Review: 4K Nextbase 612GW Elite Dashcam.

Paul Iddon

Active Member
I was lucky enough to be the first person (outside of the manufacturers) in the UK to own the latest Nextbase dashcam – the 612GW and here is my review.


This is a step up from my previous model (412GW) and an improvement over the 512GW – both of which offer 1440p recording (2K resolution).


The 612GW is the first model from Nextbase which records video at 4K resolution (2160p) on a 3” capacitive 960x240 16:9 touchscreen.


Below are a few images of the box and contents. The major difference you will see is the brushed metal finish – which gives the dashcam a classy expensive appearance. If you want a stealth dashcam – this will not be it – the front of the unit looks smart but it is going to be noticeable through your windscreen.


1.%20Box-M.jpg



2.%20Open%20Box-M.jpg



3.%20Components-M.jpg



4.%20Back-M.jpg



6.%20Top-M.jpg



7.%20Front-M.jpg



9.Screen4-M.jpg



New features incorporated this time around include:


2 file sizes: A dual file option which records a low-res file (ideal for wi-fi transfers) alongside its 4K counterpart. The low-res file can be turned off via the menu if you choose to do so. Being 4K the file sizes are of course twice that of earlier recent models, so a decent sized memory card is recommended, either 64Gb or 128Gb, and really needs to be the newer U3 class micro SD card, which have the speed to capture 4K data. 15 minutes of video used around 5Gb of space on my card – the manual suggests 200 minutes will fit on a 64Gb memory card and therefore 400 minutes on a 128Gb card.


Voice confirmation: When you start and stop recording you can turn on voice confirmation mode – though I have not used it for other features or in the menus, so I do not know if it speaks to you when you protect a file for instance.


Touchscreen Menu: The controls for operation of menu items are on the screen now rather than down the sides of the screen. This is not only much tidier than previously, but means the unit is a smaller size and the compact design looks all the better for it. The icons are clear and obvious, but also have text to describe them though the actual icons are ideal. There are 5 pages and each has 6 further options included. Here you can change many parameters such as video length, resolution, exposure etc., and each press responds quickly to your touch. The screen is capacitive, so gloves will not work – you’ll need your finger tips!


Lens and sensor: A new lens from Nextbase is a 7G, 150° wide angle f.1/6 lens and an 8.57 megapixel photo sensor that give excellent clarity.


Speed display: Once the screensaver kicks in you can set the screen to display your speed.


Other features as expected are the GPS Logger, Wi-Fi connectivity, G Sensor / File protection, Intelligent parking mode, time-lapse, auto dimming (of the screen) and a built in polarising filter (which works brilliantly). To set up the polarising filter correctly, a good way of doing it is leave a mobile phone on the dashboard with the white Google home page open and rotate the filter until the mobile phone disappears from your windscreen reflection!)


In the box you get all the usual – the 612GW unit, a powered GPS mount, an adhesive and a suction cup mount, power cable, USB cable, a window sticker, quickstart guide and a software disk with full instructions manual.


There are 2 indicators on the rear of the unit – red and blue for recording and battery power. On the top of the unit is a well-proportioned power button and the DC-In & USB socket (beneath a rubber cover).


Below the unit is a reset button and the light sensor, and here you will find your serial number too.


On the right hand side is the HD out socket (covered) and the “protect” button for preserving important moments. On the left hand side is the microphone (reasonably efficient) and the Micro SD card slot.


So now to the video. These 3 examples have been added on YouTube at 4K resolution so best viewing is on a 4K TV or monitor.


First up is a quick blast down the M6:


Later in the day, the rains came down which gave me a different set of weather conditions to look at:


Here is a bit of Preston...


Finally, an example of the camera at night - and I think too that the difference over my 412GW is significant. Oh, and don't jump near the end of this, I did when I played it back...
clear.png




And so on to my opinions.


