Hey everyone,
We’ve built an open-source, privacy-preserving alternative to Ring cameras using a Raspberry Pi Zero 2W (called Secluso). It uses end-to-end encryption to send videos from the camera to a mobile app, which is available both in Google Play Store and Apple App Store. We also support Obtainium for people that do not wish to use Google Play.
We’ve put in a lot of effort to make it easy to set up! You can set up our camera on your own Pi in less than 5 minutes with minimal technical expertise using our easy-to-use GUI deploy tool. Here are our setup guide and open source release.
The image shows a Pi in an official Raspberry Pi enclosure that you can use for your camera. We’ve also been working on a HAT for the Pi to add night vision, audio, temperature monitoring for safety, all in a compact form factor. You can see the HAT and an enclosure for the whole camera in the photo.
We’ve been working on this for almost 2 years now, and we look forward to we look forward to seeing what you all think!
Very nice. I’m desperately trying to get rid of my Ring cameras. This looks like a viable option.
Ideally the thing should be broken into a “Camera captures images and makes it available in an open format” side and an “Application for Linux/Windows/Mac/iOS/Android/whatever reads said open format data and shows it to the use/records it in local hardware”, so that if one’s chosen provider for one of the sides enshittifies you can easily replace it, but I can understand the tendency to make and launch the whole thing fully integrated as one non-interoperable big bundle from a single provider given that in practice “do it and they’ll come” projects that just provide data in an open format in the expectation that other people will make the software that uses it, almost always fail.
But does it do frigate? Can it be used applessly?
Hi muusemuuse, this is meant to be a drop-in replacement to WiFi cameras (and therefore accessible to non-technical users, easy to use and easy to setup). Frigate is great, and we definitely recommend it if you have the time to get it up and running.
In regard to being able to use it without the app, that’s not possible unfortunately due to the end-to-end encryption that takes place. An application needs to be on the other end to decrypt things.
Our app is available through Obtainium if you do not like the Play Store. It is also reproducible, so you can verify to make sure it was derived from our mobile_client codebase.
Are only VPS relay’s supported at the moment? Presumably so the feed is accessible over the web?
I get that the project seems to be going for replicating a ring/wyze/etc style experience but being able to self-host a relay somehow seems like a logical addition. Would probably have to disavow connecting outside of the home network and leave that the responsibility of the user.
I think the point is to be easier than frigate. Eg a full image like home assistant, not needing to fiddle with docker.
I will keep pushing for my alternative : buy some out-of-order cameras and stick them in highly visible places.
0 maintenance, 0 infrastructure, 100% of the deterring effect working cameras would have had.
That works well enough to deter thieves from stealing your packages. But not so useful when you wake up to find a hit and run driver clipped your parked car over night.
Amazing work guys! Looks very promising. If I needed cameras I would use this.
You can also flash a Wyze Doorbell v1 with Thingino
https://github.com/themactep/thingino-firmware/wiki/Camera:-Wyze-Doorbell-(V1)
Lots of ways self hosting ways of doing bidirectional rtsp doorbell.
Any good open-source nvrs that support bidirectional rtsp? I know zoneminder didn’t last time I checked.
I’ve done a thing with Kamailio and Baresip and MQTT and Linphone on my phone so when someone presses the door bell button, I get a video SIP call from “doorbell”. But other I think are doing things with HomeAssistant, go2rtc and Frigate. I just didn’t like it so went my own way. Would love to have done my own Signal client that wrapped RTSP, but it wouldn’t be allowed on the Signal network, but Linphone is ok. Video SIP is standard at least.
Frigate has support for bidir audio
But it requires SSL to work, and WiFi cameras are not the greatest option for that kind of bandwidth.
I know, I tried it. It never worked right.
oh, didn’t know what tech it uses for that. that’s sad
This is interesting. Can you give me a ballpark on your hardware cost for an 8 camera system? What does integration for NAS look like?
deleted by creator
Nice! I’ve been wondering lately if there was an open-source solution for this
iirc pine64 so has a camera in their store
Yes they do! Theirs is an IP camera.
These comments are why privacy products will always be behind. Why open-source is full of dead projects. These people are just trying to make a living off making privacy-focused products. And all the comments are like “They’re a for-profit company? They had marketing material prepped to reply to people’s comments?!”.
The code is open-source, self-hostable, built using commodity hardware (raspi), and they’re just trying to make it sustainable by providing an optional paid service. This is not the enemy.
No good deed goes unpunished. The sense of self entitlement some people display is staggering. FOSS project? Well, you should have done x y or z.
Also, I gave you $3 via Ko-fi, so you need to provide customer support in perpetuity and come to my house and install it. And heaven forbid you try to recoup costs!
Projects don’t just die out - a lot of them are killed (one way or another). For example, I had a fully specced out FPGA design that would capture the signal from Wii GPU and do internal upscaled resolution (think: like what dolphin emulator does but with actual hardware) not just post process sharpening. Total cost under $100 and some know how.
The amount of flack I copped for it made me shut down the github and work on it for myself. Once it’s perfected, I may post about it again but I sure as shit am not compelled to deal with the fucking peanut gallery anymore.
I used to think Reddit users were too negative. Then I joined Lemmy.
Loud people are negative. Doesn’t matter the website.
A “privacy product” inherently involves a lot of trust. When the creators are academics with little to no professional footprint, you need to assess things based on what information they do provide you. Whether that be code (yay open source) or customer interactions (forum posts).
I know we all yearn for the days of “Use Google. Their motto is ‘do no evil’ so you know they are our friends!”. But… that was a much stupider time.
Like, even if you suckle at the teat of Saint Capitalism, you should at least want a good product. And… this looks like enthusiast code with minimal maintainability but a heavy emphasis on marketing.
