Select Page
Wyze Camera Review: The Cheapest Home Security System You’ll Ever Find

Wyze Camera Review: The Cheapest Home Security System You’ll Ever Find

The Wyze camera feels like a scam. While companies like Nest and Amazon sell indoor cameras that cost anywhere from $120 to $200 or more, Wyze Labs is selling its camera for $20 (plus $6 shipping). This seems ludicrous. I was suspicious when I tried out the cameras, but if there’s a major downside, I’m struggling to see it.

Before we get to my experience, let’s get the obvious question out of the way: How can this camera be so cheap? For starters, Wyze Labs licenses the hardware from a Chinese manufacturer for dirt cheap. All Wyze adds is the app (which we’ll come back to later). The service costs are also extremely low. Out of the box, the Wyze camera can detect motion and save 12-second clips using Amazon Web Services, but that’s it. If you want continuous recording, you’ll need to supply your own Micro SD card. Unfortunately, there’s no option to record or automatically backup footage to, say, Dropbox or your own networked storage. On the other hand, that’s one less location you have to secure to keep your footage away from prying eyes.

Combine that minimal feature set and production cost with a thin margin (which Wyze hopes to make up for in high volume) and you’ve got yourself a recipe for a cheap camera that’s surprisingly not crap. Depending on how much you trust smaller manufacturers, it may even be the best choice for monitoring your home.

The Hardware May Be Inexpensive, But It’s Not Cheap

Compared to something like a smartphone, a home security camera doesn’t need much when it comes to hardware design. It doesn’t need to “feel good in the hand” or even look that attractive. It just needs to mount easily and point in a certain direction. On those points, the Wyze Cam excels. The camera’s base is magnetic so you can attach it to a metal surface with absolutely no setup whatsoever. To test it while I was out of town for CES, for example, I attached one camera to the side of my fridge. This gave me an excellent look of the kitchen and nearby office without having to drill holes or set up mounting plates.

If you don’t happen to have a convenient metal surface near where you’d like to mount the camera, it also comes with a sticky pad and a metal plate. Just stick the plate where you want and turn any spot in your house into a magnetic surface to mount your camera. Normally we’d be wary of a stick-on solution, but the camera is so light that it holds remarkably well.

The base of the camera is where the real magic happens on the hardware. With two joints and a rotating plate on the bottom, you can point the camera in nearly any direction. This simple design gives the camera a degree of flexibility that competing cameras can’t always match—and when they can, it’s not as flexible or doesn’t have the same range of motion. For a $20 camera, it has an impressively simple yet powerful design.

The Wyze App Gives More Expensive Competitors a Run For Their Money

The calendar timeline of alerts every home security camera should have.

Even if Wyze sold its app as a software suite for $20 without including a camera, it still might just be worth it. You can use the two-way microphone to speak through your camera and hear responses. Unlike other cameras, this is true two-way audio, not a walkie-talkie type solution where you have to take turns. You can also save photos or record your own clips (which will be stored on the AWS servers if you don’t have a Micro SD card) in an album.

With a Micro SD card inserted, you can record as much footage as your card can handle. A timeline in Playback mode lets you scroll back and forth through your footage to find the moment you want to see. You can also see a time lapse of all the footage you’ve recorded if you want to get the gist of what happened without watching it in real time.

Wyze also offers several smart features. It can detect motion or sound to save clips (though this can be turned off if you don’t want your footage stored on third-party servers) and creates a timeline of each event. This lets you easily see at a glance whenever something happened inside your home. You can narrow motion detection to certain hours of the day as well, if you’d rather only monitor for action at night. It can also detect smoke or CO2 alarms by recognizing the sound (no smart alarms required) and let you know immediately when something’s happening at your home.

The app interface isn’t always the easiest to use (it would be nice to be able to resize the history timeline for scrolling back through long security footage, for example), but for the included software with a $20 camera, it’s hard to be unimpressed.

Wyze Stores Very Little Data, and Encrypts It All

If you don’t want your clips stored in the cloud, just turn this off.