The video is very, very good. Playback on my Samsung S8 is remarkably clear, and sent to my Panasonic 4K television it is excellent, even under the dull conditions my first tests have been done under.


Night scenes are well exposed (if slightly grainy) but there is so much to see despite it being dark – the exposure is more than acceptable, especially considering that the polariser in place too. Highlights on reg plates burn out but I accept that as being almost unavoidable due to brightness and reflectivity of metal/plastic number plates.


The touchscreen menu is so intuitive and simple to navigate, responsive and an improvement over earlier models, however it is not hi-res so for video playback you’ll want to use your computer or TV, or mobile phone.


The GPS latches on quite quickly, and has different colours for the signal strength – green being the best signal.


I think any perspective buyers would be more than satisfied with purchasing the 612GW Elite – I cannot deny this is the best quality I have personally seen myself and I would have no hesitation in recommending it. The expected price point of £250 may be a stumbling block for some but for that you will get quality dashcam that will serve you well.


My Observations for future reference:


The speed readout is wonderful as long as you have the cam in a position that you can see it, though I suspect many people will obscure the screen behind a mirror, however for those that don’t a future update that I think would be beneficial would be to have the speed readout giving options of colours (yellow, green, red, and blue) and the further option to reduce its brightness in 10% increments (especially useful at night).


Memory cards slots would be more accessible on the right hand side on UK models seeing as we are sat on the right and this would make getiing them out and putting them back a lot quicker and easier.




That’s about it really. My thoughts are all positive. A high quality camera and well worth the money.


Paul.
 

David Blackburn

Novice Member
Dear Paul,


I read your positive article on the Nextbase 612GW and I was expecting great things. But having now recevied my own 612GW and reviewed it I am afraid I am a little less impressed.


To deal with the positive aspects – the 612GW does capture 4K moving images, and stream embeds GPS and accelerometer data well, and the touchscreen is good.


However I hold the view that the 612GW’s firmware, Nextbase Replay 3 Windows Software and the Nextbase (Android) Mobile Software have been rushed to market incomplete, buggy and with substantial security flaws.


The good news is that the items identified here could be fixed by Nextbase through software/firmware updates. I shall not be holding my breath though looking at the generally dissatisfied user feedback on the Nextbase Android App on Google Play (currently ranked 2.3 stars). I might be pleasantly surprised if Nextbase does attend to these issues but for now my advice for anyone thinking of getting a 612GW would be to hold off until the following matters have been properly fixed (I wish I had):-


Wi-Fi


The Wi-Fi connection to the 612GW is very poorly and insecurely implemented. The 612GW internally runs a version of the Linux operating system, and for the Wi-Fi the unit operates as a Wi-Fi Access Point (think “hub” or “router”). The Wi-Fi’s SSID is fixed and through the menus on the 612GW the default network name and indeed the default password cannot be changed. The consequence of this is that when you put the 612GW into Wi-Fi mode upto 5 malevolent people at a time within Wi-Fi range of the device can through Nextbase’s companion mobile software access the unit’s video files (and more).


I understand why Nextbase might want to simplify support by having defaults for the SSID and password, since when users can change more settings they have more chance of setting things incorrectly. However, Nextbase leaving them so they cannot be changed by the user leaves the unit insecure.


What is moreover more concerning is that the unit also provides a telnet daemon service, this means that when in Wi-Fi mode the unit provides command line log in to its Linux operating system to anyone who can connect to its Wi-Fi. Given the default unchangeable password that is anyone who has a laptop of tablet with Wi-Fi in range of the device who can then run up a telnet session. (This is trivial)


What is completely unforgivable is that when one connects to the telnet login prompt one can immediately gain super user “root” login account access because like Apple’s recent problems, Nextbase have released the unit with a blank root password. Once on the unit with root access then a malevolent person has the ability to ‘own’ the device installing their own software/virus – deleting videos changing the configuration etc. That person does not need physical access to the device to do so – unlike with Apple’s problem where the person would have needed physical access to the Mac.


