Ring reportedly gave employees access to customer video feeds

Discussion in 'Cyber Security' started by actran, Jan 10, 2019.

Share This Page

  1. actran

    actran Pulling my weight

    Joined:
    May 8, 2016
    Messages:
    309
    Likes Received:
    104
  2. GCoco

    GCoco Pulling my weight

    Joined:
    Jun 29, 2015
    Messages:
    336
    Likes Received:
    115
    Location:
    Louisiana
    Another example of why not to use cloud based storage,
     
    Mike, Philip Gonzales and mat200 like this.
  3. crw030

    crw030 Known around here

    Joined:
    Apr 26, 2016
    Messages:
    511
    Likes Received:
    257
    Location:
    Colorado
    All I can say, is once something goes out to the internet you should never expect for it to completely disappear. You are really putting a lot of faith & trust in these cloud providers that 1) they wont share/misuse access they likely have to your cloud-connected camera, 2) they will make and update the device to keep it completely secure from hackers and 3) their cloud setups are secure and careful managed to avoid improper access.

    You see data breaches often because it is very hard to properly setup secure cloud service access for someone without that specific expertise, which does not inadvertently provide access either to someone that gains a password of someone with access or understands the Amazon ecosystem better than your IT team and can locate and login to these systems. With conventional IT and business resources tinkering with cloud services there will be continued surprises I have no doubt.
     
  4. icecoffee

    icecoffee Getting the hang of it

    Joined:
    Oct 3, 2018
    Messages:
    72
    Likes Received:
    43
    Location:
    Houston
    I used Ring Pro video doorbell for a year and dig them after my trial end. From my experience with many call to them, their normal CS need your authorization to access the device remotely but level 2 CS don't have to, all they need is your email and they can have total access, control of it.
     
    Philip Gonzales and mat200 like this.
  5. crw030

    crw030 Known around here

    Joined:
    Apr 26, 2016
    Messages:
    511
    Likes Received:
    257
    Location:
    Colorado
    On one hand it makes sense (if you think of the people most likely going to buy the Ring product) that CS would need to be able to help them through the process of setting the cameras up and assisting in troubleshooting, but would be completely different if it at least had to be authorized each time.

    However, the thought that you are basically giving ANYONE (at any level) the ability to peer into your life without you knowing (and by extension hackers/curious that can gain access to their subsystems or POTENTIALLY law enforcement without a warrant), should be absolutely terrifying in the USA, and that doesn't even speak to the risks associated with a country that has fewer protections from government abuse.
     
    mat200 likes this.
  6. icecoffee

    icecoffee Getting the hang of it

    Joined:
    Oct 3, 2018
    Messages:
    72
    Likes Received:
    43
    Location:
    Houston
  7. mat200

    mat200 IPCT Contributor

    Joined:
    Jan 17, 2017
    Messages:
    4,299
    Likes Received:
    2,277
    The slippery slope of monopoly powers and industry consolidation issues:

    HOW soon until Amazon starts to demand videos from your cameras when you report a lost package?

    Most people will probably be OK with that.. however, the devil is always in the details and things begin to get more complex now as companies which has access to your data / videos /audio can be compelled by warrants to provide others access your data in the cloud

    Some of this will be good to counter delinquents, however it can also be abusive. ( example: TSA agent calls in sick when there is no pay check - Government representative questions it and asks for data from IoT and Internet Connected devices and cell to confirm - discovers agent is working as Uber driver to pay bills - fires agent.. )
     
  8. Mr_D

    Mr_D Getting comfortable

    Joined:
    Nov 17, 2017
    Messages:
    572
    Likes Received:
    472
    Location:
    Southern California
    And now they have cameras they're pushing for indoor use. No thanks.
     
    Philip Gonzales likes this.
  9. mat200

    mat200 IPCT Contributor

    Joined:
    Jan 17, 2017
    Messages:
    4,299
    Likes Received:
    2,277
    Indeed numerous potential pitfalls already to catch those employees calling out sick.

    In terms of warrants - DHS does unwarranted searches of citizens already, so it would not be out of standard operating procedures for a DHS manager to do this similarly to his/her employees, in fact they probably already have consented to it in their employment contracts.
     
  10. mat200

    mat200 IPCT Contributor

    Joined:
    Jan 17, 2017
    Messages:
    4,299
    Likes Received:
    2,277
    Guess it really depends on how powerful AFGE is.
     
    dark current likes this.
  11. TonyR

    TonyR IPCT Contributor

    Joined:
    Jul 15, 2014
    Messages:
    3,532
    Likes Received:
    3,243
    Location:
    Alabama
    You won't see me beating down the door of Ring's owner, amazon.com, to sign up for Amazon Key. Sure I'm a Prime member but I sure as heck won't give these untrustworthy dweebs an Internet-connected "key" (lockset) to my house so the package deliverer can open my door and place my packages.

    So folks are worried about their packages but NOT the security and sanctity of their own house and family? What could possibly go wrong?

    Seriously, people.....think about it. :screwy:
     
    J Sigmo, JNDATHP, looney2ns and 2 others like this.
  12. icecoffee

    icecoffee Getting the hang of it

    Joined:
    Oct 3, 2018
    Messages:
    72
    Likes Received:
    43
    Location:
    Houston
    Amazon just introduced MyQ garage which they can deliver the package inside your garage.
     
  13. Q™

    Q™ IPCT Contributor

    Joined:
    Feb 16, 2015
    Messages:
    4,291
    Likes Received:
    2,851
    Location:
    Megatroplis, USA
    As I understand it, Amazon pays their lower tier workers dirt; I'm not letting dirt workers into my home.
     
    gregbert, JNDATHP and th182 like this.