back to article Beset by lawsuits over poor security protections, Ring rolls out 'privacy dashboard' for its creepy surveillance cams, immediately takes heat

With criticism mounting, Amazon's Ring revealed a web dashboard of privacy controls it hopes will slash the number of horror stories coming from customers. On Monday, in time for this year's CES in Las Vegas, the home surveillance camera and internet-connected doorbell specialist made a point of unveiling an account control …

  1. whitepines Silver badge
    Joke

    It might take a bit more than a dashboard to fix this.

    Like, oh, possibly bringing up child endangerment charges against the parents for having cloud connected IoT tat in their house and accessible to the young'ns? Especially when said tat has a microphone, camera, speaker, etc.?

    Responsible parents shouldn't do that. <shouty politician>Won't someone think of the children!?</shouty politician>

    Joke icon yes, but part of me actually wonders if this would be justified in some odd way.

    1. Foxglove

      I know you've used the joke icon so you're not being serious, but then you say you might be justified in your thinking.

      Make your mind up.

      Anyway, if you purchase something from a reputable (yes, yes, I know) company you should expect a level of security, especially if it is marketed as a security device.

      The issue it seems to me isn't that the young'ns had access to the device but that some unknown person had access. That unknown person could have been on the other side of the world or outside the window.

      Still think it's funny?

      1. big_D Silver badge

        I think that was his point, the parents are using unsecured tech with microphone, camera and speaker to monitor their children.

        A major part of the problem seems to be the users. They are re-using passwords and not using 2FA.

        One can argue about whether the system should allow weak passwords and whether 2FA should be enforced - but a lot of people just wouldn't use the system, if they had to use 2FA.

        1. BebopWeBop Silver badge

          Or if 2FA was both easy to use and mandatory - setting expectations on users and not allowing them to bypass an already trivial confirmation system might not damage sales except to idiots with too much money to burn (oh yes, I forgot they make up a substantial part of the market)

      2. Michael Wojcik Silver badge

        if you purchase something from a reputable ... company you should expect a level of security, especially if it is marketed as a security device

        No, you really should not expect that. Particularly not if you've been paying attention.

        Even dedicated security firms aren't doing very well these days, as anyone who reads BUGTRAQ, or Full Disclosure, or RISKS, or SANS Newsbites, or pretty much any other IT-security news source should know.

        Of course it's reasonable for people not in the industry to be uninformed on those issues - though one might hope that someone buying "innovative" home-security equipment would do a little research. If you're in the industry, though, expecting security is not justified.

    2. This post has been deleted by its author

      1. Joe W Silver badge

        Re: At WhitePines...

        Depends on whether the parent is present and how old the child is. Would you let your kindergarten aged child play with a lighter without you being present? Hint: this counts as neglect (or whatever the legal term in your country might be).

        Seriously, we are all feeling so smug, so IT knowledge laden, so intellectually superior to the mere users (and it might have a spot, in some sense and some places) that it makes me sick at times (sure, I'm guilty of that as well). Those who know more should try and educate those who know less (and make sure companies do not get away with selling such poorly designed products).

        1. whitepines Silver badge

          Re: At WhitePines...

          My point exactly. It's a tool, a dangerous tool of somewhat questionable utility that the parents don't even understand the danger of. If I had my way I'd be making the manufacturer liable for this, i.e. they have to warn the product is not safe for children etc. and if they don't make it clear enough on the packaging such that parents install them anyway without understanding what they can do, then the vendors end up in court on some fairly nasty charges.

          This kind of thing isn't baby's first lighter, this is baby's first pack of smokes and a flamethrower added on.

        2. Headley_Grange Silver badge

          Re: At WhitePines...

          I'm not sure about the intellectually smug bit. As an old bloke, the world I grew up in had standards for everything to make sure they were safe and consumers could just buy stuff without having to worry about it being safe - I'm thinking of British Standards, CE marking, etc. This was relatively simple up to a few years ago because "safe" generally meant that I didn't get an electric shock, lose my fingers or the house wouldn't burn down. When I bought a plug for my new cassette player I didn't have to worry about it not being safe cos it's illegal to sell unsafe plugs and unsafe cassette players and as long as I wired it correctly and put the correct fuse in (as taught in school, believe it or not) then I wouldn't have to worry.

          Thing's have moved on with seven-league boots since then. When I buy a widget now not only can I not be sure it's safe in the old sense (buying Chinese stuff on the web) but there's a whole new world of possible "danger" opened up by the web, software and connectedness which is not covered by legislation or regulation other than (in the UK) a generic fit for purpose requirement, which, under UK consumer law, would require a civil court case against the *seller* (i.e. not necessarily the manufacturer) to prove anything (unless an org. like Which? took up a case against the manufacturer).

