When I have this trouble with loads and loads of images being captured after just simply adding a cam to my UI7 system.
MCV sent me this:
The images and recorded videos are stored to our Secured Cloud Server. You should be able to see or download them by going to Cameras→ Click on Image→ Recorded.
The Vera Unit can only be set to store them to our Store.
I was shocked. I never gave permission to upload my private pictures to whatever cloud. how “secure” it might be or not.
just keep in mind…
Well, given that they don’t even require you to be logged in to see them… not really secure.
Did you ever find out if you can disable storage?
Further goes to show that VERA is not a good DVR. It’s not even good at displaying cameras to begin with.
I would recommend using your cameras outside of VERA and not stream images threw vera at all.
That’s exactly right, and what I do. I use vera for hmoe automation - blueiris and cams for security.
But I’d like to delete the images that it did upload, and somehow get MCV to recognize that how they are storing them is not secure. I will look through the scripts today to see if I can disable all uploads to vera-us-oem-storage12.mios.com and vera-us-oem-storage11.mios.com
You down’t want those pictures of you walking in front of your camera in your undies or less being uploaded to Vera?
Those folks at MIOS will have to dump their Client Picture of the Day contest and get back to fixing bugs.
[quote=“RichardTSchaefer, post:5, topic:188633”]You down’t want those pictures of you walking in front of your camera in your undies or less being uploaded to Vera?
Those folks at MIOS will have to dump their Client Picture of the Day contest and get back to fixing bugs.[/quote]
;D ;D ;D ;D ;D ;D ;D ;D
Just had a solution to this… an entry in /etc/hosts to point the storage URLs to 127.0.0.1 should work. Might test it out today.
There should really be an option to opt-in or out of the cloud storage, or redirect it somewhere else. Especially given the nature of where these cameras are located (in peoples homes, bedrooms, children’s rooms etc).
Let us know how the hosts entries works out. Does anyone know what mechanism Vera is using to send the images? For example can we edit the hosts files to point at our own server?
An opt-in feature would be the start. How about MCV telling people they are just storing stuff in the cloud, and it’s publicly accessible. There’s got to be a few tech bloggers/privacy types that would love to write a story about this. And the thing is… there’s no way for you to delete your images from the cloud. If you delete the alert locally, it doesn’t get removed from their servers.
Here’s the thing (as I run tests to see if the hosts file will work).
a) The hosts file may only work for now. A formware upgrade could have them sending info to a different server.
b) MCV has no reason to store personal info, including images, video, alerts, etc.
They aren’t google.
They should be doing everything they can to go out of their way to show that they are storing nothing unless their users allow them, everything is opt-in, etc.
I have storage here. I don’t need my stuff on their servers. As it stands now, there’s no way to take ot off of theirs, there’s no way to stop it from getting there, and there’s absolutely no documentation of what they are storing, for how long, for what reason, and how secure they are doing all of the above.
[quote=“johnes, post:10, topic:188633”]I have storage here.[/quote]My guess is that they wanted to provide a secure location from a burglar. Storing your pictures on a NAS isn’t practical if the buglar steels your NAS…[quote=“johnes, post:10, topic:188633”]I don’t need my stuff on their servers. As it stands now, there’s no way to take ot off of theirs, there’s no way to stop it from getting there, and there’s absolutely no documentation of what they are storing, for how long, for what reason, and how secure they are doing all of the above.[/quote]This is extremely valid criticism. In fact, one might actually say that I rather have my own cloud storage provider handling this, instead of them.
Jaap
I can confirm that adding those entries to /etc/hosts prevents images and video from being accessible from the UI. I would imagine that means that they are not on the MCV servers. Not sure how long this will work for, nor if /etc/hosts ever gets refreshed… but if it does, we could always add a cron job to re add it back.
[quote=“JaapvanEkris, post:11, topic:188633”][quote=“johnes, post:10, topic:188633”]I have storage here.[/quote]My guess is that they wanted to provide a secure location from a burglar. Storing your pictures on a NAS isn’t practical if the buglar steels your NAS…
Jaap[/quote]
Good point. However, if a burglar gets into my house and has time to track down the NAS and take it, I’ve got so many other serious problems.
That’s not accurate, you are required to login in order to view recorded snapshots or video.
As to democratizing the storage locations, yes. We are adding support for other cloud storage providers via our Advanced Camera Management service later this year. We?ll solicit beta testers via the forums as we get closer to launch.
That’s not accurate, you are required to login in order to view recorded snapshots or video.
As to democratizing the storage locations, yes. We are adding support for other cloud storage providers via our Advanced Camera Management service later this year. We?ll solicit beta testers via the forums as we get closer to launch.[/quote]
It is exactly true.
Here’s how you can verify what i am saying is correct…
Result? Image appears.
At a minimum, MCV should be very clear in telling users what data is stored, where, for how long, and give them a way to delete the data, either on demand or on a rolling basis. There should be a way to disable all storing of information. It would be nice to be able to redirect the data elsewhere, but that’s mroe a feature than the security and privacy holes that exist now.
I’ve deleted my alerts - yet my images are still on the MCV servers.
[quote=“johnes, post:15, topic:188633”]It is exactly true.
Here’s how you can verify what i am saying is correct…
Result? Image appears.[/quote]
Can you provide us with your link to verify… LOL ;D
I would, but I’m worried that there’s enough info in it to open up the rest of my images!
https://vera-us-oem-storage12.mios.com/storage/storage/store//archive?Key=
[quote=“johnes, post:17, topic:188633”]I would, but I’m worried that there’s enough info in it to open up the rest of my images!
https://vera-us-oem-storage12.mios.com/storage/storage/store//archive?Key=[/quote]
I’m just playing to look at your pictures. LOL
Well, all you would see is a very happy spider weaving another web right in front of the lens.
[quote=“johnes, post:17, topic:188633”]I would, but I’m worried that there’s enough info in it to open up the rest of my images!
https://vera-us-oem-storage12.mios.com/storage/storage/store//archive?Key=[/quote]
Both the file id and key are randomly generated, as a matched pair. Both are required to view your file. If you share both, then yes, someone could view your content (obviously). But it doesn’t constitute a viable, real-world attack vector, as we have protections (and logging) in place server side to shunt (and block) brute force attacks, whether those originate from Vera users internally, or from an external party.
Best Home Automation shopping experience. Shop at Ezlo!
© 2026 Ezlo Innovation, All Rights Reserved. Terms of Use | Privacy Policy | Forum Rules