Amazon’s Ring doorbells are constantly making up to the headlines. Earlier in October, Ring doorbells were alleged for providing surveillance footage to local law enforcement. Whereas now the tech has come into limelight for exposing user’s home Wi-Fi passwords.
According to Bitdefender, a Romania-based security technology company, Ring doorbells were sending out owners’ Wi-Fi passwords in plain cleartext, as the product was connected to a local network, which opened the door for hackers to intercept these passwords while offering access to customer’s network for conducting surveillance or for planning a larger attack.
Bitdefender explained that, while configuring the doorbell for the first time, the smartphone app is required to send the credentials of its wireless network, which is transmitted in an unsecured manner via an insecure access point.
Once the network is running, the application connects to the network automatically and verifies the device that then transmits the credentials to its local network. However, all these procedures are conducted over an unencrypted connection, which then exposes the Wi-Fi password.
Earlier in September, Amazon had resolved the vulnerability from all its Ring devices, but the issue sprang back recently. Amazon was also previously accused for sharing the surveillance data from its Ring doorbells to the local law enforcement.
According to reliable sources, a new campaign by the digital rights group Fight for the Future was calling for Congress to investigate Amazon’s surveillance system. The investigation was a result of a recent speculation that said that Amazon was aiding police to create a surveillance network with the help of its Ring doorbell cameras.
Implementation of this idea would possess a threat to civil security, privacy and liberties said the group. Moreover, Evan Greer, Deputy Director, Fight for the Future group commented that Amazon is not the appropriate organization to protect people.