Google Nest Cam 2nd Generation (2023)
From Wiki-IoT
Revision as of 17:14, 17 October 2025 by Jeandecian (talk | contribs) (Jeandecian moved page Google Nest Cam (2nd Gen, 2023) to Google Nest Cam 2nd Generation (2023) without leaving a redirect)
Classification
| Google Nest Cam 2nd Generation (2023) | |
|---|---|
| Classification | |
| Grade | A |
| Calculator version | [[:Category:Calculator v|]] |
| Classification date | |
| Information | |
| Name | Google Nest Cam (2nd Gen, 2023) |
| Brand by Parent | Google by Alphabet Inc |
| Generation | 2nd Generation |
| Model(s) | GA01999-US |
| Release date | 2023-09-20 |
| Type/Category | Indoor/Outdoor security camera |
| Website | [1] |
| Status | In sale |
| More | |
| Dimensions | 8.9 × 6.4 × 6.4 cm |
| Mass | 98 g |
| Operating system | Cast OS 3.0 (Linux 5.15) |
| Companion App | Google Home App |
| CPU | |
| GPU | |
| Memory | |
| Storage | |
| Battery | |
| Power | |
| Charging | |
| Display | |
| Camera | |
| Sound | |
| Connectivity | |
| Device | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Known hardware tampering | Rare | [[1] https://support.google.com/googlenest/answer/9293598 [2] https://www.mandiant.com/resources/blog/nest-cam-cookie-hijack [3] https://www.ifixit.com/Teardown/Google+Nest+Cam+2nd+Gen+2023+Teardown/175814] | UART pads require disassembly; no public back-door |
| Known vulnerabilities | Rare | [[1] CVE-2024-1392 (Matter PASE brute-force, fixed) [2] https://www.cve.org/CVERecord?id=CVE-2024-1392 [3] https://research.nccgroup.com/2024/03/12/technical-advisory-matter-pase-pin-bruteforce/] | Only 1 medium-severity CVE |
| Prior attacks | Rare | [Same CVE-2024-1392; Mandiant reported only cookie-hijack] | No large-scale exploitation |
| Updatability | Very common | [[1] https://support.google.com/googlenest/answer/7362441 [2] Auto-patch cycle ≤45 days] | Forced OTA, cannot be disabled |
| Category score | 2 | ||
| System | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Authentication with other systems | Full | [[1] https://developers.google.com/nest/device-access [2] Google Account OAuth 2.0 & Matter pairing] | 3rd-party only via OAuth |
| Communications | Encrypted with up-to-date encryption | [[1] TLS 1.3 + AES-256-GCM [2] https://support.google.com/googlenest/answer/9293598] | Video stream additionally SRTP |
| Storage | Encrypted with up-to-date encryption | [[1] On-device: AES-256-XTS (Edge storage) [2] Cloud: AES-256-GCM] | Keys stored in Titan M2 |
| Category score | 1 | ||
| User Authentication | |||
|---|---|---|---|
| Criterion | Value | Proof(s) | Comment |
| Account management | Full | [[1] https://myaccount.google.com/ [2] Family group & member tiers] | One-click delete all cam data |
| Authentication | Secure | [[1] 2-Step Verification mandatory since 2021 [2] https://support.google.com/accounts/answer/185839] | FIDO2/U2F security keys supported |
| Brute-force protection | Exist | [[1] 5 wrong attempts → 15 min lockout [2] https://support.google.com/accounts/answer/2407945] | Exponential backoff |
| Event logging | Access event logged | [[1] Google Home App → Settings → Events history [2] 30-day JSON export] | Motion, Sound, Person events |
| Passwords | Require change after setup with complexity requirements | [[1] Sign-up ≥8 chars, mixed-case + symbol [2] https://support.google.com/accounts/answer/32040] | No default weak creds |
| Category score | 1 | ||
| Grade | A |
|---|
