Ring adds encryption tool as other security questions surface
Ring will begin protecting the data that travels through its cameras with end-to-end encryption.
The Amazon-owned home security firm announced its intentions to roll out end-to-end encryption, which will protect videos from being seen by unwanted third parties while streaming to customers’ devices, in September. The company said Wednesday it would begin a “technical preview” for the new data protection feature, which encrypts streams from the camera to the device where a footage is streamed.
Ring markets its devices as a way to boost neighborhoods’ and customers’ safety, but researchers have routinely accused the company of degrading customers’ security and privacy for years.
Meanwhile, TechCrunch on Thursday reported that the company’s companion application, Neighbors, has been exposing some users’ location and home addresses. The application, intended to allow users to anonymously share information with neighbors about crimes or violence captured on their Ring cameras, was collecting location information about posters from Ring’s servers, according to TechCrunch.
While the information was not visible to users, who normally only see an approximate area where events occurred, the issue nonetheless raises questions about Ring’s handling of user safety and privacy.
A Ring spokesperson said the company had resolved the issue in the Neighbors application.
“At Ring, we take customer privacy and security extremely seriously,” a spokesperson said in a statement to CyberScoop. “We fixed this issue soon after we became aware of it. We have not identified any evidence of this information being accessed or used maliciously.”
In 2019 thousands of Ring customers’ passwords and emails leaked, which could have allowed hackers to access live feeds of Ring cameras. Ring is also currently facing a class action lawsuit, which was amended last month, accusing the company of allowing hackers to break into their cameras and harass customers.
The company’s track record of working with police to allow police access to Ring surveillance cameras in real-time has raised alarm bells for digital rights advocates as well.
Researchers have found several vulnerabilities that raise concerns about Ring’s security and privacy. Ring previously had a security vulnerability that would have allowed hackers to intercept customers’ credentials and launch a larger attack, according to the Romania-based security firm Bitdefender. NCC Group and the advocacy group “Which?” found flaws in Ring devices last year as well that would have enabled hackers to remotely access the wireless network.