In November 2019, CyberScoop reported a major security vulnerability in Amazon’s Ring app. As Jeff Stone reported, Amazon’s Ring service contained a security vulnerability that allowed hackers to intercept a customer’s Wi-Fi username and password, which in turn could be used to launch larger attacks on the network.
The Ring app has already raised a number of privacy and civil liberty concerns, as the Electronic Frontier Foundation reported in August 2019. According to a July 2019 report by Gizmodo, Amazon has partnerships with more than 225 police departments, which not only promote Amazon’s product, but also, under certain circumstances, use video data collected by it.
“This is a classic example of how more surveillance does not mean more safety,” said Evan Greer, Deputy Director of Fight for the Future. “Amazon has consistently shown reckless disregard for privacy and civil liberties, but this is terrifying on a whole other level.” Greer called for Congressional investigation of Congress Amazon for its “rapidly spreading, for-profit surveillance dragnet.”
As Stone wrote for CyberScoop, the security flaw in Amazon’s Ring app is only the latest example of connected technologies that promise home security while actually introducing new vulnerabilities. Previously, hacks of Netgear home surveillance cameras enabled outsiders to see video recorded in peoples’ homes, while Zpitao smart hubs, which promise the convenience of locking or unlocking doors remotely, can also be hacked.
In December 2019, Dell Cameron and Dhruv Mehrotra reported for Gizmodo that a new investigation casts further doubts on Amazon’s privacy safeguards, offering “the most ‘striking’ and ‘disturbing’ glimpses yet, privacy experts said, of Amazon’s privately run, omni-surveillance shroud that’s enveloping U.S. cities.” Cameron and Mehrotra described how 65,800 individual posts shared by users of the Neighbors app, covering 500 days, reveal the extent to which Ring video surveillance has infiltrated American neighborhoods, raising important questions about “the privacy trade-offs of a consumer-driven network of surveillance cameras controlled by one of the world’s most powerful corporations.”
Jeff Stone, “A Flaw in Amazon’s Ring Doorbells Leaked Customers’ Wi-Fi Credentials,” CyberScoop, November 7, 2019, https://www.cyberscoop.com/ring-doorbell-wi-fi-flaw/.
“Amazon’s Ring Doorbells Leaks Customers’ Wi-Fi Username and Password,” Fight For The Future, November 7, 2019, https://www.fightforthefuture.org/news/2019-11-07-amazons-ring-doorbells-leaks-customers-wi-fi/.
Matthew Guariglia, “Amazon’s Ring Is a Perfect Storm of Privacy Threats,” Electronic Frontier Foundation, August, 8, 2019, https://www.eff.org/deeplinks/2019/08/amazons-ring-perfect-storm-privacy-threats.
Dell Cameron, “Everything Cops Say About Amazon’s Ring Is Scripted or Approved by Ring,” Gizmodo, July 30, 2019, https://gizmodo.com/everything-cops-say-about-amazons-ring-is-scripted-or-a-1836812538.
Dell Cameron and Dhruv Mehrotra, “Ring’s Hidden Data Let Us Map Amazon’s Sprawling Home Surveillance Network,” Gizmodo, December 9 2019, https://gizmodo.com/ring-s-hidden-data-let-us-map-amazons-sprawling-home-su-1840312279.
Student Researcher: Jose Cervantes (Sonoma State University)
Faculty Evaluator: Soo Yeon Yoon (Sonoma State University)