back to article Be your own Big Brother: Monitoring your manor, the easy way

If you've ever had the misfortune to be burgled, you'll know how nervous it can make you feel. After my own experience some twenty years ago, it took a long time before I could leave the flat without fretting, and perhaps using my new-fangled mobile phone to call the home computer and check that it was still there to answer the …

  1. ZSn

    1984

    While I agree with the sentiment of this post - I am concerned that we are drifting towards the ubiquitous surveillance of 1984 and we HB have to pay and configure it ourselves! There is no guarantee that the NSA can't use these systems to watch us...

    1. Paul Crawford Silver badge

      Re: 1984

      Given the history of security on these web cams, I doubt you need the NSA's resources...

    2. Nigel Whitfield.

      Re: 1984

      At the moment I'm in Amsterdam at the IBC Show. I suspect some of the monitoring tech I've seen here will horrify a few Reg readers when I write it up. But, if you can put aside the thoughts of Big Brother, some very clever tech coming up soon.

      1. Destroy All Monsters Silver badge
        Paris Hilton

        Re: 1984

        Rather more like A Scanner Darkly, with Fear Generated by Politicians as the Substance D that everyone is on?

        1. Destroy All Monsters Silver badge

          Re: 1984

          The next day Fred showed up in his scramble suit to hear about the bugging installation.....

          To my own house, he thought. Arctor's house. Up the street at the house I am Bob Arctor, the heavy doper suspect being scanned without his knowledge, and then every couple of days I find a pretext to slip down the street and into the apartment where I am Fred replaying miles and miles of tape to see what I did, and this whole business, he thought, depresses me. Except for the protection -- and valuable personal information -- it will give me.

  2. Paul Crawford Silver badge

    Security?

    Given a lot of, probably the majority of, these cameras have a history of really shit security and unpatched firmware, you might want to consider some 3rd party method of limiting which devices can connect in to your home network via the camera's exposed interface.

    Also important if you are worried about burglary is having a recording of the images on something that won't get nicked by the thief, so it has to be pretty well hidden or to store images off-site, a potentially expensive aspect.

    Not really in the 'home security' area, we have used the Vivotek power-over-Ethernet cameras at work, great as you only have a single cable to run and that can be UV-resistant cat5 for outdoors (e.g. CB14001 from CPC/Farnell) and no bandwidth problems. They come with surprisingly decent recording software, though Windows-only and only for their cameras. Oh and dodgey firmware security, but in our case they were not exposed outside our firewall for any exploiting.

    1. frank ly

      Re: Security?

      " ... or to store images off-site, a potentially expensive aspect."

      That's what the 'cloud' is for, 10GB of free storage from many suppliers. With a mildly clever monitorung system, it will only store images or video if the scene changes. For 'evidence', you're better off with a few high resolution snapshots than a low resolution video recording.

      1. Paul Crawford Silver badge

        Re: Security?

        Unless you run at very low frame rates and resolution, or use movement detection, you can eat up 10GB surprisingly quickly! Also you might find you ISP capping your upload bandwidth quickly as well, given the true nature of a lot of "unlimited" contracts.

        We have 9 cameras and they generate 6TB/week, but that is with good video quality.

        1. EddieD

          Re: Security?

          Aye, but you can configure a lot of software to overwrite after a specific time 24/48 hrs or similar.

          Back in the days of tape CCTV cameras, most small businesses had only two tapes, the first job in the morning being to rewind last night's, and insert tonight's, and if anything had happened, watch last night's...

        2. RegGuy1 Silver badge

          We have 9 cameras

          Bloody hell -- is it that bad where you are?

      2. Anonymous Coward
        Anonymous Coward

        Re: Security? Avoid, avoid..

        That's what the 'cloud' is for, 10GB of free storage from many suppliers. With a mildly clever monitorung system, it will only store images or video if the scene changes. For 'evidence', you're better off with a few high resolution snapshots than a low resolution video recording.

        .. and so you have then enabled a 3rd party to do surveillance of your own home.

        In that context I have seen other questionable ideas - a service you have to subscribe to. Again, massive potential for abuse.

    2. VinceH

      Re: Security?

      "Given a lot of, probably the majority of, these cameras have a history of really shit security and unpatched firmware, you might want to consider some 3rd party method of limiting which devices can connect in to your home network via the camera's exposed interface.

