Was literally going to do a ShowHN later this week for a side-project I've been working on that hits roughly the same use-cases: https://chewcam.com (just finishing up some last minor bugs).
Major difference looks to be broad vs narrow feature scope (haven looks very in-depth, with lots of sensor options, etc), native app vs browser based, and long-running (security camera) vs short-lived sessions (hour or two here or there).
Not sure if its appropriate to tack on-to this thread or if I should make a separate one, but figured its closely enough related that someone interested in Haven might be interested in chewcam as well.
> Not sure if its appropriate to tack on-to this thread
Shameless plugs are generally quite appreciated on HN, when done respectfully at least. A large percentage of people here are either entrepreneurs or wantrepreneurs, so understand the struggle.
I like the project, but have a slightly different use case. I am describing it in case you were up for adding features to your project or if you could point me towards something that would help me.
My grandmother has dementia. We would like to install two cameras in her apartment; one in the hallway and another one in the kitchen to check if she got out of bed, took her meds, make sure she doesn't let strangers in, and doesn't wander out of her apartment. Cameras such as Ring and Nest would be ideal, but we can't afford them. If your app allowed us to both stream the video continously and store it for at least 48h for up $5 a month, we would use sign up instantly.
FWIW I've setup Raspberry Pi W cameras [0] as security and garage door opener (w/relay on GPIO) cameras for friends/family, using MotionEye [1] as the interface.
I just use a cheap VPS like Vultr [2] to terminate persistent ssh tunnels from the cameras and run a self-signed https gateway into them. It's under $5/mo for the cheapest VPS option.
It's a bit of work to get it set up, but nothing crazy hard if you know your way around something resembling a LAMP stack and ssh tunnels. There's no third parties integrated so you control the data and have a lot fewer privacy/safety concerns in general.
If there's no wifi available, at&t offers mobile hotspot prepay service for as low as $25/mo.
I've been relying on the command= syntax of .authorized_keys to restrict what's possible, but I'm not 100% confident in that being impervious to intrusion should someone get access to the on-camera SSH tunnel private keys.
Wireguard is somewhere on my mental todo list for possible replacement of these tunnels, but they do the job and SSH is going to be listening either way to admin the VPS.
I've had absolutely zero problems with them overheating, and that's even using them as security cameras in a desert cabin without AC, where outside ambient temps exceed 120F.
The only thing I did to prepare them for that abuse was adding a small adhesive-backed aluminum heat sink [0] to the CPU. It only required some filing of the fins to fit in the tight packaging of the camera enclosure.
I never attempted running them without the heat sink, knowing it was going to be a rough desert life for them. So I can't even say if it was necessary.
It's also possible my software settings which are optimized to minimize wifi bandwidth and storage consumption are helping keep things cool. The `motion` process is only using around 15% CPU continuously, and the loadavg hovers around .27, FWIW.
Two Wyze cams for $50 - solved. No monthly fee, has some AI stuff that boxes around heads / people.. has android app notifications, remote viewing..
Have a location that uses one of these on the inside plugged into a battery backup and a blinkxt wireless cam on the outside (can put these anywhere / wireless ) that needs fresh l-ion batteries every couple months.
no monthly fees, text alerts, apps with real time and recordings of what happened earlier / yesterday..
no idea where the data is sent for these for their cloud, but the Wyze also has on board sd card for secondary backup data..
or how long they will last or the cloud will do the video for free basically.. my samsung indoor cam lasted about 3 years before it bricked and these a replacing that.. at that price if they last that long it works for me.
Thanks for the suggestion! From what I read, Wyze's cloud doesn't store continuous recordings. They only store 12 sec event-triggered videos with events being at least 5 minutes apart.
They say that continuous video can be saved to a microSD and played back in Wyze app. Do you know if this playback works remotely or would I have to be on the same WiFi?
not sure about all that, I see another posted a reply that seems to allow app access remote - have not tried yet.
