Screw-up: Vivint Cloud Video

By: John Honovich, Published on Feb 11, 2013

Who can see your cloud stored video? For at least one Vivint customer, the answer is complete strangers. An ongoing concerns of cloud-based surveillance is privacy and security protections in place to prevent unauthorized viewing. In this note, we take a look at one example where 'remote video' went wrong, the questions it raised, and what alternatives avoid the problem.

Vivint's Mistake

The report below details the surprise a 'Vivint Video' customer experienced when he logged into his VSaaS account and reviewed video clips. Several of clips available for him to view were segments recorded by cameras from other user's accounts. See the video embedded below for more details:

This screen cap shows an example of the 'bug', consisting of another Vivint Video customer oblivious to the fact that others can see what his camera is recording:

In terms of mistakes, this gaffe ranks among the worst possible missteps a VSaaS provider can make. While the root cause of the problem appears to be technical and not malicious, the fact the event occurred at all indicates significant shortcomings in how Vivint's 'cloud' handles the video.

Widespread Problem?

In the clip, Vivint claims "this is the first time an event like this has been reported" and is investigating the issue in detail. Regardless of how widespread this particular issue proves, the customer detailed in the clip has been unnerved by the discovery, and lost confidence in Vivint's offering.

Adding insult to injury, the customer explains that he has repositioned his camera to disable their views, since Vivint "has locked him into a [service] contract" and he must "still pay for a security service he cannot trust". While unsatisfactory to most, this response is inline with both Vivint's sordid customer service reputation and the alarms industry in general that frequently requires multi-year monitoring contracts with punitive early termination penalties.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

VSaaS Risk

While 'hosted' service vendors downplay this situation from being possible with claims of 'bank-grade encryption' and 'accessible only by your password', it remains an inherent risk to most cloud-based platforms. As the situation above reveals, even password protected accounts and equipment can malfunction and allow 'your' video to be seen by others.

Aside from public-facing access, support engineers and administrators usually always have (and periodically may even require) visibility of recorded video and customer data. In terms of account support, troubleshooting, and maintenance having 'master access' means that no video data is 100% exempt from being viewed by others. Even when only a 'potential' issue, the risk of unauthorized viewing can be a deal breaker for VSaaS - often excluding it from high-security/surveillance applications.

Alternatives

Many customers choose to avoid the risk of situations like the above by simply avoiding VSaaS products. Others withhold serious consideration of the platforms until privacy and security of remote video can be absolutely assured - something that is not be possible. Until the time, we expect appliance based NVRs, VMS enabled NAS appliances, and small VMS servers to remain the preferred option for many end users. "Remote Accessibility" of video is becoming increasingly less difficult even with the full physical retention of all recorded video onsite.

Comments (15) : Members only. Login. or Join.

Related Reports

VSaaS 101 on Mar 25, 2020
Video Surveillance as a Service (VSaaS) is the common industry term for cloud video. But what does it mean? How does it all work? Inside this...
Surveillance Storage 101 on Mar 23, 2020
This guide teaches the fundamentals of video surveillance storage. Inside we cover: Surveillance Storage NVR / Recorder Storage Camera /...
Use Access Control Logs To Constrain Coronavirus on Apr 09, 2020
Access control users have included capabilities that are not commonly used that can help zero-in and discover potential Coronavirus hotspots in a...
Clearview AI Alarm - NY Times Report Says "Might End Privacy" on Jan 20, 2020
Over the weekend, the NY Times released a report titled "The Secretive Company That Might End Privacy as We Know It" about a company named...
Video Analytics 101 on Mar 16, 2020
This guide teaches the fundamentals of video surveillance analytics. Inside we cover: Why Use Video Analytics Video Analytics Warning Where...
Video Surveillance History on May 06, 2020
The video surveillance market has changed significantly since 2000, going from VCRs to an emerging AI cloud era and now impacted by...
Video Surveillance Business 101 on Mar 30, 2020
This report explains the fundamental elements of the video surveillance business for those new to the industry. This is part of our Video...
AI/Smart Camera Tutorial on Feb 20, 2020
Cameras with video analytics, sometimes called 'Smart' camera or 'AI' cameras, etc. are one of the most promising growth areas of video...
Avigilon ACC Cloud Tested on Jul 08, 2020
Avigilon merged Blue and ACC, adding VSaaS features to its on-premise VMS, offering remote video and health monitoring that was previously limited...
The US Fight Over Facial Recognition Explained on Jul 08, 2020
The controversy around facial recognition has grown significantly in 2020, with Congress members and activists speaking out against it while video...

Most Recent Industry Reports

Ban Rules Released: Use Dahua or Hikvision, No Government Contracts on Jul 13, 2020
The US government has released the rules implementing the "Prohibition on Contracting with Entities Using" Dahua, Hikvision, and Huawei based...
JCI Sues Genetec For Patent Infringement on Jul 13, 2020
Surprisingly, security giant JCI has sued their partner, security software developer Genetec, for patent infringement. Inside this note,...
Remove Dahua and Hikvision Equipment "Immediately" Or Else Banned From US Government Contracts on Jul 10, 2020
The US government has directed contractors to remove covered equipment, such as Dahua, Hikvision, and Huawei Hisilicon products, "immediately." If...
ZeroEyes Presents Firearm Detection Video Analytics on Jul 09, 2020
ZeroEyes presented its Firearm detection Video Analytics system at the May 2020 IPVM Startups show. A 30-minute video from ZeroEyes...
Directory of 164 "Fever" Camera Suppliers on Jul 09, 2020
This directory provides a list of "Fever" scanning thermal camera providers to help you see and research what options are available. There are...
Clinton Public View Monitor (PVM) Mask Detection Tested on Jul 09, 2020
Face mask detection, or more specifically not wearing one, is expanding amidst the pandemic. Clinton Electronics has added this capability to their...
These Florida Real Estate Agents Are Now Selling "SafeCheck USA" Temperature Detectors on Jul 09, 2020
The "Kakon Brothers", William and Nathan, are self-described "south Florida Power Agents specializing in Luxury Real Estate" who "have closed over...
Avigilon ACC Cloud Tested on Jul 08, 2020
Avigilon merged Blue and ACC, adding VSaaS features to its on-premise VMS, offering remote video and health monitoring that was previously limited...
Hikvision's India Dominance Faces Threat on Jul 08, 2020
While Hikvision has become a dominant video surveillance provider in India, recent tension between the governments of India and the PRC is...
The US Fight Over Facial Recognition Explained on Jul 08, 2020
The controversy around facial recognition has grown significantly in 2020, with Congress members and activists speaking out against it while video...