My biggest question with a $20 camera right off the bat is “What is it doing with my data?” For the most part, the answer to that question is that it doesn’t really collect much data at all. Unlike Nest or Amazon, there’s no option to continuously record video on third-party servers. If you want to store your camera feed indefinitely, you’ll need to supply your own Micro SD card. Your storage will then be limited to whatever fits on that card (with the oldest data being continuously deleted to make room for new footage).

What if you don’t install an SD card? In that case you have the optional ability to record twelve second clips whenever your camera detects motion. According to Waze, these clips use end-to-end encryption, so an attacker that intercepts the footage (or finds it stored on AWS) wouldn’t be able to see it anyway. Clips are also deleted after 14 days unless you save them, so there’s not a huge backlog of footage to pull from. If you’re still not comfortable with that, you can turn off motion detection and no footage will ever be recorded. Again, unless you supply your own Micro SD card.

Finally, there’s live streaming. If you open the app on your phone, you can get a live view of your camera’s feed whether you’re recording or not. According to a Wyze rep on Reddit, the streaming service is provided to Wyze by a company called ThroughTek. The video feed is encrypted so anyone snooping on your video stream won’t be able to see your video, and Wyze has even taken extra steps to make sure that video traffic is only routed through North American servers.

That’s not to say Wyze is without security concerns. Most glaringly, there is no two-factor authentication on your Wyze account. In a world where companies get hacked regularly, this should be mandatory for everyone, but especially an account with a direct video feed inside your home. It’s not quite enough to nix our recommendation (especially since the product is only a few months old), but it’s the kind of thing that needs to be at the top of Wyze’s priority list to fix.


Placing an internet-connected camera inside your home is always going to be a risk. Whether you feel comfortable trusting a company like Wyze is going to come down to personal preference. Personally, the local storage and option to turn off motion detected clips were enough to make me comfortable leaving two cameras trained on my apartment for a week. However, the lack of two-factor authentication on my Wyze account would give me pause if it’s not added before too long.

Wyze Camera Review: The Cheapest Home Security System You’ll Ever FindFor the price, though, you’re making very few sacrifices. Competitors like Nest and Amazon have a more robust feature set, but not by much. They also require ongoing subscriptions for some of their best features, which makes the higher price point for their cameras that much less palatable. If you want to monitor your home for dirt cheap, and you can bring yourself to trust a relatively new company, the Wyze camera might be perfect for you.

Browser fingerprinting: What it is and whether you should worry about it

Browser fingerprinting: What it is and whether you should worry about it

It seems as though user safety and security has been a white hot subject for aeons. It’s certainly always been a popular topic online, and the latest buzzword to learn is “browser fingerprinting.”

A browser fingerprint works much like a physical one. In short, it enables savvy analytics app users to identify individuals simply by studying the information their browsers leave behind when navigating your website.

This post will look at browser fingerprinting in more detail, and discuss when it’s useful and if there are drawbacks. We’ll also talk about how recent data processing laws impact whether you should use it or not. Let’s get started!

What is browser fingerprinting?

Of course, we’re all identifiable from our fingerprint — a unique pattern in the skin on our fingers. Though, you’ll usually only be identified in this way when a crime has been committed, and the police need to match prints left at the scene with a name.

However, this concept of fingerprinting can also be applied to other areas. Because a fingerprint is essentially a unique identifier distinct from your most recognizable elements (i.e. your facial features), the term can also be used to describe the trail of information you leave online.

For example, consider browsing to a website. Unless you’re using a video chat service, there will be no visual elements linking you to that site. However, there are plenty of unique elements that make up your virtual presence, and all it takes is a sophisticated tracker to piece them together.

Usually, these elements fall into two camps:

  • HTTP headers
  • JavaScript elements

The former is pretty simple, as they’re part of practically every HTTP request. However, the latter can provide plenty of specific data relating to your browsing patterns. This includes aspects such as your time zone and date, the browser you’re using and the platform it runs on, the system fonts you use, and the browser’s installed plugins.

Individually, these elements might tell you very little. However, when combined, they can make up a fully unique profile of an individual user, known as a device or browser fingerprint.

How is browser fingerprinting used?

In a nutshell, fingerprinting is primarily used for long-term profit-making opportunities — by which we mean ads. Companies that implement this tactic are looking to ascertain who you are, how you browse the web, what you’re interested in, and what you purchase.