          In theory we need a set of standards for the IoT, security, updates, loss of functionality, bricking, etc. but if such standards were implemented there would be a couple of problems as I see it. Firstly, the pace of change in the industry would overtake the standards quite quickly - although I think that basics of safety, security, surveillance could be generic enough to be useful. Secondly, and most important, the cost impact would probably drive suppliers out of business or make the products so expensive that users would just buy knock off that didn't meet the regs; the main cost impacts being compliance and supportability.

          1. Jan 0

            @Headley

            I have just bought an excellent example Headley. My €1.5 mains powered mosquito zapper: a few blue LEDs and (I presume) a resistor bridging the two interdigitating metal combs connected directly to the mains. A flimsy plastic screen has holes big enough for a child's fingers to go through or an adults to easily push aside! Too simple to

            amuse Big Clive, but seriously out of line with EU safety standards.

          2. elaar

            Re: At WhitePines...

            "and as long as I wired it correctly and put the correct fuse in"

            But even with those safety standards you mention, it still required some level of intelligence on your part and a degree of skill/knowledge to use that "safe plug" in a safe way.

            Similarly, adults should be aware of the VERY simple and frequently discussed fact that passwords for anything connected to the internet should be reasonably complex, for reasons so obvious that those that aren't aware of it are the reason why we have "do not drink" labels on Bleach bottles.

            Whilst companies should do everything in their power to protect you, in reality they won't.

            1. Mark #255

              Re: At WhitePines...

              ...it still required some level of intelligence on your part and a degree of skill/knowledge to use that "safe plug" in a safe way.

              Which is why the The Plugs and Sockets etc. (Safety) Regulations 1994 made it illegal to sell mains-powered consumer products in the UK without a wired plug.

          3. Cuddles Silver badge

            Re: At WhitePines...

            "In theory we need a set of standards for the IoT, security, updates, loss of functionality, bricking, etc. but if such standards were implemented there would be a couple of problems as I see it. Firstly, the pace of change in the industry would overtake the standards quite quickly - although I think that basics of safety, security, surveillance could be generic enough to be useful. Secondly, and most important, the cost impact would probably drive suppliers out of business or make the products so expensive that users would just buy knock off that didn't meet the regs; the main cost impacts being compliance and supportability."

            Unfortunately there's a third problem you've missed - what is considered "safe" differs between people. In particular, what a government considers safe is very different from what ordinary people consider safe when it comes to surveillance. We already have politicians in several countries attempting to legislate the laws of mathematics when it comes to encryption. While IoT crap is a mess in its current state, I'm not sure I'd feel a lot better if it all followed a set of standards that included legally mandated back doors security holes.

            And that's before you even start thinking about the problems of how different countries might view things. With something like a plug, if it doesn't electrocute you in one country, it's probably not going to do so anywhere else. So physical safety rules tend to be fairly universal no matter where you sell your products (obviously as long as you pay attention to grid voltages and the like). An internet connected gizmo that needs to obey 200-odd different security standards is a lot more difficult to handle.

            There's certainly a case to be made for a sensible set of standards regarding things like providing updates, not being allowed to brick products remotely to force people to buy new things, and that sort of thing. But those are quality rules that, as with physical safety, are more-or-less universal no matter where you are. When it comes to actual security and safety, I see little possibility of getting any sensible standards that are actually agreed on by more than a few countries, and even less possibility of any country's government setting standards that I as a consumer actually agree with.

      2. whitepines Silver badge

        Re: At WhitePines...

        For effectively giving an unrestricted cell phone to a toddler to play with and keep in the bedroom at night with no supervision?

        Yes, I think that might just reach the right level. I shudder to think what's on the other end of that connection and what it might want to do to the kid, and the parents think they have no responsibility for enabling it.

      3. Cuddles Silver badge

        Re: At WhitePines...

        "You know what else has cameras, microphones, & speakers? Pretty much every cellphone produced in the last thirty years. Should the parents be jailed for putting one in the hands of their children?"

        Cellphones in 1990 all had cameras? I'm not sure that's entirely accurate.

        As for putting them in the hands of children, perhaps you should read the article a little more closely. Some of the children in question were somewhere around 4-5 years old (the oldest is currently 8, with two younger ones also in the same room). I won't say that parents giving a 4 year old child unsupervised access to a smartphone should automatically be locked up, but it sure as hell can't be considered good parenting. In much the same way that putting a hilariously insecure surveillance camera in a young child's bedroom may not be actually illegal, but you have serious issues if you think it's actually a sensible idea.

