Showing results for 
Search instead for 
Did you mean: 
Replies are disabled for this topic. Start a new one or visit our Help Center.

NEST CAMERAS using insecure outdated encryption (Security threat)

Community Member

Moderator editFor the safety of our community members, this post was edited to remove personally identifiable information.


I monitor network security for a living and noticed Nestcam's are using an outdated version of TLS (SSLv2) encryption that is prone to eavesdropping as it talks to Google servers across the internet (in my case communicating with ###.###.###.###).  Is it possible you'll fix?

Here's my IDS rule that all my NESTCAMS trigger on (including my newer ones)

alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY SSLv2 Used in Session"; flow:established,to_server; ssl_version:sslv2; reference:url,; classtype:misc-activity; sid:4015119; rev:1; metadata:created_at 2021_01_06, former_category POLICY, updated_at 2022_05_03;)


Encryption protocols, such as Transport Layer Security (TLS) and Secure Sockets Layer (SSL), provide data protection as it travels through a network. However, older versions of these protocols become obsolete as technology changes and vulnerabilities surface. Network connections employing obsolete encryption protocols are at an elevated risk of exploitation and decryption. As a result, all systems should detect and remediate the use of deprecated forms of encryption for TLS and SSL protocols.


Community Specialist
Community Specialist

Hello JPS23,


Thanks for posting here in our Google Nest Community. Could you tell us the Nest cameras you have and their software versions?


You can find more information here about the Security updates and security validation results for Google Nest devices.


Also, if you want to report a security issue with a Google Nest device, please visit the Devices & Services Vulnerability Severity & Reporting page.


Keep me posted.