Ciphersuite: We use OpenMLS and we can choose any of the ciphersuites supported by it. We are using its post-quantum secure ciphersuite (MLS_256_XWING_CHACHA20POLY1305_SHA256_Ed25519).

Secluso vs. Frigate: I think you correctly mentioned some of the differences. We intend Secluso to be replacement for Ring-like WiFi cameras. Therefore, it needs to be easy to set up and use and provide similar functions to a Ring camera: the user plugs in the camera, opens the app, scan a QR code and perform a pairing process, and the camera is ready to use with its strong end-to-end encryption. The self-hosted version of Secluso requires a few more steps, but we've tried to automate it as much as possible. Home Assistant and Frigate are great platforms that are capable of providing good privacy (although they don't support advanced end-to-end encryption that Secluso does with forward secrecy and post-compromise security through MLS), but they require several steps, e.g., prepare/configure the IP camera, install and configure Frigate, integrate Frigate with Home Assistant, and configure remote viewing via cloud relay or VPN. Also, they are typically used with wired (Ethernet) IP cameras. WiFi IP cameras are possible but the RTSP stream between the camera and hub will be unencrypted, which might be vulnerable to eavesdropping.

Need for cloud relay: We have considered STUN and we are planning to deploy MLS over WebRTC for livestreaming (using the DAVE protocol) to improve the livestream performance. But this doesn't completely eliminate the need for a relay. If a STUN connection cannot be made due to some restrictions in one of the networks (that the camera and app are connected to), we will need to fall back to the relay. Also, if the phone is off/disconnected when an event video is recorded, we would like to transfer it (encrypted) to the relay ASAP in case something happens to the camera (e.g., it's taken by the intruder).

I previously introduced an open source private home security camera in 2024, which uses OpenMLS for end-to-end encryption: https://news.ycombinator.com/item?id=42284412.

It was called Privastead then and it's now renamed to Secluso.

John Kaczman found my project from here and has been working on it with me over the last year and half. We've made a lot of improvements to the software, which we would like to share with you:

- You can now set this up on your Raspberry Pi in less than 5 minutes with no technical expertise using our easy-to-use GUI deploy tool. We've put together a comprehensive build-your-own guide that walks you through the required steps (you can find a link at the top of the repository README).

- We use a customized, minimal OS based on the Yocto project for the camera.

- Every part of our stack except for the iOS app has reproducible builds. This includes our Android app, camera/server binaries, deploy tool, and the aforementioned OS.

- We've re-designed our mobile app, which is now on the iOS App Store and Google Play store.

- We now support UnifiedPush for more privacy-preserving push notifications.

Looking forward to seeing what you all think!

Comments URL: https://news.ycombinator.com/item?id=48330192

Points: 103

# Comments: 23

1) You'll get advanced end-to-end encryption (MLS).

2) You'll get a trusted firmware (fully open source and verifiable software running on a Raspberry Pi). An important advantage of having trusted firmware is that you won't have to worry about putting a firewall in front of a camera that comes with closed source firmware and hence can't be trusted.

3) Secluso is easier to set up. All you need is to run our released binaries in a Raspberry Pi, a server, and then use our app. We are also open to providing server support for for a limited number of interested users. This will further simplify the setup. Please contact us if you're interested.

4) With Secluso, you won't need a hub or an NVR. All you need is a Raspberry Pi (and its camera).

1) Usage model: RTSP cameras can be used for on-demand livestreaming. In contrast, the usage model of our camera is similar to a Ring camera: not only does it support livestreaming, but also it detects events (motion, person, pet, etc.), records a video clip, and sends it to the phone.

2) Connection and ease of use: with an RTSP camera, the camera acts as a sever. You can easily connect to it from your phone if your phone is connected to the same LAN. But if you're outside (which is very typical in the case of home security camera), you will need to connect to your LAN from outside. You have several options to achieve this (port forwarding, VPN, reverse proxy, etc.). Some of these options are not very secure. And they all require some non-trivial setup. In contrast, with our camera (again, similar to a Ring camera), the camera sends the videos to a cloud server and the app downloads them. Therefore, there's no need for the phone to access the LAN. (But note that in contrast to Ring, the videos in Secluso are always end-to-end encrypted. Ring supports an optional end-to-end encrypted mode, but you will lose advanced AI features such as person detection if you enable that since that is performed in their servers.) With the cloud-based video relay, we can then make it very easy to set up and use our camera. More specifically, our plug-and-play camera (https://secluso.com) is very easy to use: scan a QR code, pair, and you're good to go.

3) Encryption: Secluso uses MLS, which provides advanced end-to-end encryption features such as forward secrecy (per message) and post-compromise security.

4) Trust in firmware: Our goal with our recent Raspberry Pi camera is to provide a home security camera with a fully open source firmware. In fact, we now support a reproducible build, which allows you to verify that the firmware binary is built from the open source software in our github repo. This is in contrast to IP cameras that come with closed source firmware, making it difficult to assess their trustworthiness.

Since then, my project cofounder and I have made major improvements to the project. The project previously would act as a hub for an IP camera, which was otherwise closed source. But now, our camera software can also run directly on a Raspberry Pi (even one as weak as a Raspberry Pi Zero 2W), resulting in a security camera with a fully open source software stack. In addition, our Raspberry Pi-based camera can perform AI to detect people/pets/vehicles and send notifications. Moreover, our released camera binary can be verified using reproducible builds and our app now runs on iOS as well as Android. You can use this project to turn your Raspberry Pi into a fully functional and (more important) private security camera. Please check it out, use it, and provide us with feedback!

In addition, we built a prototype of a standalone home security camera using this open source project and a Raspberry Pi. Please check it out here (https://secluso.com/). It's not meant to replace the open source project, but to explore whether a plug-and-play camera could make it easier for people who are interested but don't have time to set up our project on a Raspberry Pi. We're curious if this kind of device would be useful to the community. If you'd like updates on our progress on that front, you can join our mailing list on the site.

Finally, we'd love to hear your feedback and ideas on how we can improve the project. And we always welcome contributions to our open source project.

Our site: https://secluso.com

Comments URL: https://news.ycombinator.com/item?id=45242659

Points: 17

# Comments: 4

And my main comparison has been with security camera solutions that use their cloud solution to transfer videos (e.g., Ring). I think an open source solution that uses MLS and treats the cloud as fully untrusted is a superior alternative.

Regarding the multi-user support: yes, that's on the to-do list. A nice aspect of MLS is the notion of groups that it provides. In Privastead, each camera will have a separate MLS group and it could add multiple devices/smartphones to the group. The hub will then try to deliver the video to all devices in the group. Many aspects of the multi-user support still needs to be figured out, but it's technically feasible.

Regarding ffmpeg: I agree. I'm aware of it and I have it in my to-do list to replace that with a Rust-based implementation. In fact, I'll be looking into your retina library as one potential replacement. :-)