    3. doublelayer Silver badge

      I'm considering the statement "Joke icon yes, but part of me actually wonders if this would be justified in some odd way." as cancelling the sarcasm. That's a terrible idea. There are cameras, microphones, and speakers on lots of things, including laptops, phones, some desktops, and various other devices. If you include those devices that lack a camera but do have a microphone and speaker, that's almost every consumer electronic device.. And somehow, it's the users' fault when that device gets hacked? Instead of the manufacturer who could have made the device more secure? When it's already been pointed out that no matter how much the users might want to spend time and effort on a more secure configuration, they don't have the option?

      1. whitepines Silver badge

        OK, intent wasn't to cancel the sarcasm. Guess I just messed this one up.

        However, being serious, where does parental responsibility enter the picture? One could reasonably think that part of that responsibility involves selecting the types of items around the house that the children have unsupervised access to. Just like you wouldn't leave sharp scissors around or exposed wiring, you probably shouldn't leave an always-on cloud-connected item with speakers, camera, and mic where kiddies below a safe age can interact with it without parental supervision. Especially when you know you've ticked the boxes that say any hacking is your problem, not Amazon or Google's, to use the bloody thing in the first place. And if you don't know you ticked those boxes, maybe it's time the lawyers pay a visit to the vendor HQ.

        1. doublelayer Silver badge

          The problem is that you can apply that logic to anything at all. If a parent installs a desktop that has a camera on it, for example an all-in-one machine, they have now recreated the same environment. A malicious actor who gained access to that machine would have the same capabilities as one who gained access to this IoT device. They can't easily keep moving that desktop around with them.

          I don't think we'd believe them totally blameworthy if that computer got infected with malware to their detriment. Yet if it did, they're likely much more responsible for the problem than someone who installed this IoT device. From the sound of it, the cameras could be accessed with relative ease online by guessing a password, while getting malware onto a desktop usually requires the user to fall for a fake download or phishing email. On this basis, attempting to blame the parent for something the manufacturer could prevent seems limited at best.

      2. big_D Silver badge

        Up to a point, I agree...

        But the manufacturer offers 2FA, but the users don't use it, it is too inconvenient for them, so they stick with a weak password they can remember - because they use it everywhere.

        You can only protect users from themselves to a certain point - minimum password strength rules etc. Checking Haveibeenpawned? That could open up another can of worms, is it sufficient to check once, when the password is set? Or is it corporate negligence when they don't regularly check the password? But the password should be hashed, so they don't actually have the password to re-check.

        At the end of the day, each user has to decide for themselves what is adequate, but it is such a complicated topic, that uninformed users make uninformed decisions, which can come back to bite them.

        1. whitepines Silver badge

          Could probably make this easier by compiling a list of known user errors with the authentication method chosen (as an industry, we have really quite solid data here, we know nearly every trick the user will try with password auth, 2FA, etc.). Put that on a big red warning label on the box -- "FAILING TO FOLLOW THESE INSTRUCTIONS WILL PUT YOUR FAMILY AT RISK" etc. etc.

          If the clueless user wants to stay clueless, ignores the label, then it's undeniably their responsibility (and negligence, if a stalker comes after their kids via the unsecured IoT devices). No different than spilling hot coffee on yourself or microwaving unopened tins of food at that point; vendor clearly warned and said what had to be done and what the risk was for not doing it, not the vendor's fault. Right now, however, I really don't think the vendors are having to go far enough in disclosing the dangers of their tech when it is misconfigured.

          1. Headley_Grange Silver badge

            2FA

            I think you're right about the 2FA thing - it's not different from the seatbelt in the car; the car beeps at me but it still starts if I don't buckle up.

            Having said that - if I were Ring's CEO and kept seeing my company in the news in a bad light then I'd force 2FA on users.

        2. iron Silver badge

          You don't check the hashed password against the list, you hash the list and check it against your stored passwords.

          1. big_D Silver badge

            Yep, I thought about that after I posted.

      3. Michael Wojcik Silver badge

        If you include those devices that lack a camera but do have a microphone and speaker, that's almost every consumer electronic device

        Oh, please. I can find a hundred "consumer electronic devices" in my home right now that don't have a microphone or speaker. Without getting up from my seat I can reach out and touch eight of them (I just counted).

  2. Anonymous Coward
    Anonymous Coward

    Darling ...

    ... Erich Mielke's at the door.

    1. Anonymous Coward
      Anonymous Coward

      Re: Darling ...

      Why bother with a Back Door when Faschion Victims invite you in at their Front Door ?

