives

Many customers choose to avoid the risk of situations like the above by simply avoiding VSaaS products. Others withhold serious consideration of the platforms until privacy and security of remote video can be absolutely assured - something that is not be possible. Until the time, we expect appliance based NVRs, VMS enabled NAS appliances, and small VMS servers to remain the preferred option for many end users. "Remote Accessibility" of video is becoming increasingly less difficult even with the full physical retention of all recorded video onsite.

Comments (16): PRO Members only. Login. or Join.

Related Reports on VSaaS

Ex-ADT Exec Joins Eagle Eye As President on Nov 04, 2016
VSaaS has been a tough market, while Axis struggles with their business, Eagle Eye is filling out their executive team. Eagle Eye has hired an...
'Legal Protection' From Eagle Eye Contract Vault Examined on Nov 02, 2016
"I was promised the high-end model for the entry level price." "Nobody said there would be a monthly service fee when I signed...
VSaaS Startup Raises $5 Million For Global Expansion on Oct 04, 2016
There is money to be made in VSaaS. At least that is what the investors of Morphean believe. The Swiss company received a $5M investment to expand...
Axis Hosted Video Decade of Failure on Aug 29, 2016
Do you want to 'head up' Axis hosted video offerings? Axis almost never publicly promotes senior positions, but for such an unattractive job they...
H.265 Licensing Fees Examined / CEO Interview on Jul 14, 2016
Axis has repeatedly warned about H.265 licensing, most recently: [The H.265 license model] includes a royalty on revenues generated on the...
VSaaS Usage Statistics 2016 - Still A Long Way From "The Next Big Thing" on Mar 14, 2016
VSaaS ranked #2 in the Next Big Thing 2020, but new integrator survey results show current usage is far from its promise. 150 integrators...
Taser Aims To Be Emerging VSaaS Powerhouse on Mar 01, 2016
Taser, the company, is best known for its stun-gun product (or "CEW - Conducted Electrical Weapon") which is commonly referred to as a...
Most Americans Not OK With Home Security Video Recorded In the Cloud on Jan 21, 2016
A majority of Americans are not OK with their home security video being recorded in the cloud, according to new IPVM survey results. Inside this...
Top 5 Video Surveillance Product Advances Going Into 2016 on Dec 31, 2015
Here are the 5 product areas that have had the most meaningful product advanced in 2015, that you should be looking at incorporating in...
Angelcam Cloud Video Tested on Oct 13, 2015
With the cloud getting more and more hype plus with early market leader Dropcam stumbling after being acquired by Google / Nest, there is increased...

Most Recent Industry Reports

Hikvision Leads Multi-Manufacturer Sales Promo on Feb 21, 2017
Earlier this month, Hikvision launched new 'super value' kits, with 40% discounts, and now Hikvision is offering another promo, but this time they...
Washington DC MPD's Surveillance Equipment on Feb 21, 2017
The Washington DC Metropolitan Police Department's surveillance system was hacked in January 2017. Two immediate questions were: Whose...
Hikvision Ezviz Mini 360 Plus - $80 Autotracking Camera Tested on Feb 21, 2017
Autotracking, integrated IR, local storage, full HD, cloud access: $80. That is the claim of Hikvision EZVIZ's new Mini 360 Plus. But for this...
Lenel Improving Customer Support on Feb 21, 2017
Lenel has faced significant criticism recently (see Lenel Partners Angry, Lenel Does Not Care, Worst Access Control 2016, Lenel Favorability...
'Dirty': Hikvision Attacks Genetec on Feb 20, 2017
Hikvision is angry at the growing public awareness that Hikvision is owned by the Chinese government. They took aim at Genetec,...
Directory of Alarm Company Brokers on Feb 20, 2017
Selling an RMR based business, such as alarm company, can be highly profitable, with acquisition prices of 36 to 48x RMR (equivalent to 3 to 4x...
Hikvision Hiring 50, Direct Out of College, Sales People on Feb 20, 2017
Hikvision is hiring 50, direct out of college, field sales people across the country. This is the next major expansion for the Chinese...
Simplisafe is 'Blowing The Doors Off' on Feb 17, 2017
The company alarm dealers love to hate, Simplisafe, is 'blowing the doors off' according to Michael Barnes, one of the top financial advisors in...
Hikvision OEM DDNS Devices To 'Lose Remote Access' on Feb 17, 2017
The fallout of Hikvision's DDNS discontinuation is expanding, this time hitting OEM partner Supercircuits, who reports that on June 30th: The...
Milestone: "Easy Money Days Are Over" on Feb 17, 2017
Contrary to IPVM's criticisms, Milestone has reaffirmed that glory days remain. But they admit that they 'easy money days are over': Are the...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact