Do Eufy Cam's send data back to China? Anyone confirm with Wireshark?

#5

+1

@AnkerOfficial

1 Like
#6

EufyCam seems to heavily rely on external Eufy servers, even though everything is supposed by work locally with a local SD card for local recordings, but when the Internet is down it doesn’t work anymore. Eufy Security - No recordings when internet is down This is because they use those Eufy servers in China.

Eufy is owned by Anker, which is a Chinese company. Also Eufy apps are created by a Chinese company Oceanwing Oceanwing?

Pretty disappoint to me. I wanted to buy an EufyCam until I found this. Which is in terms of privacy not a solution for me.

1 Like
#7

If eufycam is send the date to China , we need to stop used the products…

#8

I’m afraid this is a concern with pretty much any of the security cameras on sale. I tried out a couple of low cost offerings a while back and part of their setup asked me to “input your WAN address, router admin name and password”. Er, no. :roll_eyes:

I suppose it boils down to trust in the end, but with just about every company selling internet enabled stuff eager to violate your privacy for profit, and people actually paying to have “smart assistants” in their home, wotcha going to do? :thinking:

#9

The product has connected China server
My firewall log had The recorded 54.223.148.206

#10

I began disassembly/debugging, however didn’t complete it since the BAUD rate changes after the Linux OS boots. I had to send it back for replacement soon after because it had a fault anyway.

You can see my progress here: https://twitter.com/hookready/status/1177871629835214848

I have detailed my steps as much as possible so anyone with hardware debugging experience can use it as a small leg up. I may try again when I have another weekend free in a few months. If anyone with experience wants to work together, message me on Twitter.

#11

Any update on this? I want to buy the eufycam but it is a deal breaker if data is getting sent back to China

1 Like
#12

Hi @Kurt6 ,

Thanks for your question!

DNS is a network protocol that helps connected devices find the servers on Internet. It translates domains to IP addresses. You may consider it as an Internet phone book. You want to call someone but you only know his/her name. So you need to find his/her phone number on a phone book, then you make the call and talk to the person.

Here’s the Wikipedia page for detailed explanation:

The eufy Security products also need a “phone book” to find servers on Internet. That’s why it needs DNS services, sends out DNS queries and gets responses from DNS servers.

One of the global public DNS service providers is Google. We use it for the majority of the world. We also use another public DNS service in China, the one we’re talking about here. This is for China customers. As you may know some Google services are not accessible in some regions. We, as a manufacturer, do not know where a device will be activated or used. So multiple DNS services are needed to ensure the product can be used in different regions. Hope you understand that.

Sending DNS queries doesn’t mean any security or privacy concern. The DNS traffic is only for server lookup. It doesn’t contain personal data. No matter the Google or the 114 DNS services, they both point to the same eufy Security servers.

The eufy Security servers are hosted on AWS in the US, Singapore and Germany.
Users’ data remains on the device local storage. The eufy Security devices encrypt and stream data directly to your phones.

If you have any questions, feel free to let us know.

1 Like
#13

I have Deep Packet Inspection enabled on my network and attached is the traffic profile for the Homebase (with Eufycam 2c) over the last week or so.

Annotation%202020-04-09%20103834
Annotation 2020-04-09 103834.png1369×356 16.4 KB

Can you confirm what the traffic going to Blizzard and Sina Video is for? As far as I understand, Sina Video is a chinese youtube.

2 Likes
#14

Any update on this?

1 Like
#16

Yeah I’d like to know about this too. When support goes quiet on a subject…

#17

Some of my DPI stats:

image
image.png380×514 25.1 KB

Also on my DNS I can see:
security-app-eu.eufylife . com which redirects to an amazonaws server. At least eu servers.
Also zhixin-security-eu.s3.eu-central-1.amazonaws . com and eu-central-1.elb.amazonaws . com
Google those and you maybe find more.

Overall it’s not much traffic and no videos are uploaded. And using EU Servers should be “safe” for me. Yes, someone from Eufy could connect to my account an see all my videos. But overall it’s better than other cam’s I’ve seen.

#18

rosstests, what tool/device are you using the get the Deep Packet Inspection data?

#19

Felix19, what tool/device do you have to get this data?

#20

@clayton.newyork Ubiquiti devices like the Ubiquiti USG UniFi Security Gateway or the Ubiquiti UniFi Dream Machine UDM can do this.

#21

@Felix19, I have Ubiquity USG. I just have the default setup, so the dashboard shows the traffic pattern for all devices at home. How did you isolate to the specific Eufy cameras? Can you give the steps? Thanks,

#22

Left menu, click STATISTICS, there Users and see all devices, scroll down and find the Homebase or Camera or device you want to see, click it and see it’s data on the right panel showing up. There you can also go to STATISTICS again and there’s a link “Show historical data”. At least that’s the only way I know to get to that page.

#24

@Felix19, thanks for your help. I found it now. I did it by

  • CLIENTS ->
  • ->
  • DETAILS tab on the device popup ->
  • DEEP PACKET INSPECTION

Interesting it is sending data to other places… why even Amazon…

Screenshot%202020-10-22%20210150
Screenshot 2020-10-22 210150.jpg365×789 35.4 KB

#25

Amazon is AWS, Cloud servers nearly everybody use these days.

#26

Amazon is renting memory at their servers.
Business of our days.