this post was submitted on 16 Jan 2024
326 points (98.8% liked)

Technology

59578 readers
2784 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Private security footage is nothing new to criminal investigations, but two factors are rapidly changing the landscape: huge growth in the number of devices with cameras, and the fact that footage usually lands in a cloud server, rather than on a tape.

When a third party maintains the footage on the cloud, it gives police the ability to seek the images directly from the storage company, rather than from the resident or business owner who controls the recording device. In 2022, the Ring security company, owned by Amazon, admitted that it had provided audio and video from customer doorbells to police without user consent at least 11 times. The company cited “exigent circumstances.”

Archived at https://web.archive.org/web/20240116132800/https://www.themarshallproject.org/2024/01/13/police-video-surveillance-california

you are viewing a single comment's thread
view the rest of the comments
[–] oozynozh@lemm.ee 12 points 10 months ago (2 children)

do you mind sharing a basic explanation about your setup? i'm looking at doing something similar with TrueNAS and NextCloud.

[–] BearOfaTime@lemm.ee 13 points 10 months ago* (last edited 10 months ago) (1 children)

One way to get access, rather than a cloud solution, is to use a mesh network solution like WireGuard/Tailscale (and I'm gonna mention Hamachi on Windows, because I've used it since about 2005).

These solutions create an encrypted virtual network between devices that runs on top of whatever network you're currently on.

In this way you're never exposing internal resources, in any way, to the internet*. Only to other devices that are running the client app, using your encryption keys.

I'm currently running Tailscale on a desktop at home, all our mobile devices, and a Raspberry pi. I can connect to SMB shares on my home desktop from my phone, wherever I am (I mention SMB only because it's not routable, and insecure. Any network protocol can run over a mesh network. I also run FTP, SFTP. Html, etc).

I've kept my laptop in sync with my desktop at home this way (using Hamachi) since ~2005.

This approach means you're always using LAN connection methods, rather than relying on a cloud you don't control.

*With Wireguard/Tailscale you can expose specific resources to the wider world, but you have to specifically configure it.

[–] oozynozh@lemm.ee 1 points 10 months ago (1 children)

Ah, yes. Tailscale. That's a pretty obvious solution that I hadn't considered... Thanks for the recommendation.

[–] BearOfaTime@lemm.ee 0 points 10 months ago

I'm just glad to have it. I used Hamachi for years and have been looking for a mobile client since 2010.

Glad Wireguard/Tailscale stepped up and are developing more.

[–] Tremble@sh.itjust.works 1 points 10 months ago (1 children)

That might be something I would consider but I doubt I have the know how

[–] BearOfaTime@lemm.ee 2 points 10 months ago* (last edited 10 months ago)

With Tailscale, very little know-how is required. Install the app on 2 devices, see it in action.

Depending on your home devices, you may need to enable Subnet Routing on a device that can run Tailscale, since the DVR/NVR may not have the capability.

A Tailscale Subnet Router will route Tailscale traffic to the LAN on which it resides, so you can access devices that can't run Tailscale. For example, I've printed to my home wifi printer while remote. I've also used it to access a computer that didn't have TS installed yet because I'd just set it up, and a digital photoframe that only supports SMB. My subnet router is a Raspberry Pi, because it's always on. But it used to be my Windows desktop, because it's always on.

Tailscale documents it all pretty well. You install your first client, in the process creating a TS account (which is used to automate the encryption key management). Then install to your second device, and ta-da, you have a TS Mesh network.

To enable Subnet Routing, you open the management console via one of your TS clients, it'll open in a browser. Pick the device, check the box for Subnet Router, select the network (it'll be a choice, only one, because it's only on one LAN), and Bob's your uncle.