Technology, Top News

Ring cameras had very lax security in its pre-Amazon days, report claims

Smile. You don’t know who’s watching

WHO’D HAVE THOUGHT that putting internet-connected cameras around your house could have any negative repercussions? Well, anyone with any kind of foresight obviously, but a damning new report from The Intercept shows how lax company security and terrible human beings can make for scenarios which make Black Mirror look like Peppa Pig.

Ring, the doorbell and security camera company that was bought by Amazon a year ago, was alarmingly free and easy with its security, according to sources familiar with the matter. “If [someone] knew a reporter or competitor’s email address, [they] could view all their cameras,” one source said.

While the source claimed they “never personally witnessed any egregious abuses”, the line was slightly at odds with the sentence just 19 words later: “The source also recounted instances of Ring engineers ‘teasing each other about who they brought home’ after romantic dates.”

Creepy. But it gets creepier: apparently, to aid the computer vision efforts to help cameras identify objects (people, cars, cats, etc.), the Ring team used data operators in Ukraine “as a crutch for its lacklustre artificial intelligence efforts”. They would manually tag objects to train the software, and a second source reports that they sometimes used footage from household security cameras as well as the doorbells. The source said they had witnessed people kissing, firing guns and stealing. Though presumably not all at the same time.

All those clips the Ring devices would save in the cloud. Apparently, these were in a giant folder which contained every video created by every Ring camera accessible to the Ukrainian R&D team. These videos weren’t encrypted because of a “sense that encryption would make the company less valuable” thanks to the expense involved.

Things have reportedly improved since the Amazon acquisition, with a Ring spokesperson highlighting the “strict policies in place for all our team members”, and the fact that footage used for computer training is “sourced exclusively from publicly shared Ring videos from the Neighbours app”.

The spokesperson added: “We have strict policies in place for all our team members. We implement systems to restrict and audit access to information. We hold our team members to a high ethical standard and anyone in violation of our policies faces discipline, including termination and potential legal and criminal penalties. In addition, we have zero tolerance for abuse of our systems and if we find bad actors who have engaged in this behaviour, we will take swift action against them.”

That’s slightly reassuring, but probably not as reassuring as the feeling you’d get from just unplugging your camera once and for all. µ

Source : Inquirer

Previous ArticleNext Article
Founder and Editor-in-Chief of 'Professional Hackers India'. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.

Send this to a friend