Do Eufy Cam's send data back to China? Anyone confirm with Wireshark?

I understand that my videos will need to be trasmited from local storage out over the WAN if I want to see them remotely from my phone. But has anyone validated that these devices aren’t still shipping data out to destinations when not viewing? And does the video data stay in the US? It’s great not having to pay for a cloud subscription, but that doesn’t mean Anker isn’t potentially still harvesting data for improving their AI or for data science. Has anyone tracked their cam network activity with something like Wireshark? Recently some folks found that the Wyze cams were shipping data to all kinds of foreign ip’s.

4 Likes

Very very good question! :+1:
I am curious about the answer(s).

1 Like

My eufycam homebase is absolutey sending data back to China. Potentially not the videos themselves, but it’s absolutely using a Chinese DNS server for name resolution - I have the firewall logs to prove it. Specifically, it’s using 114.114.114.114 for name resolution. This is not a DNS server that I have ever used on my network - I use Quad9 for all my DNS.

There is also a lot of unusual traffic coming from my homebase as well. It may have been infected with some sort of linux malware - there’s a lot of UDP traffic going to random IP addresses over port 32100 - this port is also used by a lot of malware remote access tools.

We have little to no control over the security of these devices, so Anker really needs to provide some better vulnerability management.

3 Likes

I am also curious, can ANKER confirm and explain, what in detail happens here? Probably we have accepted anything with the small-printed stuff, right? but anyhow, the traffic @Kurt6 mentioned is worth some explanation.

regards, 2XS

2 Likes

+1

@AnkerOfficial

2 Likes

EufyCam seems to heavily rely on external Eufy servers, even though everything is supposed by work locally with a local SD card for local recordings, but when the Internet is down it doesn’t work anymore. Eufy Security - No recordings when internet is down This is because they use those Eufy servers in China.

Eufy is owned by Anker, which is a Chinese company. Also Eufy apps are created by a Chinese company Oceanwing Oceanwing?

Pretty disappoint to me. I wanted to buy an EufyCam until I found this. Which is in terms of privacy not a solution for me.

1 Like

If eufycam is send the date to China , we need to stop used the products…

I’m afraid this is a concern with pretty much any of the security cameras on sale. I tried out a couple of low cost offerings a while back and part of their setup asked me to “input your WAN address, router admin name and password”. Er, no. :roll_eyes:

I suppose it boils down to trust in the end, but with just about every company selling internet enabled stuff eager to violate your privacy for profit, and people actually paying to have “smart assistants” in their home, wotcha going to do? :thinking:

The product has connected China server
My firewall log had The recorded 54.223.148.206

I began disassembly/debugging, however didn’t complete it since the BAUD rate changes after the Linux OS boots. I had to send it back for replacement soon after because it had a fault anyway.

You can see my progress here: https://twitter.com/hookready/status/1177871629835214848

I have detailed my steps as much as possible so anyone with hardware debugging experience can use it as a small leg up. I may try again when I have another weekend free in a few months. If anyone with experience wants to work together, message me on Twitter.

Any update on this? I want to buy the eufycam but it is a deal breaker if data is getting sent back to China

1 Like

Hi @Kurt6 ,

Thanks for your question!

DNS is a network protocol that helps connected devices find the servers on Internet. It translates domains to IP addresses. You may consider it as an Internet phone book. You want to call someone but you only know his/her name. So you need to find his/her phone number on a phone book, then you make the call and talk to the person.

Here’s the Wikipedia page for detailed explanation:

The eufy Security products also need a “phone book” to find servers on Internet. That’s why it needs DNS services, sends out DNS queries and gets responses from DNS servers.

One of the global public DNS service providers is Google. We use it for the majority of the world. We also use another public DNS service in China, the one we’re talking about here. This is for China customers. As you may know some Google services are not accessible in some regions. We, as a manufacturer, do not know where a device will be activated or used. So multiple DNS services are needed to ensure the product can be used in different regions. Hope you understand that.

Sending DNS queries doesn’t mean any security or privacy concern. The DNS traffic is only for server lookup. It doesn’t contain personal data. No matter the Google or the 114 DNS services, they both point to the same eufy Security servers.

The eufy Security servers are hosted on AWS in the US, Singapore and Germany.
Users’ data remains on the device local storage. The eufy Security devices encrypt and stream data directly to your phones.

If you have any questions, feel free to let us know.

1 Like

I have Deep Packet Inspection enabled on my network and attached is the traffic profile for the Homebase (with Eufycam 2c) over the last week or so.

Can you confirm what the traffic going to Blizzard and Sina Video is for? As far as I understand, Sina Video is a chinese youtube.

4 Likes

Any update on this?

2 Likes

Yeah I’d like to know about this too. When support goes quiet on a subject…