Search in blog
How to use PrivateRouter's app with a DDWRT Router5262 viewsHow to use PrivateRouter's app with a DDWRT RouterRead more
If your neighbors want to use your WiFi, they only need to steal the password for your doorbell. There was no need to ring, knock, or ask due to a vulnerability in the Amazon Ring doorbell. Bitdefender, a global tech security organization, discovered the glaring vulnerability in the Amazon device earlier this year. If gone unnoticed, hackers could have easily obtained access to the WiFi networks of hundreds of thousands of Ring users.
How Did It Happen?
Bitdefender discovered a vulnerability in Amazon Ring doorbells that transpires right as the device connects to the network. During that process, the password of the network is clearly displayed in plain text where it can easily be intercepted by hackers. Hackers with the WiFi password of a home’s network can surveil entire families.
Bitdefender explained the discovery as follows:
“When first configuring the device, the smartphone app must send the wireless network credentials. This takes place in an unsecure manner, through an unprotected access point. Once this network is up, the app connects to it automatically, queries the device, then sends the credentials to the local network.”
How Was it Fixed?
Amazon released a patch for the vulnerability before they even disclosed it. Currently, the vulnerability no longer exists for Amazon Ring users and there are no other known vulnerabilities with the device that may expose users’ home WiFi passwords to malicious entities.
Are Smart Home Devices Safe?
Smart Home devices constantly hit the market, and as soon as they’re released, new reports of vulnerabilities begin to pop up. In the race to corner the market in the growing niche of home automation, device manufacturers are prioritizing speed to store shelves over device safety.
Researchers were able to gain access to a Zipato smart hub, allowing themselves to unlock the back door of a home and allowing themselves to gain entry. This troublesome example is merely one of many. The security standards for smart home devices have not been well established, and users should proceed with caution when they decide to install a smart device. Some smart devices, like smart refrigerators or automated LED lighting, pose a lesser risk. The public should be most cautious about smart devices that can allow intruders to easily enter their home via hacking.
How Can These Vulnerabilities Be Prevented in the Future?
As the "internet of things" inside everyone's house gets bigger, people should consider isolating their smart home or home automation devices on separate WiFi networks or routers. VPN secured networks and VPN routers are generally safer, as hackers won’t be able to view the information being sent over these secured connections.
Even if you don’t currently utilize any of these devices, using a service like TorGuard VPN and connecting your devices through a VPN router will assure a maximum level of security in your home. You don’t want hackers to be able to hijack your Amazon Ring or your Zipato smart hub – but you also don’t want them to be able to access your online banking information every time you check your account balances at home.