      Indeed. I have a couple of fairly cheap, crap IP cameras (indoor ones) that feature a simple web-based interface which could be accessed from afar for remote viewing if I set my network up to allow it - but given that they're probably a potential security hole leading straight into my network, I don't.

      Instead, I choose to reduce the chance of someone using them to break in electronically, and at the same time solve this problem:

      Also important if you are worried about burglary is having a recording of the images on something that won't get nicked by the thief, so it has to be pretty well hidden or to store images off-site, a potentially expensive aspect."

      The cameras are set to only take photographs when a scene changes, and those photographs are emailed to me. FTP to a remote server is also an option - and would use less bandwidth - but in the event of a burglary, email means I'll know something has happened much sooner - perhaps even while it's happening*.

      * Unless I'm on holiday, when I tend to favour places where I have little or no network access. Or, indeed, just off for a walk somewhere suitably remote. Oh well.

      1. Steve Graham

        Re: Security?

        My setup is similar, although I use the FTP option, not email. Now that you mention it though, I might have a go.

        One tip I picked up from somewhere was to use the shell of a cheap halogen floodlight (B&Q, £7.99) as a weatherproof housing for an indoor-type camera.

        1. Gavin Park Weir

          Re: Security?

          If someone wants to break in they will. If the burglar is in anyway organised cameras will make no difference as they will avoid being caught.

          However as much as anything its about making your property look difficult / riskier than another one they drive past: If you have good security lights, gravel that makes lots of noise, good quality doors and windows, powered burglar alarm and cameras then you look prepared and probably not an easy target.

          It does look like you are protecting something but to a casual thief probably one to avoid. The types of thief who target you for a specific item are well prepared but I have nothing that valuable.

    3. yokel

      Re: Security?

      So the first thing a thief does is find your router and unplug it. Some local recording is surely required as a back up.

      1. VinceH

        Re: Security?

        "So the first thing a thief does is find your router and unplug it."

        By the time the thief has found my router and unplugged it, images from the cameras of the thief will have already been sent; hopefully they'll include his face unless he's sensible enough to wear a mask.

        And if he does wear a mask, all I can say is that no security is perfect. The only way I can improve on that is to replace the cameras with automated sentries that will open fire when they detect a scene change. But I believe that would be slightly illegal.

        "Some local recording is surely required as a back up."

        And he could unplug that just as easily as he could unplug my router. In both cases, some images will have been captured prior to that - the difference is that with the local storage, those images are stored locally, on a device that the burglar could steal and I might therefore never see and therefore be able to hand over to plod. With the emailed images, they end up where ever I am when I receive those emails - and I do get to see them and hand them over to plod.

        1. Eddy Ito

          Re: Security?

          There are reasonable limits to preparedness in the way of expense. While someone may unplug the router it would be really amateur and the average thief isn't going to bother. If it's a really well prepared thief there is nothing to say they won't cut the network wires outside before they enter the house. One that has it all thought out will even bring their own wireless jammer for the highly prepared person who is using a cell phone as an emergency backup. What it is that you're talking about a static target that has no real way to defend itself and remain within the generally accepted legal limits.

          The whole point is to maximize the risk of finding out what the reward is. Of course nobody puts plastic flatware in an expensive safe so the level of security itself is an indicator of the potential reward. In the end it is the thief who decides what the opportunity cost is.

        2. tony2heads

          Re: Security?

          He will probably take the camera too:

          http://www.iol.co.za/news/crime-courts/cyclists-mountain-security-camera-stolen-1.1560971#.VBa343V53UY

          So don't spend much on it whatever you choose -or MAKE IT LESS CONSPICUOUS; Why are these cameras so big when it seems totally unnecessary

          Of course expect anything loaded to the cloud to be leaked immediately, so make sure you know when it is off (or just cover it)

          1. Anonymous Coward
            Anonymous Coward

            Re: Security?

            So don't spend much on it whatever you choose -or MAKE IT LESS CONSPICUOUS; Why are these cameras so big when it seems totally unnecessary

            We tend to install two systems: one glaringly obvious and on WiFi, so a cheap Alibaba sourced jammer will take them out, and one covert platform with pinhole cameras which do the real work, some of which operating wholly independent as a backup. This is for people and companies that need protective surveillance to *work*.

