Amazon’s “Ring" line of products has been getting a lot of bad press lately, so I decided to get to the bottom of the rumors and possibly sensationalized stories and relay my findings to you fine people. Honestly, I found some scary stuff.
First things first, Ring is a company owned by Amazon that produces home security products such as smart lighting, smart doorbells, and indoor cameras. The doorbells and indoor cameras are the products causing all the fuss. These are essentially interactive surveillance cameras that allow you to view real-time video and speak with anyone close to the camera. With a Ring subscription plan, you can store and view recorded video as well.
Over the past year or so, the company has come under fire for a few different reasons:
Last December, The Information published an article accusing Ring of serious vulnerabilities in their security and privacy protocols. Up to and including giving their Ukraine-based R&D team unencrypted access to digital storage that includes a database of American user’s archived videos.
In November of this year, Bitdefender discovered a bug in a Ring doorbell that exposed the home’s wifi credentials (luckily this problem was fixed quickly).
Also this November, Massachusetts Senator Ed Markey sent out a press release revealing that, after an investigation, he had found “little to no privacy policies or civil rights protections for video collected by the technology.” Basically, law enforcement can obtain video from your Ring without a warrant (or even asking you for the video), share it with 3rd parties, and keep it forever. Furthermore, if this article by Motherboard is to be believed, Ring also offers some pretty handsome perks for a police department to partner with the company. Everything from free and discounted devices to maps of every active Ring doorbell camera in the city (talk about Big Brother).
Most recently (and most shockingly) are the reports of hackers taking over Ring cameras in people’s homes, even speaking to the residents through them by use of the two-way communication feature of the devices. In some instances, the hackers were spouting racist remarks (the obvious go-to for most terrible people), some were watching children in their bedrooms and trying to scare them, and some demand ransom money to leave their victims alone.
This last one scared the hell out of me. So much so that I feel it’s my responsibility to tell as many people as I can know NOT to buy or use Ring devices.
Having said that, home automation truly is the future today and I urge everyone reading this not to let Amazon scare you off of some really cool technology. Please, take a serious look at Google Nest’s line of products.
Though I doubt I can ever bring myself to trust Ring enough to buy one of their devices, I will admit this video from the last bullet makes a very good argument that maybe Amazon shouldn’t shoulder ALL of the responsibility for the devices getting hacked. According to Ring, they “have no evidence of an unauthorized intrusion or compromise of Ring’s systems or network,” and “it is not uncommon for bad actors to harvest data from other company's data breaches and create lists like this so that other bad actors can attempt to gain access to other services.”
It is kind of a dodge but it’s not untrue. With all of the companies and databases that have been hacked over the years, there’s a very good chance you have credentials for sale out in cyberspace. And if you, like a lot of people, have the habit of reusing passwords…
So I think that’s what I’m going to talk about next week. What precautions we can take to shield ourselves as much as possible in the digital age from data loss.
Until then, please reach out to us with any online security questions at 1 (424) 256-8541
Any feedback or questions you would like me to answer in this blog can be sent to firstname.lastname@example.org