Categories: Breaking NewsHacking

Nest camera, has a different definition for Turn off Mode

Findings of a research show that the Nest camera is still operating even after it has been disabled through the mobile application.

People buy security cameras to have a higher level of control over their lives, but recently a research by a team at ABI Research found that users also must be worried about the security device itself.

This news is about a security camera of Nest Company that was acquired by Google in 2014. The device is the latest product of Nest that enables users to see live video of their homes or to be notified about unusual motion or sound. Findings of research show that the camera is still operating even after it has been disabled through the mobile application. The LED indicator approves that the device is off, but the current drain illustrates something else. It is expected that current drain drops significantly when a device is disabled, but it’s not true in the case of Nest camera and current drain decline just 30 mA when the device in turn off mode.

“When a device goes to power down mode, you expect the current drain to drop quite a bit,” said Jim Mielke, a senior analyst at ABI Research.

The following table published by ABI research and depict current drain for different modes of operation.

Mode Resolution Current
Video Record – no motion 1080p 371mA
Video Record – no motion 720p 330mA
Video Record – no motion detected 720p 418mA
Video Record – no motion 360p 322mA
OFF Mode 343mA

“When Nest Cam is turned off from the user interface (UI), it does not fully power down, as we expect the camera to be turned on again at any point in time,” said Nest Labs in a statement. “With that said, when Nest Cam is turned off, it completely stops transmitting video to the cloud, meaning it no longer observes its surroundings.”

It can be argued that turn off mode has a unique definition universally and Nest approach to define turn off mode is bizarre. Even though Nest used 128-bit secure sockets layer (SSL) encryption, perfect forward secrecy and a 2,048-bit RSA key unique to each camera, but users might face new security risks. Lastly, this camera uses electricity constantly which is not an efficient practice in 21th century.

About the Author Ali Taherian

Ali Taherian (@ali_taherian) is an enthusiastic information security Officer. He’s finished his education in information security and has recently been involved in banking software and payment security industry. Taherian is proud to be certified IBM Cloud Computing Solution Advisor and ECSA and enjoys sharing and tweeting about security advances and news.

Edited by Pierluigi Paganini

(Security Affairs –  Nest camera, privacy)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

4 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

11 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

22 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

1 day ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

1 day ago

This website uses cookies.