Security and Privacy

[tc10]

This looks like an interesting product and I see that a lot of people see it to be very good.

What are the security and privacy considerations for using this software? 

Who can see my video streams? just me?

Can I setup it up so that just family and friends can see it?  e.g. inside our house

Can anyone at SKJM see my video feeds? i.e is my video feed secure and private

Is there an option to make a feed public?  e.g outside view of ocean

Thanks.

[Stefan]

You setup the iCamSource with a login and password, so whoever you give that login and password to will have access to viewing your camera. You can also share a link to your camera in iCamWeb which only includes a SHA-1 hash representation of your login and password if you don't want to actually give the login and password out.

[quantumorbit]

You setup the iCamSource with a login and password, so whoever you give that login and password to will have access to viewing your camera. You can also share a link to your camera in iCamWeb which only includes a SHA-1 hash representation of your login and password if you don't want to actually give the login and password out.

This I already knew. The key question here I think is: What measures does SKJM take to prevent its employees from looking at the video feeds? Does it go through your servers or is this a peer to peer system? I haven't found any disclosures regarding this issue on your website.

Thanks

[shepherdswolf]

Great Question. 

[Stefan]

SKJM, LLC does not have employees other than the two founding members, Jay and myself.

The video does not stream to our servers, it is completely peer-to-peer between the iCamSource on your computer and iCam on your iPhone or iPod touch. Our server merely brokers the initial connection, and once that connection is established, all video and audio is streamed directly from your computer running the iCamSource to your iPhone or iPod touch running iCam.

I hope that answers your questions.

[shepherdswolf]

Awesome! Seriously my favorite application by far. The push notification has been working flawlessly! Great Job!

[Stefan]

Thanks!

[kikecaceres]

I agree that by far is the best program I have in my iphone !!!!!
Are you thinking the idea of using a screen button like a PPT mic for having a conversation

[Stefan]

Apple would not approve a two-way voice application that ran over 3G. That is why Skype for iPhone is WiFi only, currently.

[jax200]

Hi

I too am impressed with the app, however can you explain a bit more why I should not be concerned that it has the same "firewall- and router-piercing technologies and algorithms developed for fileai.com".   Why is this not a threat to my security and vulnerability to unwanted intrusions?

Thanks,  Jack

[Stefan]

With iCam you do not need to open ports in your firewall or forward ports in your router. The iCamSource maintains a connection with our iCam Broker Server, and when an iCam wants to connect, the iCam Broker Server tells the iCamSource to connect out to iCam.

It uses a proprietary, UDP-based protocol that is similar to STUN (http://en.wikipedia.org/wiki/STUN) to pierce the firewall and traverse the NAT.

[sticker592]

This is by far the most important topic concerning this product and still not resolved by simply saying that the video streams are only available to the user. The app looks really neat, but I am going to delete it immediately after I try it out (I already paid for it) until I am able to download the source code and see exactly what information is sent to your servers and compile the product that I use myself.

Companies lie about these things all the time. For instance, passwords to your email, banks accounts, brokerage firms, or online storage services are only known by you right? WRONG. If you break the law you will discover that all of your emails (even services like hushmail. which claim to encrypt everything on their server unless issued a subpoena), credit cards, bank transactions were actually visible to employees of the company all along. The passwords you choose for these services can also be recovered effortlessly. Even bank safe deposit boxes with "two keys" are pointless because the bank actually has copies of both keys. I found all this out because someone made false claims about me and even though no subpoena was ever issued, ALL of the above became public. You don´t even want to know what cell phones can do. Even pay service vpns turned out to be worthless because the vpn company is just as likely as your isp to over every byte that crosses their servers when told the right things.

[Stefan]

You're not going to be able to download the source code as it is not an open-source project, but you can use a packet sniffer to analyze the data that is sent between the iCamSource, iCam, and our servers.

We have stated a number of times in the forum that a user's login and password are never sent to the server, and that we have no way of connecting to or viewing our users' iCamSources.

The login and password are used to create a SHA-1 hash that is used to identify an "account" with the iCam Broker Server. That account hash is sent by both the iCamSource and iCam to identify themselves so that the server can match iCams with the appropriate iCamSources. The broker server is only there to help iCam and the iCamSource connect directly to one another. Once iCam and the iCamSource are connected all communication between them is performed peer-to-peer.

When iCam and the iCamSource make their peer-to-peer connection they use their login and password to generate a different SHA-1 hash to authenticate with each other. This second hash is never sent to our server and is only used to authenticate iCam to the iCamSource.

[krj]

I have an issue with the security.

I recently checked my iCamSource Preferences and noticed that "Num Connected:" had 6 users connected.  I am the only user setup to access my cameras (and I was using a complex login and password).  Somehow your software has allowed others to gain access.

I immediately shut down my cameras and stopped the program. A few minutes later I restarted the application and watched the Num Connected go back up to 2.

I have removed this software from my computers.

I do not now how long others have been watching and listening to my wife and myself.

[Stefan]

The only way that someone would be able to connect is if they either knew your login and password combination (or were using the same one) or were given an iCamWeb share URL.

If you could go to http://whatismyipaddress.com/ from the computer running the iCamSource and e-mail me at support@skjm.com what it says your external IP address is then I can attempt to look it up in the Broker Server logs and see if there are any other users using the same login / password combination as you.

We take the security concerns of our users very seriously (since we also use iCam to monitor our home) and would like to look into this issue further.