Leaving aside the security matters, the firmware which launches the Wi-Fi is rather buggy. Although one may press on the touch screen for the Wi-Fi mode it is hit and miss as to when the Wi-Fi will actually launch – there is a delay and a quick tap will beep to acknowledge the touch but not open the Wi-Fi service. This is not a touchscreen issue as the touchscreen is responsive on other menus in that area – this is because Nextbase have poorly programmed the touch not to immediately move onto the Wi-Fi Mode page, but to only do so after it has launched all the Wi-Fi paraphernalia in the background. This gives the impression that the device is unresponsive.


Let’s now assume that you have connected your mobile phone or laptop to the device, then even the low resolution videos, excessively buffer rending the experience very frustrating and the video plays very jerkily. – regardless of the connection being via Wi-Fi to the mobile or USB 2.0/3.0 to the desktop.


The benchmark of user appreciation of Nextbase’s mobile app, on Google’s Play store shows that it is exceptionally poorly rated – and it is no surprise as identified by many users the- Wi-Fi does not work well and certainly could have been be implemented far better by Nextbase before bringing to market.


To support that thesis that the device was rushed to market too quickly before finishing it off – if one looks at the boot messages (telnet 192.168.42.1, login as root (no password), dmesg) then one can see that the operating system is bloated with things like Bluetooth, and Mouse services at start-up – which are clearly not part of the product. What Nextbase would have done better to have done is remove all the unneeded software and services from the default SDK on which they have based the firmware and thereby streamlined the device and positively impacted its responsiveness.


Internal Battery


The internal battery is a joke, it certainly cannot hold enough power to manage the parking mode, it lasts only a few minutes.


The desktop software “Nextbase Replay 3”


This is all very well and has good features like seeing the map, speed, accelerometer data during the video clip. However, out of the box the desktop software cannot connect to the 612GW over Wi-Fi – but the unit has to be connected to the desktop by a USB cable or indeed by removing the memory card. All an inconvenient faff for the user.



Conclusion


It is extremely sad that Nextbase have released the 612GW and accompanying products in an apparent unfinished state. Given the actual hardware and inherent capabilities of such it would have been possible to achieve so, so much more, especially for the premium price charged.:


1.) The root login account certainly should not have been left with a blank password – this would be fixable through a firmware update should Nextbase choose.



2.) The firmware should be updated to permit the Wi-Fi SSID’s and password to be changed, and to permit the 612GW to be a client (Station) on a person’s home Wi-Fi network.


a. This would then permit the customer to leave have the car and camera in the garage, and have their desktop connect to the device and synchronise the video files to the desktop.


b. Heck if the device were to be able to log into other Wi-Fi networks in station mode then the device would be able to update itself, and sync video files to say cloud storage on the move. (This would be a real boon if when my son borrows my car for his road trip vacations).


c. The hardware is certainly there to permit this functionality – and I have been able to hack with telnet, and with placing files in the data card’s MISC folder for the unit to be such a Wi-Fi client on my home network – but there is more work to do to automate syncing video files but really the device should have this kind of support right out of the box if it were properly finished.


In conclusion I would suggest people to save their money and look elsewhere until Nextbase have resolved the security issues, and properly completed the functionality, of the 612GW and the supporting desktop and mobile software.



Kind regards.
 
Last edited:

63982273

Novice Member
The 612GW (and all other models that connect via Wi-Fi) do not actually connect to the internet, it is a type of connection between two devices. In essence it can be likened to Bluetooth, the SSID and PWD are both fixed and these cannot be compromised as the Wi-Fi has to be manually activated by the user and then deactivated to ensure normal use/recording. Only one person at a time can connect to the Wi-Fi signal, it is categorically incorrect that 5 people can connect via the App. This isn’t a case of stopping customers incorrectly changing settings. You cannot connect to and retrieve data from the camera unless you have the Cam Viewer application loaded onto your device. A Malevolent (a person with negative intentions) person could not access the device whilst you were connected, bear in mind as above you have to activate the Wi-Fi.