For continuous - I used an offline completely ,swann wired security system outside, and a secondary wired system from nightowl that has an app they say after setup never touches their servers, for remote access, also now has Human detection technology. - around $250
More expensive on the front end, and have to deal with wires, but keeps days worth of recordings, keeps it local - have not tried the app / remote access setups yet because I see a rabbit hole of getting into router settings for private network setup and all that. One of these days when it's more needed.
It might be an option to connect the cameras to some computer (like an older laptop) via a USB extension cable and record the video locally, while using VNC, TeamViewer or some other remote desktop software to connect to that computer to view both the stream and the records when needed. No need for a cloud solution that way.
You should talk to robert zmrzli, a google engineer and friend how also made wellnuo.com which is an active sensor system for tracking exactly this use case. If your email is in profile ill email intro you guys
I would recommend Blink XT2 cameras for the home health care setting (dad had a hemorrhagic stroke and recovering with hemiplegic paralysis), they are dependable and I plugged them in so they run off lithium ion batteries as a backup.
I get real time motion clips for peace of mind to monitor his nurse caregivers and can watch latest clips in a timeline view.
No monthly cost and peace of mind you don't have up reboot a buggy Android app or raspberry pi solution.
Get an Amcrest camera, $40 and you can stream straight from the camera. It has motion detection built in with phone or email notification (with still shots or video of the motion) and a full featured app including DVR (while you are watching). For $100 or so more you can also get a network DVR that will always record and you can watch from your phone at any time
It would be nice to have a user flow pathway that demonstrates how your product works.
Currently your only options are "View camera" and "setup camera", but if you're a new user and you want to see how it works, you're out of luck... That could lead to bad conversion rate...
Great suggestion, I saw a week ago or so here some open-source stuff from trevor.io (I think?) for doing a simple walkthrough gif. Might work on adding something like that.
A friend uses an old phone as a power outage detector. The phone is constantly charged but is set to automatically notify once it's below (IIRC) 97% charge. If a blackout occurs, the battery would drain and the phone would notify. It's not an accurate measurement, but works well in practice.
There must be, but my friend chose an almost out of the box solution using an app from the Play Store, and the app only supported alerts per charge level.
3c toolbox might possibly be able to do this more flexibly; it allows running shell scripts in scheduled tasks and "watchers" (run hard on device status). Shell script can probably be used to send a text message.
There's a local provider which has a plan with absurdly low limits (something with about 100 Mb total, tens of SMS messages, etc.) + a low fixed price per month to match. Power outages are rare enough that this application doesn't need much of plan.
This is great. If you use this app on a spare android phone for vehicle security be careful because in the city where I live if someone sees a phone in your vehicle- and many people are looking- they will break your window and steal it. So maybe don’t put it in plain sight or disguise it as something else.
Not the OP but I know that in San Francisco smash and grab car break-ins have been at epidemic levels for a while and it doesn't require having anything visible. It's simply that the large number of urban tech workers increases the odds that any reasonably nice, recent model-year vehicle will have a high-end phone, tablet or laptop hidden within.
I parked my car overnight in a large, well-lit city-owned structure with cameras and live attendants 24/7. I parked right under a light, near the elevator/stairs in a higher traffic area and it still got a window smashed by someone despite nothing being visible. Nothing was stolen because there was nothing to steal but still annoying to file insurance and get repaired.
I know people that have reinforced metal lockboxes installed in the back of their SUVs to secure their laptop bag. Most people just take their laptop backpack everywhere but bag-grabs are increasingly common and even more scary than car break-ins. One guy I know who lives and works in downtown SF doesn't have a car because he can walk just about everywhere he regularly goes in the city. Last year he stopped taking his laptop anywhere in SF and doesn't carry a backpack anymore. He now just keeps a system at home and an identical system at work.
Not only that these are at high levels the city is exploring a program to pay (using taxpayer dollars) for window replacements for such victims, which is both right and wrong at the same time...
