The only thing AI is used on in this project is strictly for user interface work (our website, the front-end for the mobile app, the front-end for the deploy tool). We carefully vet anything like that.
I think you may have misinterpreted my "automations, systems, and AI" (you put it in bold), that is intended to show my experience in machine learning (example: I spent 4 months in a lab helping improve the accuracy of wearable ECG abnormality detection). I do not rely on LLMs.
We're exploring Home Assistant integrations for the next update.
Unfortunately, iOS does not allow us to publish in 20ish countries, which are all Europe-based. This is due to certain legislation.
If you're technical, you could probably put together a locally hosted server on your Linux machine and use Tailscale or something like that, it should work fine with the code as-is. Our server binary is in the runtime-binaries zip in the core GitHub release.
Yes they do! Theirs is an IP camera.
Hi muusemuuse, this is meant to be a drop-in replacement to WiFi cameras (and therefore accessible to non-technical users, easy to use and easy to setup). Frigate is great, and we definitely recommend it if you have the time to get it up and running.
In regard to being able to use it without the app, that's not possible unfortunately due to the end-to-end encryption that takes place. An application needs to be on the other end to decrypt things.
Our app is available through Obtainium if you do not like the Play Store. It is also reproducible, so you can verify to make sure it was derived from our mobile_client codebase.
I understand your concern. The way we designed the deployment tool was under the assumption people would be using a freshly-deployed cloud single-use server for it (as we assume they have no technical knowledge).
I'm not sure if a container is foolproof. There have been multiple CVEs in the past allowing processes to escape containers through kernel vulnerabilities. Although, I'm happy to put containers on our to-do list if this will help.
As for what the proper solution should be for advanced users, I personally am not sure. I'd need to research that further. We do try to provide things such as reproducible builds, which means if you build the code yourself using our reproducible build script, they'll match byte-for-byte against our released artifacts. This at least guarantees that it was built from our repository's code, although it does not guarantee the code itself is safe.
I think something that will help here is our planned third-party security audit, which hopefully will be sometime this summer.
Yes, we are working on such a video. I will follow up here once that is ready.
https://mozilla.github.io/cargo-vet/index.html
2.4 "Importing Audits" goes into these third party auditors (the registry).
I can't speak to the account thing, I checked the guy you replied to and it seems like his is 3 months old, not yesterday.
I wanted to mention that we plan to get a third-party security audit by a reputable firm sometime this summer.
Thingino looks like a great option for changing firmware of IP cameras to be open-source, and is useful in local NVR-like setups! Our goal is to different: provide an end-to-end encrypted, easy-to-configure and easy-to-use WiFi camera.
To help mitigate that, we use Cargo.lock files to pin all of our dependencies checksums (integrity validation) until we want to upgrade. When we upgrade, we're working on having Cargo Vet to manually go through (in addition to trusted third party auditors) to ensure the changed code isn't malicious.
It should not be too difficult to set that up with Tailscale. There's no advanced configuration or anything of the sort. Download runtime binaries -> unzip -> generate a user credentials QR using the config tool -> put the user_credentials file in the user_credentials folder next to the server binary -> setup a service for the server on the machine you intend to use.
Our post was taken down on Reddit a couple hours after it was made due to a misunderstanding. The moderators re-instated it a day or two later.