  3. Pen-y-gors

    No Android?

    Why do companies like Withings still produce kit that only works with iOS (less than one third of UK market) rather than starting with Android (nearly two thirds) and then moving on to iOS?

    Or is it a reflection that fanbois are more likely to splash the cash on very expensive gadgets to 'protect' their other very expensive gadgets?

    1. corcoran

      Re: No Android?

      We have money to burn, prole..

      ;)

  4. Tezfair
    Happy

    weakness in this story

    Homeplugs. Never had much sucess with them both here and at customers. All ok for a while but eventually they have to be rebooted as they stop working. I accept they are ideal in properties that have thick walls etc, but I look to fit a wifi mesh system as it has better coverage when wifi is the only option.

    Dangle more that a couple of HD IP cameras off a wifi and you essentially run out of bandwidth. When I install axis cameras on site I insist on a gigabit backbone.

    But to be honest, I have had IP cameras around the house for years. I can access them externally by port redirection and use an app call IP Camera Viewer Lite. Recorded movement goes to a hidden repurposed server with Security Monitor Pro installed.

    1. Nigel Whitfield.

      Re: weakness in this story

      Certainly, HomePlug isn't for everyone. In my flat it makes sense as the walls are very thick and WiFi has problems covering the whole space as a result. And yes, I've had some annoying HP crashes too - though they turned out to be caused by a different bit of kit, after a lot of cursing and head scratching.

    2. frank ly

      Re: weakness in this story

      I use the Solwise AV500 around the house for an upstairs WiFi repeater and various non-demading connectivity. I have noticed that if I stream two videos from my network storage box via Homeplug, then there is the occassional stutter, compared to ethernet cable connection to the router. That might be my house wiring or various other factors.

      Is there still any argument running about the Homeplug devices causing interference to various radio bands?

      1. Richard 12 Silver badge

        Re: weakness in this story

        Is there still any argument running about the Homeplug devices causing interference to various radio bands?

        There's no argument at all - they do, and everybody in the industry knows it but the regulators have chosen to ignore it.

        1. Phil W

          Re: weakness in this story

          Yup they're awful really. Only to be used where there's no other option, for instance if you rent your home and can't do a proper cable installation.

          Doing a nice neat and hidden away Cat5e/6a is not especially challenging and can be the work of a few hours or a weekend depending on the type of house.

  5. ZSn

    raspberry pi

    If you are willing to roll your own there is the option of using a raspberry pi and the camera module. There are some rather nice projects that install it in a fake camera housing of all things. It's cheaper than this kit and you can modify it to your heart's content. Also you have a better handle on what is going into it and whether it is patched.

    1. Nigel Whitfield.

      Re: raspberry pi

      Certainly, you can do things like that - and if you want to tinker, then it's a great way to start learning about how everything works. But cheapness isn't always everything - and with the Pi by the time you've added a camera-style case, and perhaps bought a HomePlug to connect it to, you're actually not that far off the cost of something like this (Pi is a little under £30, camera module just under £20, add a PSU, case, etc).

      Of course, you can do a hell of a lot more with a Pi, and it would be interesting to use one with, say, USB webcams, or other IP cameras, to aggregate several images, which something like this can't do.

      But, on the other hand, if one camera is enough, and you just want something to plug in and start using, then solutions like the ones mentioned here will solve a problem. A lot comes down to the trade-off of how you value your time, and where you're using it.

      Home brew might be fine for your personal use, for example, but if I were installing something in my mother's home, 80 miles away, the benefits of having just one cable to plug in and nothing else that can come loose/crash/be tinkered with outweigh the fun of DIY

  6. OzBob

    Give me wifi motion sensors

    specifically, ones stuck to the telly and laptop I leave at home. That way if someone is riffling around them, I can pick that up.

    1. phil dude
      Linux

      Re: Give me wifi motion sensors

      zoneminder detects movements from the video feed. This works really well if you have a room that is supposed to be empty and then is not. If you have phone bluetooth detection and unless you have a really big house, you should detect intrusions.

      If you have animals (except penguins), the false alarm rate might go up...

      P.

    2. Nigel Whitfield.

      Re: Give me wifi motion sensors

      Probably unlikely to be WiFi - at the moment, I'd put my money on Zigbee for those, and suspect you'll see such things fairly soon.

