Computer security researchers have discovered a security vulnerability in Ring connected bells, marketed by Amazon.
The flaw exposed the Wi-Fi password to which the bell is connected to possible hacking, according to Bitdefender.
A connection without encryption
When the video doorbell is set to the home Wi-Fi network, the smartphone with which the synchronization is done sends the Wi-Fi password to enable the connection.The problem, according to the computer security firm BitDefender, is that the password then transits in clear on the network, without any encryption. Thus, a person in the vicinity and with the appropriate hardware can seize it without hindrance.
Amazon fixes the problem, the loopholes of the IoT remain
If BitDefender revealed its discovery on Friday, Nov. 8, Amazon would have solved the problem in September.In addition to the case of Ring - who had already been criticized on the occasion of Halloween for having unveiled the faces of children on the networks - it is the whole question of the security of the connected objects which questions.
In particular, we think of the popular connected speakers who are regularly blamed for their lack of security.
Source: TechCrunch
0 Comments