Wow. I hadn't heard that. It sounds like a plan only a politician entirely unfamiliar with the concept "unintended second-order effects" could possibly like.
Yes, these and related issues combined with the insanely high cost of living are causing a lot of people I know to leave (or plan to soon leave) the bay area to work remotely. People have lost hope things are going to improve because the policies the local government enacts to 'help' fix things keep triggering second-order consequences that make things even worse.
I don't live there anymore but used to like visiting quite often. Now I avoid it whenever I can which is sad.
A laptop shoulder bag I understand being grabbed away from you, but how do you get your backpack stolen off your back assuming you aren't held up with a weapon?
Dang dude, where do you live? I'm a lifelong Detroiter and my car has no end of electronic shit inside it, some visible, some not. It's never been touched.
The only times I've had cars broken into were when I was visiting DC and when I was working in San Jose.
I live in Europe (the Netherlands) and I most definitely empty my car. I've had two smashed windows, my dad has had one, and besides, it's all uninsured: the insurance companies do not consider the trunk of your locked car a "safe place for valuables".
when haven was first in the news I found a T-Mobile store in my city that had several android devices on display which had an Internet connection and allowed downloads so I installed Haven on them and set them up to send notifications to my phone.
Put it on a private VLAN (eg guest Network that can't be reached from main network), pull the Sim card, uninstall all non-essential software, turn off all non-essential services.
Although I prefer "Internet of un-updated linux boxes". (A thing to which I'm ashamedly a party to. I was in a startup ~5 years back where I was responsible for the backend that provided the software and OS updates (a customised ARCH Repo and pacman config) for our hardware. The startup went under, having shipped the first production run. I kept the Arch repo up on my own dime for as long as I could, but eventually the control over the domain dried up and the subdomains it relied on no longer existed... There weren't many of our devices still connecting to them that last time the log files showed connections, but I'm looking at two of them right now which I've been occasionally doing security updates to by hand. I feel bad each time I do it, knowing there's customers out there who bought our stuff who are no longer getting any updates...)
That's going to be hard to deal with, principally because I'm sure many of the control apps only search for devices on your local subnet and don't allow manual specification of IP. If they do allow manual specification of IP, then you could probably do what the other person who replied to your question suggested: multihome a router, establish a hardened second network, and leverage port forwarding. If they don't, then you need to put them on a separate network and put a controller on that second network too (eg an old phone, tablet, smart speaker).
Alternatively, you could set up a bridge by hardwiring the device to a raspberry pi and then use the pi's WiFi to connect to your existing network. You then set up traffic forwarding across the NICs, man in the middle all the traffic, and only allow certain traffic in and out. This avoids the need to create a new network.
A small router device put in between might help, say a repurposed (OpenWRT?) WiFi access point, or a small Microtik or similar devices. By having forcing all IoT devices on a second private WiFi network would allow to set rules so that for example they can be reached by devices on the home network but are prevented to connect anywhere else on the outside.
No security updates means potential for exploits, not definitely exploited. If you don't open yourself up to exploits by using the browser or untrusted apps, you're pretty unlikely to be compromised even with an older phone.
If this concept gets popular enough eventually the majority of users will start using the same old model Android phone(Nexus 5, etc.). That's when all of the unpatched vulnerabilities will become a serious problem that's difficult to fix.
It's not difficult to fix. It's just that corporations want you to throw out and buy a new phone every year. This is what happens when you let the same company make the software and the hardware.
> This is what happens when you let the same company make the software and the hardware.
Not sure that follows, it seems a quite Android-centric view? (Which I guess is valid in the context of this discussion...)
Apple do a remarkably good job (in my opinion) of providing software/security updates to older iOS devices. iPhones as old as an SE or 6S are still getting current versions of iOS.
I have a _much_ harder time keeping similar aged Android devices up to date (My Galaxy S6Edge has been stuck on Android 7 forever. I'd need to root it and install a 3rd party ROM to upgrade it. I haven't done that because I use it still as a mobile app test device, and I don't personally "trust" not stock OS installations to be particularly valid test devices for work apps...)