  7. OzBob

    4chan will have to create a whole new category

    "lonely tech blokes caught having a w*nk on their security cameras".

    1. Destroy All Monsters Silver badge

      Re: 4chan will have to create a whole new category

      Isn't that already passé?

      1. Anonymous Coward
        Anonymous Coward

        Re: 4chan will have to create a whole new category

        Isn't that already passé?

        Yes, they can't hold it for long..

  8. Gert Leboski

    WatchBots - As dodgy as they come.

    I run a couple of WatchBot IP cameras on my home LAN. Despite turning everything off in the settings, that might justify a call out to the outside world, they try it over and over.

    However, mine are well marshalled behind an OpenBSD pf firewall, with an nginx instance providing reverse proxy.

    I've a whole bunch of rules in place to allow me access to the devices from the outside world, as well as stopping the things from calling out / home, of their own volition.

    I'm certainly keen to put together some kit (motors, IR leds, camera, microphone etc) on a Raspberry Pi, or two, to allow me to recreate the full functionality of the WatchBots, but on a platform that I have proper control over.

    It's a shame, as the WatchBots are decent, well featured little units, but all of the calling out to the internet gives me a natural distrust of them.

  9. Anonymous Coward
    Anonymous Coward

    (IoT - Internet of Things)

    Homeplugs can work well. Avoid using an extension lead if you can. I have several and reboot times are in years.

    Securitywise, if you are worried then you will need to use a more sophisticated router and discover the joys of VLANs. Separate your IoT stuff to their own VLAN and have an aggregator like Synology or Zoneminder on another VLAN. Allow access TO the IoT but not FROM and allow access FROM your aggregator TO your IoT stuff. Allow access TO your aggregator FROM the internet or ideally via VPN only. OpenVPN has clients for any device you can possibly want to use and many routers support it - eg pfSense.

    Yes it will be more expensive than your ISP provided pile of shite but its your privacy. Netgear do some cheap 8 port switches that support VLANs and various Power over Ethernet options.

    You can run Cat5e externally inside black conduit and then it need not be wife unfriendly and you avoid channeling the walls, although you will need a hammer drill and big bits to get the wires in and out! Phone wiring can run over it as well (an RJ11 can use and RJ45 socket) and satelite cables can be run through it as well.

    I use all three of these at home - physical wires, WiFi and powerline as required, including a 60m run down the garden to our summer house for Wifi and a camera with PoE.

    Cheers

    Jon

    1. Anonymous Coward
      Anonymous Coward

      "reboot times are in years" - Man, you must be very patient!!

    2. Sir Runcible Spoon

      " Avoid using an extension lead if you can"

      I read this in the instructions when I set mine up, so I decided to get them all talking in the first place whilst on an extension lead.

      Hasn't missed a beat :)

  10. Anonymous Coward
    Anonymous Coward

    I think that the author misspelled "One option is to use a NAS box". It should be "One option is to use a NSA box".

    1. Nigel Whitfield.

      Ho ho

      I'll claim prior art, if you don't mind. In a piece for a UK print title last year, I explained how to set up your own mail server on a Synology and thereby move "from NSA to NAS"

      Someone probably thought of it before then, too

  11. Zog_but_not_the_first
    WTF?

    For your convenience...

    Some of the instructions/software on the cheap cameras is very suspect.

    "for your convenience in accessing camera browse to our web page and enter your WAN address, user name and password."

  12. Oldfogey
    FAIL

    Outages

    I am often away for several weeks at a time (holidays, says smug retired git), and had thought of such a system to give confidence that all was OK whilst away.

    Unfortunately, I live in a remote area and the broadband dies at least once a week, requiring a power off, or several, to re-aquire it. So, I can't log on to the camera? Is it a broadband problem, has the house burned down, or has a burglar nicked the hardware?

    I can't find out, so better not to have the system which will just cause more uncertainty!

    1. Dr Dan Holdsworth

      Re: Outages

      Power the broadband via a simple time switch, which turns off for fifteen minutes every day. That will reboot the router for you, and if you do what I do and save only the motion videos output from your security system into a Dropbox folder on a low-power NAS box, then this will solve the problem completely, as the router will be regularly rebooted and everything will auto-sync when the networking comes back after an outage.

