Last minute geek

last minute tech news from around the net

Tuesday, Apr 23rd

Last update04:31:00 AM

You are here: English BoingBoing ibag Whistleblower: Amazon Ring stores your doorbell and home video feeds unencrypted and grants broad "unfettered" access to them

Whistleblower: Amazon Ring stores your doorbell and home video feeds unencrypted and grants broad "unfettered" access to them

User Rating: / 0
Sources "familiar with Ring's practices" have told The Intercept that the company -- a division of Amazon that makes streaming cameras designed to be mounted inside and outside your home -- stores the video feeds from its customers' homes in unencrypted format and allows staff around the world to have essentially unfettered access to these videos. Of particular note is a team of Ukrainian researchers who are charged with improving the product's facial recognition tools as part of the company's push to turn Ring doorbells into a private surveillance grid that conducts continuous streetwide surveillance and alerts homeowners of undesirable strangers near their homes (Ring's description of this program omits any mention of facial recognition, but leaked internal images clearly show facial recognition in action). Since 2016, this team has had "virtually unfettered" access to every Ring customers' camera videos, which are stored in Amazon's S3 cloud without encryption. In the USA, a broad group of engineers and executives are able to call up any customer's videos with no access controls, merely by searching on the customer's email address. The Intercept's source claims that Ring employees used this to spy on each others' romantic evenings, teasing each other about the people they'd brought home and exposed to a Ring camera. Storing data in the clear means that a single unethical employee -- or security failure -- could expose every Ring customer in the world to privacy breaches. Granting broad internal access to this video significantly increases the likelihood of a breach. Read the rest

Read all
Comment Policy:
We pre-moderate any comments and welcome all kinds of thoughts, supportive, dissenting, critical or otherwise. We delete or censor comments that are:

* abusive
* off-topic
* contain personal attacks, or against any company or organization
* promote hate of any kind
* use excessively foul language
* is blatantly spam or advertising

We do not discriminate based on the person who is posting, and we never censor comments for political or ideological reasons. We never delete an appropriate comment because we disagree with its viewpoint or ideology, and we never publish an inappropriate comment because we agree with or support its viewpoint or ideology.

Attention spammers: we manually approve all comments. Spamming and blatant advertising will NOT be published on this site and is deleted immediately, you've been warned, do not waste your time here.

Add comment

Security code