Yeah, free, open source is fun, but we should also just support companies that have good ethics and want to make enough money to earn a living and keep making good products that respect people.
I want utopian space communism, but I’m not going to hold out for only that ideal when I can support alternatives that are better than the current system.
You do you, but I’m holding out for it… and only in fully automated, luxury, gay form.
You have my blessing.
Yeah supporting companies which makes privacy focused products, will create incentives for selling them to people which want them not just gaining additional profits from selling your data or showing you with ads
I see this with open source hardware a lot.
People want to get atoms for free. That doesn’t work. Give your money to companies like this.
Agreed, however the number of positive comments from one-day old accounts is suspect for me.
This is a security product where trust is paramount, so I get a bit itchy about anything like that, but I could be overreacting.
I can’t speak to the account thing, I checked the guy you replied to and it seems like his is 3 months old, not yesterday.
I wanted to mention that we plan to get a third-party security audit by a reputable firm sometime this summer.
Yea I edited that part because Lemmy was not showing me the right info, but there are more below, which is… Odd.
In any event, great to hear about an SA, and I have starred the project to check it out.
Money for nothin’ and your chicks for free. What a blessed utopia that must be.
I like what this project is trying to do, self hosted security cameras need to be more accessible to get people to stop using corporate spyware.
I’ve been looking for something like this. To be more accurate, I’ve been looking for something that works as a doorbell/intercom, that doesn’t rely on big tech in some way or other. But this seems like a promising start.
deleted by creator
I ended up going with Unifi (G4 Pro Doorbell) after my test-run with Reolink went… poorly. It’s technically still ‘big tech’ but all the parts are on my property and my control, and (at least for the doorbell, that’s all I’ve got so far) it works nearly-perfectly with HA (I can’t get custom screen messages to stick when assigned through HA).
Curious what went wrong with your Reolink run. That’s what I’ve got. Doesn’t require an app or account, and works with home assistant.
I bought a unit + 4tb surveillance drive, to replace a (what we thought was a) dying nest hardwired gen2 doorbell. I was excited - pulled it out of the box, ‘oh, it has an AC brick too! I can set it up and make sure it works before we install it’
Prepped the camera, prepped the nas to ingest the feed and drives, setup the non-proprietary stream (the acronym/letters escape me), all on the AC plug… And the feed, from the cam to the reolink app absolutely ground to a halt. I’m talking like, after 5 minutes of uptime, the feed was 60+ seconds behind. Absolutely wild. I restarted the app, phone, doorbell, no fix. I turned off the open-source (?) feed, going with only reolink’s proprietary stream. Better, but after 10 minutes it was still 30+ seconds behind. Reset the doorbell, set it up again, no change…
So either I got a defective/malfunctioning doorbell, a bad AC plug (but wouldn’t it just die if it was pulling too much power…?), the AC plug isn’t rated for anything more than very intital setup (I saw nothing about that in the instructions, and why would you do that…) or that is ‘working as intended’ which, why even bother if that is true.
B&H accepted both doorbell and drive, opened, no questions asked. Was very excited and it genuinely ruined my day. :(
Sorry to hear your bad experience. Was the acronym you were looking for ONVIF?
Yeah, that’s it!
I thought ONVIF is just the control, not the stream. the stream is normally RTSP
Why did you opt for pro vs nonpro out of curiosity?
It’s been a bit but I do remember I wanted the bigger screen, the fingerprint and nfc readers are nice to integrate ‘eventually’, and I think it was only an extra like $75? Oh, and the secondary package cam, that was the main factor tbh.
I wanted to get the poe version + their chime, but I got vetoed since ‘we already have a mechanic chime’ and I don’t have PoE setup in the house. But my pitch for the pro model was successful and an easy sell.
The only thing worse than your partner vetoing you is when they’re right.
Thank you for the response, very informative!
Can I have the video pushed to a self hosted server (eg NAS or proxmox VM) and just have my android be a client of that server?
In theory, that should be possible. We haven’t tested it.
Isn’t that the premise of the “$4 ubuntu over droplet deployment” option?
Instead of having Secluso-Deploy ssh into some cloud box and prep it up with the server-side software, why not have a container deployment option as well? I get that you want to ensure that the server is publicly reachable for the mobile clients to work on the go, but ultimately (and in all honesty) at this point, that should be a user concern/choice (those more advanced users may be peculiar about running behind tailscale, a home-VPN, a port-routing config, …).
Needless to say, most people here might find it easier to work with containers and build trust in the project by having it run in an isolated environment with limited permissions than blindly trusting that the code is what it says it is and not quietly running a botnet at digitalocean with their PII attached.
I understand your concern. The way we designed the deployment tool was under the assumption people would be using a freshly-deployed cloud single-use server for it (as we assume they have no technical knowledge).
I’m not sure if a container is foolproof. There have been multiple CVEs in the past allowing processes to escape containers through kernel vulnerabilities. Although, I’m happy to put containers on our to-do list if this will help.
As for what the proper solution should be for advanced users, I personally am not sure. I’d need to research that further. We do try to provide things such as reproducible builds, which means if you build the code yourself using our reproducible build script, they’ll match byte-for-byte against our released artifacts. This at least guarantees that it was built from our repository’s code, although it does not guarantee the code itself is safe.
I think something that will help here is our planned third-party security audit, which hopefully will be sometime this summer.
The poster’s account is under 1 day old. There are multiple brand new accounts interacting with this post, too.
And one of them is replying with positive sentiment.
But the one calling it sus is also 5 days old, and making good points.
🤔
I guess its just us in here then, among these AI bots.
Now hack ring cameras so existing installed cams can connect to your own hosted network.