  13. poopypants

    Cheapest solution?

    Probably a standard USB camera feeding into movement detection software (readily available, but you can write this yourself if you're keen - a good excuse to play with CUDA if you have an up to date NVIDIA card), dumping any snaps into a Google Drive directory on your computer. These will be automatically be transferred to the cloud when added.

  14. Marvin O'Gravel Balloon Face

    I've plumbed for a mixture of streaming and static (offsite) images. I spent £90 on three cheap IP outdoor wifi cameras, positioning them over the exterior doors and front garden. Once configured, I didn't use the built in web server at all, instead using a program called Motion on my media PC/home server to plug into the feed generated by the cameras and detect any changes in the image.

    Each of these snapshots are then saved to an images directory and uploaded via SSH to a remote web server where a simple web page with a minishowcase JavaScript gallery picks up everything automatically and displays the historic stills in order. A cron job deletes everything older than 5 days old to preserve disk space.

    There's also a live feed that runs from Apache on the home server, which picks up the snapshot.cgi of each camera and refreshes the images using JavaScript within the page. That way the actual web server of the camera is not exposed to the outside world.

    Took a bit of fiddling about configuring the internal network, subdomains and url forwarding in Apache but it works pretty well. The idea is that you can see on the live feed if there is a problem, then trawl through the stills for the evidence. Unfortunately, the cheap cameras let the whole thing down a bit, my grass looks more purple than usual and I'm sure my bald spot looks bigger...

  15. Lionel Baden

    in regards to a thief,

    I wanted to get a camera to view my driveway when we were planning on having a mobile tech stand.

    My wife pointed out, they only have to wear a hoodie or bandanna.

    I do wish people wouldn't rely on camera's too much.

    1. PsychicMonkey
      Big Brother

      Re: in regards to a thief,

      isn't it a case of better than nothing though? The clothes they are wearing could tie them to your crime, or other crimes, the get away vehicle could be in shot and of course other possibilities.

      Some evidence has to be better than no evidence.

  16. Captain Hogwash

    Roll your own

    Cheapo Chinese Android tablet bought out of curiosity and hitherto no use found for plus ancient netbook with broken screen (being binned by my sister) plus Zoneminder and some webspace does the intrusion detection well enough. Anything more is just an indulgence (although Zoneminder is a pig to set up.)

  17. Steve 13

    what's new?

    I use cheap d link cameras and apache reverse proxy on my synology nas. Not massively secure, the nsa and gchq can no doubt see that my car is still in the drive just like I can.

    Images are ftpd to the same nas on motion detection, I doubt your average thief would know what it was or take it in preference to a laptop.

    False positives are really high though, so I don't sink it to dropbox.

    Had this setup for over four years now fyi.

  18. booms

    I was just about to try and buy one of these things.

    I found something called a Y-cam. You can buy them in Argos for £129 - and they have cloud based storage that's free, that records only when something has moved, can view live through an Android app, and no messing around with static IP as far as I know. They've been lucky enough to have some guy burgled whilst using it - he called the police when he got an email and the police got the guy before he left. Superb PR....

    Having said all that the cloud storage is a wee bit worrying. There's also some implication of a limit to the storage size but absolutely no useful information anywhere about how much it might be. All a bit offputting when I have no idea who makes it or how they might bend their own rules in the future.

  19. NozeDive

    My set up

    I've had two break ins, my wife has had three (one before we met)

    We live in what's described as an "okay" neighborhood - obviously not okay enough!

    I have to re-do my surveillance system thanks to a server crash, but before that I had a little Debian Linux server running the "motion" daemon that handled the three wireless, infrared, IP cameras ($25 each) that I have in my house. Each new frame from the cameras is passed on to my web server (on the same box) which is protected by SSL, so I can logon remotely for live views. The web server also has buttons in the WebGUI to take snapshots.

    I also have motion detection turned on so that on motion events (set to ignore the house-cats), video and stills are archived on my 2TB external drive. The server also sends an email to my (and my wife's) cellphone on motion - but sends it as a text. This is so that we can use our texting apps to assign a unique ringtone - that way we'll know that even if we're in a meeting, not to ignore the texts with the "Red Alart" ringtone because it's not some obnoxious tweet or friend or something, it's some one breaking in.

