Recently Amazon.co.jp had a sale on a Digoo BB-M1X from 4999 to 3999. It ticked all the boxes at a price point that seemed good if said boxes were ticked and included Prime delivery
I’m not quite sure what they are going for with the slogan there #lostintranslation
- MOTION DETECTION: As this is my 5th IP camera I am quite aware that any motion detection will most likely be terrible it was still something I wanted for the moment before I install Zoneminder in a Freenas jail, or get another solution.
- MICRO SD SLOT: Self explanatory, however my earlier IP cams didn’t come with any.
- Over 720p: This will for the moment serve to observe the front of the house. I would like to get a good view of the cars and faces of the numerous people coming to our door. (Yamato, Sagawa, Japan post, suspicious water people, nosy neighbours)
- NIGHTTIME InFRARED: Same as above
- RJ-45: This was important as I had tried out some cameras before which didn’t have a physical network port and they all relied far too heavily on the cloud for everything. My reasoning goes that if there is no RJ45 Manufacturers will make the install as simple and thus (insecure) as possible.
- ONVIF: With my recent interest in Home Assistant HASS.io I wanted this camera to be ONVIF ready and compatible. Which is clearly stated.
Camera test connected to a network. There is no http port to connect to for setup. You are forced to use the app. I hate doing that as I have to my wifi password, for the moment I had created a temporary SSID with a spare Buffalo with DD-WRT and temporary password on a different subnet.
Doing so allowed me to get the wired and WIFI Mac addresses to assign static IP addresses in PFSENSE to then completely block the IP camera’s access to the internet.
One peculiarity was that FING found the mac addresses and resolved them with different company names. A minor thing most likely (part availability) but note worthy to me.
A more worrying issue that FING found was the open telnet port which gives unprotected root access(more later)
In the mean time I downloaded the app “DigooEye” downloaded and the Digoo BB-M1X setup, it started to connect to servers scattered all over the world.
220.127.116.11 IGMP protocol
18.104.22.168 Alibaba.com LLC
22.214.171.124 Alibaba.com LLC
126.96.36.199 AS37963 Hangzhou Alibaba Advertising Co.,Ltd.
188.8.131.52 AS132203 Tencent Building, Kejizhongyi Avenue
184.108.40.206 AS16509 Amazon.com, Inc.
220.127.116.11 AS37963 Hangzhou Alibaba Advertising Co.,Ltd.
18.104.22.168 Aliyun Computing Co., LTD
22.214.171.124 Aliyun Computing Co., LTD
126.96.36.199 Aliyun Computing Co., LTD
188.8.131.52 AS37963 Hangzhou Alibaba Advertising Co.,Ltd.
184.108.40.206 AS45090 Shenzhen Tencent Computer Systems Company Limited
Is this what they are automatically doing? #connectingpeople
I’m not opposed to the idea that the camera connects to some servers if I knew why, but I do oppose this not being written anywhere and without explanation even when searching. In this day of facebook data mining scandal and over rampant data mining, why just give away more information for free, I prefer to keep my info my own.
The setup worked, the block worked. Re-setup the camera on my main network denying it internet access. Currently it sits on my network querying my router for DNS access at port 53. The other functions seem to work unlike a past experience with a terrible 180degree panoramic camera…