That is because a Samsung uses OLED which suffers burn in (since blacks emit no light on these screens). Newer phones do subtle shifting of long running pixels to avoid burn in. You can “fix it” by putting a light gray image as full screen for an hour or two a night. This will eventually ruin your phone... my Samsung s2 and note 4 which I use as a on-the-go baby monitor are almost useless for reading any kind of text
I started to write a comment about the poor job Haven is doing defining "old phone". There wasn't anything on their website, git pages, or online slide presentation. Then I realized _they_ aren't using "old phone" anywhere...
I could have sworn that when talk of the app first surfaced, they actually used terms like: "repurpose your old phone". That seems to have vanished ...or... the initial articles (along with the title of this post) are editorializing.
Still... it would be nice to get a sense of system requirements somewhere on Haven's pages. They have not included reqs anywhere. I have a ~5 year old phone (Android 4.3, 2gb ram, 16gb storage, 720p) that, I guess, I'll pull out and experiment with.
I really like the idea. However, I wanted to use it last summer and really had mixed results, and it was a Nexus 5, which is no slouch of a phone. I hope the detection and reporting (via Signal) has improved over time.
> Note that it is not necessary to install the Signal app on the device that runs Haven. Doing so may invalidate the app's previous Signal registration and safety numbers. Haven uses normal APIs to communicate via Signal.
Hm, I wasn't aware there was a way to do authenticated e2e encrypted signal messaging without a phone number? If there's an Api, then any third party app can send signal messages now?
I can't seem to find anything related to this at signal.org - what am I missing here?
Signal doesn't support messaging without any number, no. You can interact with it programmatically though if you give it a dummy number (even twilio, etc work fine). I personally have a REST endpoint running on a server that has its own number just to be able to get notifications and so forth from my server when I need it.
I wrote the software with the intention of allowing it to be used as a Twilio-like service, but I'm not sure how much utility anybody else would get from it. The messages from the source to the API obviously aren't protected, so the only use case it has is convenience rather than security. The lack of a signal implementation in a sane language (I'm interacting with signal-cli, which is a wrapper around the Java one) makes this a lot more difficult to just drop into other random tools unfortunately. I might just end up releasing that service as an open source tool if other people find it as something they'd want to be using for their own purposes.
Signal also has some pretty heavy rate limiting on things like numbers which are annoying to hit because things just tend to break. They don't have any other way of preventing spam and crawling of the service though, so I completely understand it.
That wouldn't make much sense, the point of these apps is to do security surveillance (sort of), if you had to consciously connect from time to time to see what happens in your premises and review that everything is OK, you would do so the first two days, then would forget about it. Like doing backups by hand.
Reminds me there is a reddit thread on how airbnb has a department that just deals with hidden camera reports because there are so many.
So this can be for great good or great evil (there's another app to sweep for hidden cameras and look for IR reflection but that's obviously imperfect and for another thread).
Does anyone know any open source security software that uses AI to search for a particular event? ie: "only notify me when "X" person enters the room, but not my dog"?
I believe the https://www.netatmo.com/en-gb/security does on-device AI that recognizes different people, and lets you use an app to tap into and tell it sames (or other ids) of friendlys to ignore. - Notify if new person is detected that has not been labeled as 'supposed to be here usually'
Last I looked into this you can have this avoid cloud data processing completely, so it's private and smart.
Haven't started using it yet, so can't give review and more details yet.
not all old phones are created equal... some consume more power then the charger can provide (they can't run continuously in that case).
But I do have a bunch of security footage that I don't want to watch and I'm looking for software that can extract images from the video that contain people
I appreciate such softwares and possibilities, but I would not recommend using an old smartphone: continuously charging its battery represents a huge risk, history just reminds us about battery explosion, detective cables, defective wall chargers.
If you add also that batteries, when aging, are a real risk, then, thanks but no.