By curating user fingerprints, they end up with profiles that can be used to tailor content and ads to each person’s specific tastes. This obviously increases the likelihood that those users will end up spending money.
Browser fingerprinting can also be used in the place of cookies, and is arguably a better option for ad servers. In fact, fingerprinting can effectively reassemble a tracking cookie after it’s been deleted. What’s more, third-parties can track you across the web based on the nature of the data collected.

Of course, for the end user, this sounds like a scary prospect. However, for a business, this presents a potential golden opportunity to earn money.

Is browser fingerprinting a tactic you should use?

As the saying goes: every cloud has a silver lining. However, when it comes to browser fingerprinting, this aphorism is inverted. In other words, the upsides of the tactic are soured by the downsides.

There’s no doubt that browser fingerprinting and its variants are the ultimate in customer profiling tactics. However, it’s slowly becoming a technique that many companies (including Apple) want to see stopped.

End users are also pushing back against browser fingerprinting.

Tactics to strip away any tell-tale information from your browsing history have become popular, leading to so-called “incognito” or private tabs and windows, which includes the slow-and-steady rise of search engines that enable you to search anonymously, such as DuckDuckGo, and sites such as Am I Unique? and Panopticlick, and much more.

Overall, when it comes to whether you should use this tactic, it doesn’t really matter that it’s a useful way to profile your visitors. End users are concerned, which should be enough to stop you in your tracks. Plus, now that some big-name businesses are getting involved by hard-coding ways to stop the practice, there’s little sense in funneling resources away from more traditional approaches.

How does the GDPR impact the use of browser fingerprinting?

You might not be surprised to learn that the General Data Protection Regulation (GDPR) has an effect on the use of browser fingerprinting. In fact, we may see the tactic evolve, given that websites now need to be transparent regarding how they handle personal data.

The data you collect through browser fingerprinting methods is classed as personal information, and as such has to be treated like any other data passing through your site.

Rather than seeing a specific mention of browser fingerprinting within the GDPR, therefore, you’ll find the various elements referred to throughout the entire regulation. When handled correctly, you can stay on the right side of the law, but you’re still likely to get pushback from your user base.

Use browser fingerprinting wisely

We’ll admit that these are tricky times when it comes to how we communicate with others, especially when their personal data is involved. However, with the introduction of the GDPR, we at least have some legal clarity on the best approach.

Browser fingerprinting has been a common tactic of user profiling for some time (albeit in varying degrees of application). It’s arguably the best way of finding out how your business is being accessed. However, if you don’t take the correct measures to look after your users’ data, the tactic could do irreparable damage.

DynDNS is currently being DDoS’d

Web Security Alert

DNS provider DynDNS, also known as Dyn.com is currently being attacked using a very aggressive DDoS attack. If you use them for your website DNS you probably have experienced outages today.

You can get status updates from DynDNS themselves here and also on Twitter.

This attack affects any website or online service that uses Dyn.com for DNS resolution. So far this attack has affected:

  • Paypal
  • Netflix
  • Github
  • Twitter
  • Esty
  • Soundcloud
  • Spotify
  • Amazon
  • Heroku
  • Pagerduty
  • Shopify

And many other large well known brands.

This attack may affect your website shopping cart checkout if you use a service provider who has been affected by the attack. It may also affect other features or services you provide to customers that rely on being able to contact a site affected by the attack.

The attack appears to be an attack on Dyn’s infrastructure according to their technical updates. They are working continuously to mitigate the attack. You can watch BGP routes change as Dyn tries to mitigate the attack.

Last Friday the source code for the Mirai malware that infects a very large (greater than 1 million) Internet of Things botnet was released to the general public. According to Brian Krebbs this “virtually guarantees that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices”. This large scale attack today may be related to the Mirai source code release.

DownDetector is showing many major brands are having trouble today. Click on a logo for connectivity details.

If you are affected by this attack, you should consider setting up another DNS provider as your secondary DNS or temporarily moving all DNS to another provider. This appears to be what Amazon has done to mitigate the attack. You will need to exactly duplicate your DNS configuration on the new provider before making it the authoritative DNS for your domain and this may take some time. The transfer may take up to 48 hours, by which time this may all be over.