    This is all behind my router running DD-WRT - admittedly, I need to upgrade my firewall to something more robust.

  20. Anonymous Coward
    Anonymous Coward

    I'm a bit surprised that nobody commented on the fact that Nigel was able to view the picture from his ipCam while sitting in the pub, without having made any provision in his router/firewall for that.

    I understand that that level of convenience has to be put in place if the man on the Clapham Omnibus is going to be persuaded with his shillings to buy this stuff, but it is definitely an aspect of this technology that makes me more than a little bit leery - especially for cameras that have built in microphones. (I know a number of people ho have set this type of camera up in their living room but pointing out the window at a birdfeeder or a pleasant view, and shared the address with friends/family, not realizing that they can be overheard even if they can't be seen).

    Given the fact that these devices are likely to be "fire and forget", left running for a long time unmaintained once they are set up, I'd really like to see a decent open source firmware developed that might have some degree of public reassurance about what the cameras are doing "behind the scenes", a dd-wrt for IPCams, rather than relying entirely on firmware from some Chinese company that insists on installing an ActiveX control to manage the camera!

    1. Nigel Whitfield.

      Indeed; spot on. I didn't have time before I went away to IBC, but I will fire up WireShark and see exactly what's going on here; each camera has an ID code, and that with the password (which you can change, but the default is a fairly long, random looking string) is all you need to connect - I sent the code by email to a mate to test that.

      So, clearly there's an external server involved somewhere, but scant documentation about it. It makes things very simple, even with my network setup, which confuses many things, but at what cost?

      On your other point, it was precisely fear of being seen that helped kill the D-Link; it's never been quite the same since a guest decided to grab it and point it away from them, buggering up the servos.

      1. Al Jones

        Once camera that I used (a Fortinet clone of some sort) did some sort of DDNS with the camera's manufacturer, so that I could use <cameranumber>.<manufacturer>.com:<forwarded port> to access the camera from IPCam Viewer on an android phone when away from the house.

        I obviously had to set up the port forwarding manually, and god alone knows what else might have been sent back to the manufacturer when the dynamic DNS request was being set up, or how often it was renewed, but given the recent hassles with NoIP and DynDNS.org, it was handy to have an accessible address for the camera. Your camera might be doing much the same, but it would be better for you if they documented it properly, so that you could use that address in 3rd party viewers.

        1. Nigel Whitfield.

          Quite; Solwise were unable to tell me if there was a URL I could access directly for the camera feed. I suspect there must be - or at least a host and port number - and if so, then it would be possible to integrate the camera view into other apps, which allows much more scope for the geekier amongst us to do interesting things.

          1. Al Jones

            If Solwise couldn't tell you how it worked, then they don't know what else the 3rd party that they bought the firmware from put into it. It they do know, but won't tell you, that's nearly as bad!

            That's simply not good enough for a device that is opening a hole in your firewall, without asking your permission. (Do you have UPnP enabled on your router?)

            1. Nigel Whitfield.

              No UPnP at all; it's disabled on the main router, and the Airport Extreme that runs the internal network (to which the camera is connected) sites behind that, and itself has NAT-PMP but no UPnP.

              This is why it's always quite a surprise to me when something like this works flawlessly on my LAN. With phones, for example, I gave up trying to sort out NAT or anything like that, and simply dual homed the SIP server, so that it has one ethernet port on the private network and one on the external one.

  21. CanAmSteve

    I've used IP cameras for quite a few years now and look forward to the day when there are some standards and they can be expected to work well after configuration by the average homeowner. The use of dynamic IP addresses (as most homes receive) is problematic for many cameras. There are ways around this but they vary by camera and router and ISP, so a royal PITA.

    None of these last very long - remember they are on 24/7. Figure one-year lifespan. I've used D-Link, TrendNet, Panasonic, Y-Cam, Edimax... all have differing configs and even nomenclature (so you spend time trying to determine what they mean). The most recent wired-only Edimax cameras with a smartphone app work reasonably well and at a price (£35). I recommend forgetting wifi cameras for any really remote use. They will fall off the network regularly. So best to connect via Ethernet and/or plug the camera into a mechanical timer so it reboots once a day.

    And finally, I've yet to find a camera that allows motion detection to be set up on anything other than Windows and IE.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like