Please do PM me your details so we can discuss this with you further, we have completed extensive tests on the battery and its life expectancy and if you’re not experience what is expected we would love to hear from you. This will allow us to ensure if you’re not getting the desired results we can help make sure you start getting the best results.

Replay 3 is designed for playing full 4k resolution (or 1440p/1080p) files and does not allow connection via Wi-Fi as this would cause a delay in streaming that a customer would not expect when viewing 4K. Over Wi-Fi the resolution is dropped (on the 612GW, 512W and 412GW) to ensure smooth streaming, this looks impeccable on a mobile phone but on a full size 4k computer monitor the full resolution is required, this is to be expected.

A customers' mobile phone is the device that will connect to the internet if the customer chooses to share their file with the internet (whether that be Facebook, WhatsApp, Dropbox or Private Share).
 

David Blackburn

Novice Member
Dear 63982273,

Thank you for the reply, but I humbly beg to differ with your analysis and technical investigations. I will provide here some technical repro cases, along with sufficient details for you to replicate and confirm what I have identified:

The 612gw is based on the Ambarella A12 platform and runs under the Linux operating system.

When the Wi-Fi is enabled by the user on the 612GW it does the following:

1. Goes into SoftAp mode (i.e. acts as a software Wi-Fi access point)

2. Assigns the 612gw a fixed IP Address of 192.168.42.1

3. Runs up a telnet daemon on port 23 to receive incoming connections

4. Runs up dnsmasq daemon – configured to act as a DHCP server to provide upto 5 IP addresses to Wi-Fi clients on the range 192.168.42.2 – 192.168.42.6 with infinite leases.

5. Then displays the Wi-Fi Mode Menu on the 612gw.

6. Then when the first client connects displays “Device Connected” on the Wi-Fi Mode Menu.

Once the 612gw is in SoftAP mode any wi-fi client with the SSID and default password “12345678” can connect to the 612gw. The 612gw will give the first 5 clients which connect to it an IP Address from the range 192.168.42.2 – 192.168.42.6. However that does not limit the number of client devices which can connect to 5. The configured netmask is 255.255.255.0 so technically another 249 clients could connect – they would simply need to give themselves a fixed IP address from the range 192.168.42.7-192.168.42.254 rather than use DHCP assigned addresses.

Thus the limit of malevolent users who may connect at a time may not be limited to 5 or indeed limited to 254 – because a malevolent user would also be able to add further networks or alter the netmask once logged in through telnet to the device.

A corollary of the 612gw acting as a SoftAP is that a legitimate user may have connected the Nextbase Android Cam Viewer to the 612gw from their mobile phone. However their mobile phone is now on a private network to which the malevolent user also has access directly through the 612gw SoftAP. Thus the malevolent user can then attack any insecurities on the phone/tablet itself with the 612gw relaying the network packets. Of course any such attack would be scripted, and the legitimate user whose smartphone ordinarily is behind their home router’s firewall, or behind the cellular data provider’s network has now got a smartphone fully exposed to the malevolent person thanks to NextBase’s Wi-Fi implementation on the 612gw.

Please note this is merely the 612gw as it comes out of the box, with the latest firmware – nothing fancy added or hacked….

To achieve this root login to the device I merely put the 612gw in Wi-Fi mode, and then from my laptop searched for the wireless network with the SSID “NEXTBASE 612GW ….” Connected to it and entered the default password “12345678” which is ever so helpfully (and unnecessarily) displayed on screen of the 612gw. Once on the 612gw’s network I merely had to issue a “telnet 192.168.42.1” at the Windows command prompt – to be presented with the login prompt – to which I merely enter “root” as the user and a blank password.

