Anker has acknowledged that its claims about the encryption of Eufy security cameras were untrue. Despite having previously claimed that all video footage was end-to-end encrypted, the smart home firm has now acknowledged there was a rare exception.
The company didn’t disclose the privacy issue until The Verge threatened to publish a piece about it for failing to respond to its inquiries. The Verge at the time published an extensive list of inquiries for Anker to respond to. It appears that the magazine has been having trouble getting responses because it only received one by threatening to publish an article about the company’s refusal to respond.
Anker ultimately acknowledged in a series of letters that their Eufy security cameras can and have produced unencrypted video streams for Eufy’s web interface. End-to-end encryption (E2E) was used for the video delivered to the companion iPhone and Android app, as stated. That transmission was encrypted so the video couldn’t be seen by anyone who intercepted it.
The same was true of video footage that was recorded and uploaded to the internet; this too utilized E2E encryption. However, live video feeds delivered to the internet were neither encrypted nor even authenticated, so anyone with access to the link could view the streaming video.