Xiaomi security cameras are shut out by Google after discovery of a flaw that streams strangers’ video feed to wrong person
- One user was able to stream video feeds from the cameras of strangers
- Xiaomi isn’t currently able to integrate with the Google Home app or assistant
- Streams included people’s homes and in one case, a baby in a crib
- Google said it has reached out to Xiaomi to resolve the issue
Security cameras made by the Chinese tech company Xiaomi are being shut out by Google after evidence of a serious security flaw.
According to Android Police, Google revoked Xiaomi’s ability to integrate with its Home app or Google Assistant after some devices started to mysteriously stream video feed from strangers’ cameras.
The decision comes just a day after one Reddit user demonstrated the concerning flaw in a video.
Pictures posted by a Reddit user show how other users’ cameras mysteriously showed up in a feed being streamed to a Google Hub smart display. In the above picture a small child can be seen resting in a crib
The video feeds ranged from random interiors of homes and potentially businesses. It’s unclear how, or from where, the feeds are coming
The user, who goes by the name ‘Dio-V’ found that when attempting to view a security cam on a Nest Hub – Google’s branded line of smart home displays – the device instead pulls images from various security cameras that don’t belong to the poster.
Some of the images depict in-home videos of empty rooms, or in once case, a video still of a sleeping baby.
The camera’s owner was using a Xiaomi Mijia camera using firmware version 3.5.1_00.66.
It’s unclear what is causing the issue exactly, but according to 9to5Mac, Google has reached out to Xiaomi in an attempt to resolve the issue.
While the flaw is concerning, it doesn’t appear to have been replicated by any one else to date which means it may only affect a limited number of devices.
The news of a potential security flaw comes with bad timing for companies selling internet-connected security cameras, as a string of hacking reports cast doubt on the safety of popular internet-connected security cameras made by Ring and the Google-owned, Nest.
Questions over the devices security recently culminated in a class-action lawsuit being filed against the home security system Ring and its parent company, Amazon, that accuses the e-commerce giant of failing to protect their customers from hackers.
The flaw was documented by an owner of a Xiaomi Mijia camera using firmware version 3.5.1_00.66 (pictured above)
The complaint, filed in US District Court for the Central District of California, claims that Ring and Jeff Bezos’ Amazon, which bought the company last year, were negligent by not putting in place ‘robust’ security measures.
A string of hacks last month on Ring and Nest security cameras also caught media attention and were linked back to a podcast that broadcasts the intrusions for laughs.
According to a report from Motherboard, a podcast dubbed NulledCast, has been involved in a number of hacks on the Amazon-owned Ring security cameras in which hackers commandeer the device’s microphone to harass victims on the other side.
A mother from Mississippi released a video of the team behind NulledCast talking to her eight-year-old daughter through a Ring security camera in her bedroom.