Please note that to obtain the ip addresses all that needed to be done was an “ipconfig” at the windows command prompt to see the ip address the 612gw had assigned to the laptop (192.168.42.6) and the default gateway being (192.168.42.1) the likely ip address for the 612gw.

The “netstat –na” command in the telnet session shows that I have more than one established concurrent connections on port 23 to the 612gw. One is from the Nextbase DashCam Android App, and two others are from laptops. The netstat command identifies the open ports on the 612gw which are listening for connections (53, 67, 603, 111, 7877) and shows which ports the Nextbase Android Cam Viewer Android App is using.


So at this point it is absolutely proven that once a user puts the device into Wi-Fi mode – a number of malevolent people within Wi-Fi range can immediately access the 612gw with superuser privileges.


What can a malevolent user do from this point?


Firstly the user might want to turn the notice off that a device is connected as that might alert the owner of the 612gw….

That is trivial in the telnet session the malevolent person simply enters the command: “SendToRTOS”

The options could be:

SendToRTOS ap_disconnected

This would simply make the Wi-Fi menu screen look as though there was no device connected to it – until the legitimate user connected their mobile phone app. Of course a malevolent person would be doing the whole thing by script so the owner of the 612gw would not see or be altered that the was already a device connected.

Alternatively the malevolent person could execute

SendToRTOS net_off

This would have the effect of returning the 612gw to the previous display page but leaving the Wi-Fi up. – but there are other options…



So what about the video files then?

Well its pretty trivial – the malevolent user has lots of choices to access them – but here’s one to get directly to the videos on the SD Card:

In the telnet session execute

tcpsvd –vE 0.0.0.0 21 ftpd –w /tmp


This will start an FTP daemon on the 612gw and from there the malevolent user can simply FTP to the files using a web browser – putting ftp://192.168.42.1/SD0/DCIM/ into the address bar. Yes the user has to log in – but can do so with root and the blank password.

Then the user navigates to /SD0/DCIM e.g. and the user is into the sdcard on the 612gw from where they can then download any videos from the Video folder.

The malevolent user can also trivially delete the video files – from the telnet session:


rm /tmp/SD0/DCIM/VIDEO/*


A real malevolent user would of course overwrite the videos before deleting so as to ensure that the video could not be recovered.


The malevolent user has superuser rights because of the blank root password so is in a position to do much more damage to the 612gw (and any legitmate user’s connected smartphones). For example uploading custom firmware through FTP into the /tmp/SD0 folder and then rebooting the 612gw with the simple command “reboot” to have the 612gw take the custom firmware.


That custom firmware would probably have a malevolent payload – as say be a dashcam virus…… The attack vector could then be to be able to propagate viri etc to any devices that connect to it in future.


So the conclusion has to be I am afraid that the implementation of Wi-Fi on NextBase DashCams is very insecure and a serious gapping security risk to users. It is no good for NextBase to try to brush this off as “Oh it is just like Bluetooth pairing” – the way NextBase have implemented it and left so much of the unneeded Ambarella SDK and BusyBox tools on the 612gw means that the device has been made trivial for malevolent actors to takeover, own and abuse, and moreover to then attack the owner’s devices that might connect via Wi-Fi to the 612gw. Unfortunately the NextBase DashCam software is dependent upon the superuser root password being blank – but really there should be no need for a superuser account to be used by the smartphone software – it was a poor, incompetent design/implementation decision.

I do hope that NextBase can update the Cam Viewer app, and the firmware of their Wi-Fi connected DashCams soon, and can give appropriate consideration to security matters in the future.
 
Last edited:

David Blackburn

Novice Member
Dear 63982273,

In WiFi mode the port 554 is opened on the 612gw supporting the rtsp protocol. The 612gw supports any number of streaming clients to then see the live captured image. To see this in action put the 612gw in Wi-Fi mode then connect to the network a few Windows Clients and Android etc. If you then run up say VLC Media player (Download official VLC media player for Windows - VideoLAN) you can go to VLC's media menu and select "Open Network Stream..." There upon enter the network URL of rtsp://192.168.42.1:554/live on each client and they will all concurrently show the live captured image from the 612gw. This is the same stream URL which the NextBase Cam Viewer uses and of course as the root password is blank all these clients have concurrent access to the live stream.

