The answers Villines gives here are trying very hard to make the us feel better about this whole incident but I think they actually make me feel worse. To me this is one of the worst bits, the...
The answers Villines gives here are trying very hard to make the us feel better about this whole incident but I think they actually make me feel worse.
Since the very beginning, eufy Security was designed to allow users to stream live and recorded footage from their devices to their eufy Security mobile app. These streams have always used end-to-end encryption. And that encryption has always been done locally either directly on the camera or on a eufy HomeBase device.
The eufy Web portal was created for users to manage their account details and add optional services such as service plans and cloud storage. After receiving requests from some users, the product team decided to add a live view function to the Web portal so users could extend their security monitoring to their desktops. The Web portal was designed to require the user to login, but it was not designed using end-to-end encryption.
To me this is one of the worst bits, the product team added a new feature to the application with apparently no regard to the security of the product. A company whose engineering culture works like this is not a company I want to be writing software for cameras in my home, even if they've fixed the specific problems found by third parties.
I've been working for a company that handles very sensitive user data for about seven months, and the commitment to security that I see from every single employee still surprises and impresses me; it's in the culture of the company. That seems to be missing from eufy.
Strong agree, and it's exacerbated by the fact they've only admitted this after two full months of everything from downplaying to outright lying about it. Any credibility they may have had is long...
Strong agree, and it's exacerbated by the fact they've only admitted this after two full months of everything from downplaying to outright lying about it. Any credibility they may have had is long gone and I see no reason to believe what they're saying now, even if it does turn out that it happens to be the truth.
It's good that they've come clean (not in the sense that it gives them any good will, just that they've stopped obviously and provably lying about the situation). But I will never buy any sort of...
It's good that they've come clean (not in the sense that it gives them any good will, just that they've stopped obviously and provably lying about the situation).
But I will never buy any sort of connected device by Anker or their sub-brands again. They have 100% completely lost my trust for the way they've handled this. If a LastPass type breach occurred, I would absolutely not trust them to disclose it.
In fairness, I have been satisfied with the non-networked Anker products I've gotten. I do agree with you, though, in that I wouldn't buy a networked product from them.
In fairness, I have been satisfied with the non-networked Anker products I've gotten. I do agree with you, though, in that I wouldn't buy a networked product from them.
Their power banks, bars, adapters, chargers, and cables are by far the best for the price too, IMO. So, as disappointing as their behavior has been with Eufy, I will in-all-likelihood still keep...
Their power banks, bars, adapters, chargers, and cables are by far the best for the price too, IMO. So, as disappointing as their behavior has been with Eufy, I will in-all-likelihood still keep buying those products from them, because I don't want to risk frying any of my expensive electronic devices by using faulty/unreliable products on them. And unfortunately the only other brand I completely trust, Belkin, is more expensive and doesn't have as wide a product range.
I struggle with this one because I agree, their hardware products are great, but I also think it’s important to demonstrate that this kind of behaviour does have real consequences for the brand....
I struggle with this one because I agree, their hardware products are great, but I also think it’s important to demonstrate that this kind of behaviour does have real consequences for the brand. Even then, I bought a wireless charging pad the other week - just reordered the same model number I have a couple of already - and only realised days later that I’d just got one of theirs on autopilot, so it’s hardly the boycott of the century.
@cfabbro makes a good point about quality and safety as well, there’s more on the line than just inconvenience. I’m cautiously optimistic about the LTT Labs project there, but that’s early days right now and I’m not necessarily a fan of everything they’ve done as a company, so it’s very much a wait and see situation rather than a fix here and now.
The answers Villines gives here are trying very hard to make the us feel better about this whole incident but I think they actually make me feel worse.
To me this is one of the worst bits, the product team added a new feature to the application with apparently no regard to the security of the product. A company whose engineering culture works like this is not a company I want to be writing software for cameras in my home, even if they've fixed the specific problems found by third parties.
I've been working for a company that handles very sensitive user data for about seven months, and the commitment to security that I see from every single employee still surprises and impresses me; it's in the culture of the company. That seems to be missing from eufy.
Strong agree, and it's exacerbated by the fact they've only admitted this after two full months of everything from downplaying to outright lying about it. Any credibility they may have had is long gone and I see no reason to believe what they're saying now, even if it does turn out that it happens to be the truth.
It's good that they've come clean (not in the sense that it gives them any good will, just that they've stopped obviously and provably lying about the situation).
But I will never buy any sort of connected device by Anker or their sub-brands again. They have 100% completely lost my trust for the way they've handled this. If a LastPass type breach occurred, I would absolutely not trust them to disclose it.
In fairness, I have been satisfied with the non-networked Anker products I've gotten. I do agree with you, though, in that I wouldn't buy a networked product from them.
Yeah, it’s disappointing that this news is such a stain on the brand, as I like a lot of their stuff. Their magnetic cable holder is genius.
Their power banks, bars, adapters, chargers, and cables are by far the best for the price too, IMO. So, as disappointing as their behavior has been with Eufy, I will in-all-likelihood still keep buying those products from them, because I don't want to risk frying any of my expensive electronic devices by using faulty/unreliable products on them. And unfortunately the only other brand I completely trust, Belkin, is more expensive and doesn't have as wide a product range.
I struggle with this one because I agree, their hardware products are great, but I also think it’s important to demonstrate that this kind of behaviour does have real consequences for the brand. Even then, I bought a wireless charging pad the other week - just reordered the same model number I have a couple of already - and only realised days later that I’d just got one of theirs on autopilot, so it’s hardly the boycott of the century.
@cfabbro makes a good point about quality and safety as well, there’s more on the line than just inconvenience. I’m cautiously optimistic about the LTT Labs project there, but that’s early days right now and I’m not necessarily a fan of everything they’ve done as a company, so it’s very much a wait and see situation rather than a fix here and now.