  3. LDS Silver badge

    By-products are always a risk.

    If Amazon main business was doorbells, it would make better products, or it would go out of business quickly. But this is a by-product of its needs to deliver more boxes at lower costs, while gathering user data. So it has to be just "good enough" for its main aims. Everything else is just added costs to avoid.

    1. EnviableOne Silver badge

      Re: By-products are always a risk.

      Door bells are not a by-product, Ring was a seperate company styled as a "home security firm" untill amazon bought it back in Febuary 2018.

      They should know better.

      All it would take is the zxcvbn library to pick good passwords and run anything that passes against the HIBP API to chek ifi its pwned, and for belt and braces OAuth2 TOTP on top

  4. Anonymous South African Coward Silver badge

    And it doesn't alert owners to multiple logins from across the country or world – a tell-tale sign of an account compromise – nor limit the rate at which miscreants can attempt to guess account passwords. It does not direct people to use multi-factor authentication, nor does it require strong passwords, and nor does it reject username-password combinations known to be stolen from other websites. It basically fails to prevent netizens from falling foul of brute-force attacks and credential stuffing, and subsequent security device hijackings, by miscreants on the other side of the internet.

    That is a basic security feature most people tend to overlook or ignore.

  5. Dan 55 Silver badge
    Meh

    The news would be if an Amazon privacy dashboard weren't a total joke

    On their main tat-pushing website, devices can be authenticated to your account bypassing 2FA, there's no way of viewing all devices which are authenticated to your account in one place, and devices can make purchases without any confirmation PIN or 2FA.

    A stranger's TV went on spending spree with my Amazon account – and web giant did nothing about it for months

  6. David Austin

    The Big Question:

    Does a smart doorbell fix more problems than it creates?

    I don't think I am a Luddite, but it seems to replace one problem (Viewing and answering the door when you're not there) with several exciting new ones (points up).

    1. elaar

      Re: The Big Question:

      I was pondering this earlier today, when I saw that my neighbour has recently had one installed.

      I couldn't think of a single occasion where my life had been negatively impacted by not being home when someone rang my door bell.

      Most delivery people hide packages around my property (or throw them over the fence if it's Hermes), unless it requires a signature, which I can't do remotely through an e-doorbell anyway.

      So all I'm missing out on is the cold-callers and the religious folk, shame.

      Security wise, if you live in such a bad area that you need to video your doorstep, wouldn't a cctv camera covering the whole of the front of your house, with better quality video be a better option?

      1. Timmy B Silver badge

        Re: The Big Question:

        "I couldn't think of a single occasion where my life had been negatively impacted by not being home when someone rang my door bell."

        Just because it doesn't impact you it doesn't mean it doesn't impact anyone.

        As I said, elsewhere I can get half a dozen (not unusual - 9 is the record) health care types visit in one day for an elderly relative. If I'm not there for these people and my relative cannot get to the door then the Ring is a godsend. It even saves the callers time as I have stopped several accidental sendings of multiple people to do the same job (I once had three different people turn up in one day to take blood for the same test).

        Even when I am working from home I still answer using the ring as my office is upstairs and it's far quicker.

    2. Timmy B Silver badge

      Re: The Big Question:

      "Does a smart doorbell fix more problems than it creates?"

      Yes. Yes it does. But not for everyone. I have one of these but I live in a house with an elderly infirm relative and we can have up to half a dozen people visit each day to sort out various care and medical needs. Being able to "answer" the door when I am not in the house is brilliant. I also have several cameras and other things all working so I can monitor the house too.

      I have a friend that operates a hair salon from a cabin in their garden and ring is great for her too as it allows her to see, and let in, clients.

      I am aware of the potential issues and I don't reuse passwords (or even email addresses some of the time), use 2fa and read the documentation before I implemented these things. They run on a separate wi-fi network too.

      Joe Bloggs won't know how to make these things secure and I think the apps used to set them up should be much better and enforce sensible security precautions.

    3. Mandoscottie
      Joke

      Re: The Big Question:

      my partner has one of those dammed doorbells, only thing its good for is seeing cold callers faces @her pad, when a big arsed scotsmans voice shouts, "f*** off!" its as priceless onsite and remotely :D days of fun, but not worth the cost imo (almost)

      Overpriced piece of twat tat, with super annoying adverts.

      "hey what you doing in my garden" pfft try that up here and theyd turn around and shout "cracking one off on yer lawn hen!" and drop a number 2 equidistant on the lawn in view of Ring, in HD.