If a user knows the file name of a captured file that too can be streamed into VLC media player for example:
rtsp://192.168.42.1:554/tmp/SD0/DCIM/VIDEO/171202_005959_220_LO.MP4

and more than one capture can be streamed to different devices concurrently connected to the 612gw when it is in Wi-Fi mode...
 

63982273

Novice Member
Hi @David Blackburn

Thank you ever so much for your feedback on the Wi-Fi, we're always eager to make improvements.

I would like to reassure you and any other customer that the Wi-Fi is only active when you have the black Wi-Fi screen on (example below), the Wi-Fi cannot be accessed any other time. When you are recording the Wi-Fi cannot be accessed, this will give you control.

The customer needs to activate the Wi-Fi then deactivate it for normal use, if the Wi-Fi is accidentally left on it will only be on for a very very small amount of time depending on the model and battery life. The Wi-Fi cannot be accessed unless this screen is on the device (example below is a 512GW).

Based on this we have investigated the matter and arrange for a new version of firmware for all models that have the Wi-Fi feature.

This update will change the blank root password stopping the unit from being accessed by someone other than the customer and their App. Please don't forget we're here everyday on our [email protected] email or on the phone at 02920 866 429 should anyone have any queries in relation to software or hardware.
upload_2017-12-4_14-41-3-png.34869


Full conversation here: Nextbase 612GW Elite Dashcam review
 

HazardMouse17792

Novice Member
Hi Paul, great review as always.

Unfortunately however, "great" is not really the word I'd use to describe the 612gw. I'd say, "decent" at best. Quite disappointing actually as I really wanted to like this dash cam, and especially for the price, I have to say I'm a little disappointed.

In terms of the overall picture quality, yeah it does the job in terms of capturing what happens on the road but I have to say it is quite blurry for something which is advertised as 4k. I've used dash cams in the past (I'm looking at you thinkware x550, nextbase 512gw) which are both cheaper and do the job better. As far as the night vision goes, it is quite grainy and is often hard to make out exactly what you are looking at. Some of the clips I've looked back on couldn't really be used as "evidence" if I'd had an incident.

Also, the Intelligent Parking Mode will not work as my 612gw goes flat whenever the ignition is not on. I understand this might be just an issue with this unit and not all of them but again, for this price I expected better. From the time I bought it to now when I'm considering taking it back my car could have been hit and the dash cam would not have recorded it.

Not really a fan of the flashy brushed metal finish too as someone could very well have seen it in my car and broken into it and taken it too which makes me feel uncomfortable considering I spent about £250 on it.

Now considering downgrading and waiting for a bit until I can find an actual reliable dash cam in this price range.

Anyway like I said thanks for the review Paul, thanks for reading.
 

davepuma

Distinguished Member
Also, the Intelligent Parking Mode will not work as my 612gw goes flat whenever the ignition is not on. I understand this might be just an issue with this unit and not all of them but again, for this price I expected better. From the time I bought it to now when I'm considering taking it back my car could have been hit and the dash cam would not have recorded it.

Your best bet if you want parking mode is invest in one of the Blackvue models and a Power Magic Pro. You'll need to hard wire the dashcam though.

Some dashcams can use parking mode if you provide a battery back up e.g. Cellink Neo 6.

Cellink NEO6 Battery Pack | Car Camera Shop

I get the impression that Nextbase are popular as they're sold in Halfords, not because they are any good.
 

The latest video from AVForums

AVForums Movies Podcast: Streaming Theatrical Releases And The Future Of Cinema
Subscribe to our YouTube channel
Support AVForums with Patreon

Top Bottom