It’s really a non concern. Realistically if there was a problem it would present in normal usage when people are charging them in bed.
The amount of superstition about lithium batteries is crazy, given how many of them are used in any household on a daily basis. The battery is functionally not being used if a phone is plugged in and the battery isn’t drained. This misinformation comes back from when people were using Nickel Cadmium cells decades ago, those cells were functionally continuously charged because it caused absolutely no harm to them.
The difference is that a phone might get hot when the camera is running 24/7 and CPU load is high, e.g. due to motion detection.
To add some anecdata: I had an old iPhone (IIRC a 4s) running as security cam for about 6 weeks. When I returned, the case was cracked due to a swollen battery.
....and? I imagine the phone shut down and literally nothing happened? Batteries are kind of designed to do that in case of cell failure, actual fires are incredibly rare.
I have left old phones plugged in because I used them with wifi in the workshop. More than once I had to quit using a certain phone because the bulging battery started getting hot.
The battery also has a built-in charge controller to prevent overcharging, and if the capacity is significantly lower, shouldn't the risk of that stored energy being released also be lower since there's less energy stored?
The phone has an on board charger. The battery itself has its own controller which will disconnect the battery from the charger if it goes over voltage, under voltage, or over temperature.
The "percentage charge" of a lithium cell isn't really any measure of its safety. Even at 0% charge the cells can still auto ignite, there's an incredible amount of energy in them when they're considered to be empty.
The problem is lithium doesn't like being at 100% state of charge for prolonged periods of time. Normally you charge it up, then use the battery. When on a charger the voltage will sit close to fully charged voltage, and that ages the battery quickly. Add some heat and you may have a problem eventually.
In my experience, its usually "only" a problem when later, you discharge the battery and then try charging it back up, thats when stuff starts burning.
I'm currently integrating (project is on pause but one day!) an android tablet into an old car. And the battery was a dealbreaker.
So I've removed the battery and added an resistor to trick it into booting anyway. Only problem is that android think the battery is dead so it won't perform system updates unless I first charge it. Which I guess is fine in this case since the tablet is out of support anyway.
If you've ever wondered why cellphones don't work without a battery present at all, even when plugged in, it's because they're used as a capacitor effectively for the cellphone radio. The peak currents of those can exceed several amps momentarily so you need to have quite a lot of power on hand (even exceeding the charger) for times when you want to transmit. The amount of total energy being used from the cell is close to nothing however.
I'm surprised yours works at all, it must be fairly marginal.
All I can say is that it isn't an uncommon operation to do.
I have stress-tested it a bit and know that it won't be a problem for me, certainly not for the music and navigation I will be using it for. Also as far as radios go only wifi+bluetooth.
I wish phones would work with no battery when plugged in.
What resistor value, and where did you place the resistor to be able to boot without a battery?
Don't remember, if you are lucky there are guides for this for your particular device.
If I remember correctly there are four terminals, aside from power one of them might be battery temperature which I think is mandatory. I measured the resistance on the original and mimicked it. Basically hardcoding the temperature since I don't have a battery. But I could be very wrong on this. Google it first!
Looks like that could be mitigated by just flashing a new firmware. LineageOS (formerly CyanogenMod) has a long list of supported devices these days. Booting something more open source seems like a good idea for a long-running security camera app, as opposed to closed-source stock Android builds.
LineageOS is great, but I doubt it supports many $20 phones. Porting is done by volunteers - people who buy cheap phones are unlikely to make the effort.
Also, in theory a rootkit could go into the embedded firmware or use a closed source kernel module. In fairness, that's not a big threat yet - cheap devices tend to get cheap rootkits...
Major difference looks to be broad vs narrow feature scope (haven looks very in-depth, with lots of sensor options, etc), native app vs browser based, and long-running (security camera) vs short-lived sessions (hour or two here or there).
Not sure if its appropriate to tack on-to this thread or if I should make a separate one, but figured its closely enough related that someone interested in Haven might be interested in chewcam as well.