At the beginning of this month, I started the review of Annke CZ400 AI security camera by listing specifications, unboxing the device, and doing a partial teardown, notably to install a MicroSD card.
In theory, the camera comes with more advanced AI features than Reolink RLC-810A 4K CCTV camera that only supports people and vehicle detection, as the Annke security camera can handle face detection, line crossing, unattended baggage detection, and other smart event detections. So let’s see how it performs
Annke CZ400 installation
The first challenge was the installation, as I told the company I would not be willing to install the camera on the ceiling since I’m renting, and preferred wall-mounting. after checking the user manual that included a wall mount, I decided to go ahead, and get the review unit.
But sadly, the wall mount is not included in the package, and Annke even told me they have no plans to sell it, instead, inviting me to purchase the mount bracket on Aliexpress. As a side note, the wall mount bracket is sold on HikVision store, and Annke CZ400 appears to be a rebranded Hikvision DS-2DE2A404IW-DE3/W camera. [Update: Annke pointed out the following after the review publication:
We’re not rebranded cameras. We own intellectual property over this camera and we’re responsible for data security of our users.
Any hik cameras sold on Amazon are not legitimate cameras from hik, who never sold on online platforms.]
Since I did not really want to buy the adapter, I decided to go with a temporary DIY solution using a wooden plank and a ladder…
The first step was to attach the mounting plate to the plank, and then I could rotate the IP camera into place.
I placed the plank on the ladder and connected a 12V/2A power adapter, as well as an Ethernet cable since there’s no WiFi connectivity.
For this type of camera, a PoE injector may be preferable, as the cable coming from most power adapter will be a bit short…
Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011.
Support CNX Software! Donate via cryptocurrencies, become a Patron on Patreon, or purchase goods on Amazon or Aliexpress
Thanks for an extensive review!
Requires IE for it’s features? Will never buy!
I would be much more concerned by the fact both camera and app have to be connected to someone else’s server running in a data center somewhere in the world and by the usual sort of security nightmares all these surveillance products (or IoT in general) are plagued with, see https://seclists.org/fulldisclosure/2017/Sep/23 for example.
For reference, those are the ports open on my camera: sudo nmap -sS 192.168.1.8 Starting Nmap 7.80 ( https://nmap.org ) at 2021-03-22 19:54 +07 Nmap scan report for 192.168.1.8 (192.168.1.8) Host is up (0.0016s latency). Not shown: 994 closed ports PORT STATE SERVICE 80/tcp open http 443/tcp open https 554/tcp open rtsp 8000/tcp open http-alt 8443/tcp open https-alt 9010/tcp open sdr 123456789101112 sudo nmap -sS 192.168.1.8Starting Nmap 7.80 ( https://nmap.org ) at 2021-03-22 19:54 +07Nmap scan report for 192.168.1.8 (192.168.1.8)Host is up (0.0016s latency).Not shown: 994 closed portsPORT STATE SERVICE80/tcp open http443/tcp open https554/tcp open rtsp8000/tcp open http-alt8443/tcp open https-alt9010/tcp… Read more »
I used Wireshark to capture packets, and I can see the user is passed in the clear, but the password appears to be encoded. Still not good as it is done over HTTP
It’s not using the same URLs as in the 2017 thread posted above.
The password string looks like a SHA256 hash.
Anyway, a ‘security device’ that needs to talk encrypted to someone else’s server on the Internet is something that can be opened from the outside at any time.
An IoT fleet talking to some server under someone else’s control is already the technical equivalent to a botnet talking to ‘its’ command and control servers.
UPnP doesn’t need to be open on the device to be a problem. It’s UPnP combined with IGD (Internet Gateway Device) / PCP (Port Control Protocol) Interworking Function on a NAT router that might enable an unauthorised IoT device to open ports on the router to be accessible from everywhere.
You can tell Jean-Luc is a classy guy as he has the H8 book.
/me has the Japanese version of the H8 and SuperH books as a monitor stand..
Can it detect opposums and cats? Thats what we really need.
So is the face detection feature acts as “human detection” so alarms are triggered only if someone is here?
Yes correct, alarms are only triggered is a face is detected. But as I mentionned in the review, the subject must be static, and not wear any face covering (cap, face mask…)
–