The home security camera market has taken a big hit in recent months, becoming the poster child for “bad security behavior” when people talk about the security (or lack thereof) of Internet of Things. Last year’s highly publicized DDoS attack on Dyn highlighted insecure cameras being used as part of a botnet; vulnerabilities were also found in Chinese-based security cameras and at least one Samsung SmartCam product. In the U.S., the FTC filed a complaint against D-Link over claims that their webcams were “secure”.
So security is now top of mind when it comes to new products being introduced. In this case, I received a review sample of the Samsung SmartCam PT ($179, Amazon), a pan-and-tilt model (96-degree field of view, 155-degree tilt and 350-degree pan) that offers users more advanced features like 1080p HD live streaming, auto tracking (the camera moves with any subject moving), motion zone select and privacy mode (you can tell the camera to tilt it’s lens down 80 degrees). But lingering over these new features is the question about how secure the camera is and whether you should trust the camera to not be taken over by hackers (especially if you’re using it to track things inside your house).
Setup via app
Like previous models of the SmartCam line, setup is achieved by downloading a mobile app (iOS or Android, I tested with iOS), then following the instructions on the app to install the camera. With the app running, you push a button on the camera in order to connect your phone to the pre-installed Wi-Fi SSID and password. You can then direct the camera to configure to your existing Wi-Fi network and password to complete the setup.
The SmartCam app lets you install multiple cameras in this way. In my case, the app had registered a previous SmartCam, which was now offline. I couldn’t delete the camera from the app, it wasn’t until later when I could access the cameras through the web browser, that I could delete the old camera.
The SmartCam PT is powered by a USB cable attached to a standard power plug – the cable is longer than typical USB cables seen in other cameras, so getting good placement within your home shouldn’t be too much of a problem. The camera is designed to be an indoor camera, so in theory you would be relatively close to a power outlet. The package also comes with a plastic base/bracket and screws if you want to mount the camera on a wall – the base allows the camera to be placed and retain its pan/tilt features.
The app: Features, features, and more features!
The SmartCam app is a jumbled mess of options – it feels like the makers wanted to show you everything the camera can do – and then some – right on the same screen. After accessing the camera, you get four instructional pop-up windows that indicate what the different icons on the interface mean.
Here’s the list:
- Save video to cell phone
- Save video to microSD card
- Save as an image to the cell phone
- Initiate two-way conversation
- Select video resolution
- Melody on (choose from different siren types: Police Siren, Alarm Siren or Dog Barking)
- Adjust camera brightness
- Reverse a screen in the left-right/up-down/diagonal axis
- Configure a motion zone event
- Audio recording and listening
- Switching to the privacy mode (pans the camera down so you get a black screen)
- Switch the camera direction
- Go to the Home Position
- Auto track a person or object
- Go to a set position
- Save the direction of a camera to move
- Play video in enlarged view (up to 4 times)
- Move and watch a video
Most of these icons show up on the bottom of the interface during the live view of the camera; in addition to the other options that overlay the image from the camera. Some, if not all of these features might be better enabled through menus in a Settings option rather than on the live display. For example, choosing which siren option to play, then just having a button that initiates the siren. In addition, settings like setting the motion zone is better handled through the web interface or tablet than on a tiny mobile phone display.
Fun with PTZ
The main reason you’d buy this particular model is for its pan and tilt feature. This gives you a 350-degree pan (left to right) and 155-degree tilt (up/down), along with a pretty wide field of view. This gives you the benefit of being able to see an entire room more so than other fixed cameras, which have smaller ranges.
This feature also enables the company’s Auto Tracking feature, which will move the camera around once it detects motion – so if your dog comes into the room, the camera will follow it around. This can be very helpful in terms of catching someone breaking into the house – the extra time can be useful in identifying intruders.
The privacy mode is also very impressive – by enabling this mode, the camera tilts downward 80-degrees, effectively blocking the lens from capturing any images. This feels like a mode to help ease the mind of the end user – it’s saying, “well, there’s still a possibility that hackers can break into the camera, but if this mode is enabled they won’t be able to see anything.” I liken this to the putting duct tape over your webcam lens approach of security. Privacy mode can also be scheduled via the web browser settings – you can tell the camera to go into privacy mode during specific days and hours of the week (like when you’re at home).
Image and video quality
Image quality from the 1080p camera was very good – a crisp, clean image was possible most of the time. The camera has some features to help improve images and video. First, depending on your broadband network speed, you can choose low, medium or high resolution. The camera also features two image correction features – LDC and WDR labels offer image distortion improvements and backlight compensation features to help correct bad lighting scenarios. The Night Vision mode was fun to use – you can watch live night vision mode to watch the room in the dark, which gives off a very Paranormal Activity vibe to it.
You can use the app or the web interface to take snapshots from the camera, which can be saved to the phone, your computer’s hard drive (if using the web interface). Motion-detected recordings can only be saved to an inserted microSD card (up to 128GB, card not included). The company has started a cloud service (SmartCloud), but it’s currently only available for the SmartCam HD Plus (SNH-V6414BN) camera, not this one.
Yeah, but is it secure?
The big question, of course, is whether the camera is secure. As they say in the security industry, “nothing is 100% secure”, it’s just a matter of how much security you put into the product. The makers of the camera are certainly trying, or at least they’re trying harder to secure the devices than seen in previous models (considering the SmartCam SNH-1011 was found to have a big vulnerability).
For this camera, you can only set it up via the app, which requires an account and password. You then have to set up a camera password that you have to enter every time you login to view the live image.
An nmap scan of the camera revealed eight open ports, but no major services or vulnerabilities were discovered. A scan of some other cameras on the Cool Tools network showed no open ports, so I’m a bit concerned about why the camera would need those ports to be opened.
Checking to see whether the firmware was updated was more difficult than I wanted – you have to check via the web browser interface, and even then there’s no button that would let you install new firmware. Perhaps it was because I was using the most recent firmware that I didn’t need to install it, we’ll see what happens if they do a firmware update and whether it’s automatic or not.
So my answer to the question above is “Ummm, well...” As long as you practice good security behaviors (difficult password creation, keep the firmware updated and change the passwords regularly), you should be able to feel somewhat confident about the security of the camera.
Bottom line: I liked some of the advanced features of this camera, especially the pan, tilt, night vision and privacy mode options. But the app and user interface is too jumbled for my liking – I get that you want to show off how many features you have, but a better job needs to be done on organizing the app and explaining these features to the end user.
Grade: 3 stars (out of five).
In some ways, Google is like every other large enterprise. It had the typical defensive security...
The university's hijacked vending machines and 5,000 other IoT devices were making seafood-related DNS...
The U.S. government reportedly pays Geek Squad technicians to dig through your PC for files to give to...
Almost 20 years ago, Chris Wysopal was among a group of hackers who testified before U.S. Congress,...
Verizon’s recently released its annual breach report that examines some of its cases where the RISK...
Prolonged sitting is part of the job for many people in the tech world. Walking meetings can help...
The increased use of mobile devices in the enterprise means IT must pay close attention to security and...