The Smart Doorbell from Ring shows some flaws despite password changes. The vulnerability of this gadget lets people snoop even after a password change. Ring urges folks not to share login details and promises to do better and address this issue.
Smart Doorbell’s “Malfunction”
You may spend less time running to and from your front door, but you may also be cutting down on your home’s privacy. According to reports, popular video doorbells from Ring have major security flaws. It does not require users to re-log into the doorbell app when a password has been changed.
This means that anybody, besides yourself, who used to have access to your Ring doorbell app may still monitor the activity taking place outside your front door. Regardless how how much time has passed, the app never asks users to sign in again even after a password change.
Ring’s Response To The Problem
Ring was notified of the issue in January. The company claimed that they have removed users who were no longer authorized. But tests conducted showed that “for several hours”, unauthorized users were still able to access the app despite a change in password. According toe Ring’s CEO Jamie Siminoff, removing unauthorized users from the platform slows down the ring app. This flaw presents a serious problem. Not only could someone be watching your front door. He or she may also download videos, or control the doorbell as an administrator.
The Effect Of This Issue On Amazon
Amazon recently acquired Ring for $1 billion. This issue does not go well for Amazon. The company is planning to use Ring doorbells as part of a secure solution for delivery programs like Amazon Key. This program allows delivery personnel to drop off packages directly into someone’s home. If Ring doorbells cannot even protect against unauthorized users, Amazon will have a hard time convincing prospective customers.
According to Ring, more security measures are on the way. For now, smart doorbell users are advised to avoid giving access to your doorbell untill the issue is resolved.
Have you ever experienced having mail sent to you retracted and mysteriously disappearing into the air without as much as a polite “Please ignore this email…”? Well, I have and in one particular case, it felt like a punch in the solar plexus. It would have been fine if the email was trivial or unread, unfortunately, it was sent by the Senior Vice-President of a huge telecommunications company to whom I had entrusted concerns about service level and other confidential matters.
This was not a Google email (or a similar one) that can be recalled five minutes after sending if you realized you had sent it to the wrong account or sent inaccurate information. The operative word is “UNREAD” so you actually don’t know what you’ve missed. However, this particular series of emails was conducted over a period of two weeks and had many ccs and replies from top executives. Yet, one day, it was totally gone – including crucial replies from those who were in the loop.
Many e-mail systems, including the widely used Microsoft/Outlook Exchange Server and IBM Lotus Notes/Domino Server, offer a Message Recall feature. This feature is supposed to delete unread copies of the recalled message from the recipients’ inboxes so they never see it. — AmeriCan Bar Organization
It is enough to get one paranoid about conspiracy theories because it leaves you totally defenseless as the proof or trail of messages that could support your claim is gone. That happened years ago but I have gotten into the habit of actually printing-out mail and sending important ones to another account. The privacy violation still leaves a bad taste in the mouth, like some sort of digital rape, simply because there was no consent.
It makes you wonder, who DOES own the information: the sender, the receiver, or in the case of Facebook, the conduit? It makes you wonder if all mail sent by “big names” have tracers capable of erasing their existence; just like a digital Mission Impossible message that self-destructs.
The technology was mastered years ago but is now in the focus of interest after news broke out that messages sent by Mark Zuckerberg, Facebook CEO and other executives were retracted from user inboxes. This breach comes hard on the heels of the Cambridge Analytica scandal affecting up to 87 million users – something so big that it goes beyond political implications.
In the past, Facebook did not allow messages to be unsent or removed from conversations or inboxes; so if you sent a message too soon or to the wrong person, you had to live with it, apologize or unfriend the other person. The last option does not guarantee that the message was not read. When Techcrunch broke the news of disappearing mail from Zuckerberg and company, Facebook grudgingly admitted to deleting messages but justified this as a corporate action to protect executives’ communication,”We did so in full compliance with our legal obligations to preserve messages.” Self-destructing mail, however, is not totally new to Facebook. In fact, although the public may not have used it much, encrypted and disappearing Secret Conversations have already been around for over two years on Messenger.
Now, Facebook finds itself again in the midst of public scrutiny because of the perceived breach of trust since the recipients were never informed of the removal of the messages from their user inbox. Zuckerberg’s replies disappeared although the conversation thread remained, making it a one-way conversation. Talk about “reading between the lines”! This time, Mark Zuckerberg did not apologize for the special treatment. Reportedly, Facebook will make this “unsend feature with an expiration timer” available to the public in the coming months. In an effort to appease public anger over this latest privacy breach, even Mark Zuckerberg is not allowed to unsend in the regular mode until the public roll-out out of this feature.
In an act of corporate responsibility and to regain the trust of its 1.3 B users, Zuckerberg will appear before the U.S. Senate Judiciary and Commerce committees on April 10 and the House Energy and Commerce Committee the day after. For sure, there will be sanctions and clipping of wings. Facebook has already revised privacy controls for the user to protect the sanctity of information. Questions remain like will WhatsApp, bought by Facebook in 2014 continue to share your phonebook on Facebook? But ultimately, the power rests on one button, delete or forever keep your peace.
“And you say what harm could a deep intelligence in the network do? Well, it could start a war by doing fake news and spoofing email accounts and fake press releases and just by manipulating information. The pen is mightier than the sword.” — Elon Musk