The Anker PowerConf C200 is a well-regarded budget webcam. It’s got a reasonable feature set, good quality video output, convenient mounting, and what’s more it’s got excellent privacy protection. No need to worry about hackers viewing your personal moments through your webcam!

With triple-layered defences, you ought to be able to rest easy:

• a LED that lights up when the camera is recording - no light, no recording.
• a physical privacy filter that pops in with the flip of a switch - bright red, too, so it’s obvious at a glance.
• software to detect the privacy filter position - if it’s switched on then the camera feed will be blanked out with a convenient icon so you know to unfilter when you want it.

Except none of that is true. You, or any software on your PC, can take a photo through the webcam - not getting the blank frame-with-an-icon, with the red privacy filter closed, and without the LED lighting up!

Maybe that’s a bit strong:

• it does have an LED that lights up when the camera is recording (sometimes). The firmware checks if the privacy filter is closed before lighting the LED - so if you can get through the physical defence then the LED is useless - one layer of swiss cheese down.
• it does have a physical privacy filter. And it is bright red, and has a convenient slider-controlled iris mechanism. But iris mechanisms don’t work for privacy protection - there’s a tiny hole in the middle that acts as a pinhole camera. Another layer of cheese gone.
• It does have software that detects the privacy filter position, but the firmware is incorrectly implemented, and it allows unfiltered frames through! And that’s all the security there was…

I will caveat the above - it is possible that new hardware revisions or firmware updates since I tested this webcam will have fixed these issues.

If you want to try this yourself, simply plug in the webcam, close the privacy cover, and run this command on a machine with ffmpeg. You’ll get a nice selfie saved!

ffmpeg -y -f video4linux2 -input_format h264 -video_size 2560x1440 -framerate 30 -i /dev/video0 -frames:v 1 selfie.jpg

In my personal opinion this is an example of product design that did not understand security requirements properly, and atrocious internal security culture at Anker. The iris mechanism with slider is a nice user interface, but nobody in the mechanical team spoke out at any point to say “this doesn’t work”. Instead, the firmware team just covered it up with a bodge - detect the slider position and blank out the stream. But this wasn’t tested to check it actually worked (or it was tested, and nobody in the test team cared that it didn’t work, which is worse). And the LED tally light is fail-dangerous rather than fail-safe. It should be linked in hardware to the power supply to the camera sensor, but obviously security wasn’t a concern for the electronics design team either.

Anker could have sold the webcam without the privacy cover, the LED, or the firmware filtering. But they didn’t. They understood the user requirement for privacy features. But they didn’t understand this as a security requirement - the user does. And the lack of security here is a fatal flaw to the product. The privacy filter is not just useless, it is worse than that, it is actively harmful - just like an exploding airbag.

This vulnerability was diclosed to Anker on 2026-02-15, but as 90 days have passed with no timeline for a firmware patch being released for this issue, public disclosure is being made.

My recommendation for webcam buyers is that they don’t buy a C200 if privacy against hackers is in their security model. For existing owners - keep the privacy filter open all the time. At least the tally light works when the iris is open as far as I can tell.

In an effort to improve comfort and reduce running costs, a couple of years back I obtained a set of Tuya Zigbee Smart Thermostatic Radiator Valves (TRVs). On the whole they weren’t really a very good buy, but they’ve been working well enough that I don’t feel the need to switch them out for something else.

After putting in a freshly charged set of batteries last autumn, they worked away regulating the temperature just fine until spring came this year. Once the heating went off, I forgot about them and the batteries ran out at some point. So they’ve been just resting for the best part of a year!

That would be fine, but being cheaply built throughout, they of course have a healthy serving of cheap grease on the inside. And sitting still is not great for cheap grease, and it’s done what it normally does, turn sticky and gum up the mechanism.

So when I came to put in fresh batteries this year for the start of the heating season, I was greeted with a wonderful big error E1 on the screen and no activity. Of course, I wasn’t going to put up with that and just buy new ones, so I set about trying to fix them. Listening to the TRVs, instead of their normal whirring for about 30 seconds to calibrate the mechanism, there were just two short clicks.

So the cause was obvious - the mechanism has got stuck, and the stiction is causing high current on the motor. The firmware on the smart thermostat looks at that, and thinks - right, I’m at the end of the travel, let’s go back the other way. And it does! But the sticky grease hasn’t gone away so it gets high current when it tries to reverse and just locks up and spits out an error.

The actual fix is simple - just free the motor up, redo the calibration and all will go back to normal. The first step is to disassemble the TRV and expose the motor:

1. Remove the outer case.
2. Remove the batteries.
3. Unclip the display plastic from the top of the TRV (this might differ for some other models?). On mine, there are some sticky conductive pads between the PCB stack and the plastic, but just pulling was enough to separate these.
4. Unscrew and pull out the PCB stack from the TRV body.

Once you’ve exposed the motor, you could try to free it up mechanically, but I think it’s easier to do it electrically, assuming you have the equipment.

So the next step is to get a bench power supply set to 3 V (current limit doesn’t matter too much, you’re not going to break the motor with a few seconds at that voltage), or I suppose two batteries in series would work just as well if you had a battery holder to hand.

Then just apply the 3V to the motor terminals, or the motor JST connector on the PCB stack (no need to unplug, you can use the terminals on the back of the PCB as contacts) for a few seconds. Reverse the polarity, and another few seconds. You should hear the motor spinning and see the actuator pin moving in and out (or vice versa).

Then assembly is the reverse of disassembly, and recalibration should proceed without the E1 error.

Let me know if this has helped you!