Imagine this, you leave work early to grab a quick bite of lunch and get home before your sister, niece, and nephew arrive for a family visit. At lunch, you get a notification from your Ring Doorbell app and see that they’ve arrived early. No problem, thanks to Ring, you can let them in and head out to meet them there.
But is it really your family? Or is it a hacker who has figured out how to hack your Ring Doorbell and is now in your home, emptying it of all of its valuables?
New Ring Doorbell vulnerability discovered…
So let’s say up front that Ring, an Amazon company, has patched this vulnerability, which was first discovered by researchers at Dojo by BullGuard and published in a report released this week that was written about by the Verge. However, if your clients – or you on their behalf – have not yet updated their Ring app, then they could still be vulnerable.
Once in Your WiFi, It’s Easy for Hackers
According to the report by Dojo by BullGuard, hackers could intercept the feed to the Ring Doorbell and insert fake images or eavesdrop on video and audio broadcasts. Anyone who has access to incoming data packets, say by hacking into notoriously open residential WiFi systems could, as the Verge put it, “send doctored images to a homeowner to convince them to unlock the door.”
You think a uniformed delivery person (or family members) are at your door, when in fact a bad actor is waiting for the lock to be opened. As horrible as this sounds, it is not the first time that security folks have discovered issues with Ring Doorbells, according to the report.
Are Ring Employees Secretly Watching Your Video?
Earlier this year, rumors emerged that Ring allowed its employees to view customer videos. And although Ring has denied this, there is no information from them about methods that they employ that would prevent this – such as encrypting video feeds to protect user privacy.
Also, industry newsletter The Information revealed recently that Ring had password vulnerabilities, such as allowing them to be easily changed, and never logging out after a one-time login.
Ring’s Response? Don’t Worry, Be Happy
Ring tells The Verge that none of these issues should cause users any concern as they regularly update the device’s firmware. Some security specialists do not find that response particularly comforting.
See more on Ring by visiting: ring.com.
Leave a Reply