  7. Len Silver badge
    Thumb Down

    Fed up with my Ring Pro

    We’ve got a Ring as I liked the idea of being able to know when someone rang the doorbell and speak to them to put a package behind the bins or summat. I never cared about the video element.

    I now regret it. Apart from its now unadvertised working as a surveillance tool for third-parties I’ve also been underwhelmed by its technical quality. My most recent shock discovery is that the bell doesn’t ring when the internet is down! We are experiencing some issue with our internet stability at the moment and quite often miss people at the front door as they rang the doorbell just when the internet was down for a bit.

    There is a button at the front door, connected to the LAN over WiFi. There is a ringer inside the house, connected to the LAN over WiFi. Why on earth does the button first need to contact a server on the other side of the planet to inform it that someone pressed the button so the server can tell the ringer that is four metres from my front door that it should make a sound. Which moron designed that?!

    Sure, I fully understand that I won’t get alerts on my phone if the button can’t connect to the internet but surely it can just connect to the ringer over the LAN? You know, to let people in the house know that someone's at the front door and rang the door bell.

    Anyway, apparently Netatmo are working on a doorbell which hopefully works better. At least it would mean that any information about who leaves and enters our house or rings our doorbell will not be stored on American or Chinese servers.

    1. ThatOne Silver badge
      Big Brother

      Re: Fed up with my Ring Pro

      > Why on earth does the button first need to contact a server on the other side of the planet

      Because that's the whole point: Collect information. Forward some of that information to the user is just an option (actually the bait), but it's not mission critical.

      You seem to think that this gadget's point is to inform you if someone is at your door; Its point is to inform Amazon if somebody is at your door, as its work flow clearly demonstrates. You're but an afterthought, which also explains the appalling security: Amazon doesn't really care if strangers can watch you and tease/insult/abuse you or your family using those devices, the sucker user is not important in any way.

    2. Anonymous Coward
      Anonymous Coward

      Re: Fed up with my Ring Pro

      "There is a button at the front door, connected to the LAN over WiFi"

      If you are after a fix, nine times out of ten, the issue will be your wifi connection. Ring and a number of other IoT devices are low power devices and often aren't able to transmit at the same power as the WLAN AP they are talking too. The IoT device will receive a signal but fail to reliably transmit back to the AP.

      The simplest test is to check signal strength with a mobile phone app - if the signal is under "good/orange/-75dBm" (if there is no interference from other sources including neighbouring wifi) or "excellent/green/-60dBm" (if there is interference that you can't fix by changing the wifi channel) due to the number of wifi AP's you can see, you will likely need to move your wifi AP closer or get a booster. If connectivity is intermittent, its likely to be an interference issue

  8. Cynic_999 Silver badge

    Limit connectivity

    The easiest way to improve security manyfold (despite how lax the user is) is to have a physical button on or near the camera which must be operated before any new device can be authorised to connect to the camera. Give a 15 second or so window to press the button following a connection request from any new device, otherwise the request is cancelled. Maybe add the feature that too many failed attempts causes the camera view to turn red as a warning to the legitimate user.

  9. Cynic_999 Silver badge

    Police access

    I see no reason why the police or other authorities should have any access to camera footage without either the consent of the householder or a search warrant, same as would be needed in order to obtain CCTV footage that was stored locally. As it is, the police or local councils can monitor doorbell cameras to give parking fines or prosecute people for other minor infractions, TV licencing can listen in to see if there are sounds of broadcast TV etc.

    1. Timmy B Silver badge

      Re: Police access

      "I see no reason why the police or other authorities should have any access to camera footage without either the consent of the householder or a search warrant, same as would be needed in order to obtain CCTV footage that was stored locally. As it is, the police or local councils can monitor doorbell cameras to give parking fines or prosecute people for other minor infractions, TV licencing can listen in to see if there are sounds of broadcast TV etc."

      Citation Needed.... (for the UK, please, as you mentioned TV licencing).

  10. Rich 2 Silver badge

    CCTV

    A friend of mine has a Ring doorbell, facing out into the road giving a very clear view of anything and anyone going by.

    I was wondering if she is obliged to stick up a "Warning: CCTV" poster (I thought that was a legal requirement in the UK?). My other thought was is this legal at all? (but unfortunately, I think I know the answer to that one)

  11. Frumious Bandersnatch Silver badge

    誰かが

    リング」を述べましたか?

  12. fredj

    In my now, long life one thing I have learned is that Ring products are shoddy crap. I won't buy them and if any one in my family brings them into the house I check them very thoroughly and PAT test them as well. I know their owner will loose interest in them after a few weeks or they will break. Either way they will them vanish into our waste bins. Sorry to be so harsh.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020