[alias_neo]

The other end should be you too?

Unless you intend for someone else to oversee your surveillance operation, your footage shouldn't leave your premises unless encrypted, using keys which don't leave your possession. You enter them out-of-band on the device on which you wish to watch remotely.

Is there some implied benefit to not encrypting end-to-end or are they just being lazy and using nothing more than TLS because security isn't really the goal?

[d1zzy]

> The other end should be you too?

But that cannot work with a cloud-based Motion Detection feature (arguably the second most important feature of Ring doorbell cameras, after the doorbell functionality). The Motion Detection is done server side so the server has to be able to see unencrypted video. Maybe if there was a lot more powerful (and programmable) hardware on the camera side you could do it there.

[alias_neo]

Makes sense, I thought there would have to be some "good" reason.

Your wouldn't need anything much more powerful than a Pi4B to do that part for a couple of cams, but I guess this keeps the cost down for a security-unconscious public.

[beatgammit]

I don't see why you couldn't. The hardware to do it isn't expensive, so the camera itself could do that processing locally and just send the data along with the video encrypted to the end device. It might make the product cost a bit more, but it would also eliminate most of the concerns I have with that type of product.