> End-to-end between the cloud provider and the cameras at the site, sure
That's TLS, not E2EE. E2EE means the provider never sees the unencrypted data. (Ex SMS is unencrypted, most internet services use TLS these days, Matrix and Signal use E2EE.)
> Nobody encrypts their surveillance video storage, AFAIK.
What performance implication?! AES-NI has been standard for mainstream x86 hardware since ~2013 and ARMv8 introduced optional crypto instructions in 2011!
The issue is that manufacturers choose the cheapest possible SoC that lacks these abilities. Given the small cost savings and importance of basic security measures, that really needs to change.
(A quick look at Amazon shows many of the top sellers advertising various "AI" features and streaming video at 4K or better. Given their apparent capabilities, I strongly suspect that such SoCs do in fact have hardware support for crypto.)
That's TLS, not E2EE. E2EE means the provider never sees the unencrypted data. (Ex SMS is unencrypted, most internet services use TLS these days, Matrix and Signal use E2EE.)
> Nobody encrypts their surveillance video storage, AFAIK.
This is a serious problem.