tapo-c210/README.md

25 lines
2.5 KiB
Markdown
Raw Normal View History

2023-09-18 17:38:23 +02:00
# C210 Tapo camera
2023-08-24 10:41:42 +02:00
IP Cameras are a nightmare for our privacy. For this reason I am reverse engineering a Tp-Link Tapo C210's firmware and its relative app in order to prevent them from sending any data to untrusted servers.
2023-09-19 09:11:27 +02:00
There are some better resources than mine: see https://github.com/nervous-inhuman/tplink-tapo-c200-re and https://drmnsamoliu.github.io/, but use those resources mindfully, as they are about Tapo C200, whereas this repository focuses on the C210. Despite being esthetically equivalent and having a similar name, their hardware is completely different. The C200 is based on a MIPS microprocessor, whereas the C210 is based on the ARM-based MStar SSC335 chipset.
2023-08-28 09:45:05 +02:00
In particular, I will focus on
2023-09-19 09:11:27 +02:00
2023-08-28 09:45:05 +02:00
* the reverse engineering of the app in order to be able to use the camera without a Tp-Link account;
2023-09-19 09:36:57 +02:00
* <del style="text-decoration: line-through;"> the reverse engineering of the firmware to strip off the portions of code sending the video stream to their servers, or better self-compile a clean firmware.</del> **Good news** you can install [OpenIPC](https://openipc.org/) ([here for our hardware-specific version](https://openipc.org/cameras/vendors/sigmastar/socs/ssc335), with memory chip NOR 8M) and [linux-chenxing](https://github.com/linux-chenxing), so we do not need any reverse engineering, at most contributing to these projects.
2023-08-23 16:27:42 +02:00
## How these cameras were designed to work
2023-08-24 10:41:42 +02:00
1. You download a proprietary app (Tp-Link Tapo) and create an account without which the camera can not work;
2023-08-23 16:27:42 +02:00
2. You use said app to instruct the camera to use a specified Wi-Fi AP;
2023-08-24 10:41:42 +02:00
3. The camera sends the video stream not end-to-end encrypted to servers we have no control over;
4. You have the possibility to update the camera's firmware through its app. This expands the attack surface for a hacker or from the company itself to push a malicious update.
2023-08-23 16:27:42 +02:00
## What we can do
2023-08-27 22:23:21 +02:00
As of today, we have:
2023-08-28 09:45:05 +02:00
* Libre NVR solutions (iSpy, ZoneMinder, ...);
2023-08-28 17:54:06 +02:00
* A collection of open source software to control these cameras through [undocumented APIs](https://github.com/xfarrow/tapo-camera/tree/main/secret-apis), see [my collection](https://github.com/stars/xfarrow/lists/tapo-cameras).
2023-08-27 22:23:21 +02:00
2023-09-19 09:11:27 +02:00
Nonethless, if you use these solutions, you still need the proprietary app and a Tp-Link account the first time you boot the camera up and NVRs will not stop the camera from sending the video stream to their servers without using a firewall.
2023-08-23 16:27:42 +02:00
2023-09-19 09:11:27 +02:00
* Installing [OpenIPC](https://openipc.org/) or [linux-chenxing](https://github.com/linux-chenxing)