What about doing all processing locally and storing only end-to-end encrypted data in servers?

Not really an option right now. The current generation of cameras out there are basically a Raspberry-Pi level computer with a better camera and a hardware h264 encoder. The moment you start doing something fancy, like running any non-trivial motion-detection algorithm, you are bound to run into performance or thermal (read: overheating) issues. Let's not even talk about machine learning.

Just think how much money Nest would save in server time with such a setup :)

My intuition says we are not anywhere near there yet, but do you know if any video processing algorithms exist that can reasonably be executed on encrypted data? Basically, I know fully-homomorphic encryption is ridiculously inefficient in the general case. At the same time, I know of specialized homomorphic encryption algorithms that can operate on encrypted data of specific formats. There are efficient-ish algorithms for encrypted (social-network-type) graphs, and encrypted vote ballots.

I was wondering if you or anyone in your team has come across any work on privacy-preserving encrypted audio/image/video processing? I assume this is a very hard problem, but I imagine someone has tried looking into it.

I'm not really the person to answer that (I'm a lowly software engineer keeping the cogs greased m'lord!) I know at some point Larry (https://github.com/lwneal) was looking into that, at least cursorily. I'll refer to him as the authority on anything encryption-related at Dropcam (or anything, in general. Brilliant guy!)

Isn't HN supposed to be a forum popular with entrepreneurs? You sell the high-computation device as an optional extra.

    For full privacy, buy our turn-key home server!
    (optional video display available)

    If you're the DIY technical types who already 
    runs a home server, may prefer our inexpensive
    software package that provides most of the features
    at much lower cost (some assembly required).

(or something like that)

The idea that a remote network is somehow a requirement is patently absurd.

People overestimate the size of the hobbyist/geek market. Sure, in the Valley everyone and their dog can configure a NAS using a terminal from their latest generation iPad, but that's not the case outside of the Bay Area. I'd suggest you go to Sacramento and ask people on the street if they even know what a NAS or home server is (I once was dumb enough to start a startup there... you are one hour out of SF, but when it came to adversity to technology you might as well be in rural Alabama. This is the capital of California we are talking about!)

Providing these "geek-to-geek" options (term isn't mine) looks like a great business idea when all your friends would use it. But again, the financial incentive is not there if it takes equivalent (or even less) effort to design something that can be used by millions of people instead of hundreds of thousands.

> I'd suggest you go to Sacramento and ask people on the street if they even know what a NAS or home server is

Does Woodland count? I'll ask a few people.

/me steps outside

Well, my landlady and a few neighbors know what they are. You'll have to wait until tomorrow for Sacramento, but I've talked to a lot of people in that area too and very few would have had a problem with my addon server.

If you treat people like idiots, they will respond in kind.

> "geek-to-geek" options

I may have included a geek option (the source code), but a turn-key server isn't any harder to setup than Nest's current devices.

You think people can buy and install Nest's current thermostats, but won't be able to install a turn-key local server that needs literally the same WiFi information?

> the financial incentive is not there

Is this a euphemism for "cannot monetize their data"?

> Is this a euphemism for "cannot monetize their data"?

I find it fascinating that people keep obsessing on how Nest is "monetizing the user's data" through Google.

I won't go into details, but believe me when I say there's way more effort being put in guaranteeing customer privacy than in integrating Nest data into Google's platform. In fact, if you Google around you'll find press announcements describing, in much more detail than I could go here, the kind of arrangement Google and Nest arrived at when the acquisition happened. The data separation clause was a huge part of it. Nest wasn't acquired for the consumer data they could bring over, but rather because... you know, biggest company in the (then booming) IoT sector. Investments on projected revenue are made all the time, but when Google makes one people cook up all kinds of theories about nefarious purposes ¯\_(ツ)_/¯

So, no. What I meant is there wouldn't be enough people buying this "expert" versions of Nest Cams to justify building them. That's all. If you have solid research to the contrary, I'm sure our PMs would love to talk to you.

> If you treat people like idiots, they will respond in kind.

That's a big assumption you are making about how I treated potential customers of my own startup that I put over a year and a half of effort in. It's not about "idiocy", it's just not the same crowd you have in the Bay Area, were store owners will gladly try anything to attract more customers. Leaflets and "neighborhood bulletins" are still a thing there, even when it gives you 0 visibility on how effective they are as a marketing tool and it costs thousands of dollars per month. Anyway, if you want the details, we can discuss them offline.

> You think people can buy and install Nest's current thermostats, but won't be able to install a turn-key local server that needs literally the same WiFi information?

It's not just the server, then you have to setup the camera to point it to the server, provide some rigging to make the video consumable, create credentials in the server if you want any kind of protection against MitM/Spoofing, etc. etc. etc. The very reason Dropcam was founded was because the CEO's dad, an EE, couldn't figure out how to setup one of those "expert" systems. Greg Duffy saw the potential business opportunity and went for it.

I understand if it's not the product you want. We don't pretend to be the perfect product for everyone. My personal opinion - not reflecting Nest's policy on this opinion at all - is that I'd rather sacrifice a 5% increase in sales than increase engineering/operations/marketing/sales effort a 15%. It's just bad business.

I see, Thanks for the insightful answer! Regarding machine learning it would be nice to be able do the training in your desktop/laptop when it's idle or something like that.

But it's very good to know this is a technological issue (as opposed to a business issue). Well, hope you smart folks solve this. Meanwhile, I'll keep tinkering with my raspberry pi and raspberry pi camera :)

Can you share any reference on what the Nest servers actually do that a smartphone chipset isn't capable of? Various apps manage (from my limited knowledge about the field) quite impressive things.

Can't really discuss specifics, but training machine learning models that share data between all your cameras would be pretty difficult, for example. Also, the lifespan of the processor would be highly reduced if you were constantly hammering it (thermal implications, etc. etc.) Again, in a few years that might not be an issue anymore :)