Ring Is Testing End-To-End Encrypted Videos For Their Smart Doorbells

It has been reported that Ring has launched a technical preview of video end-to-end encryption to bolster the security of home video feeds. This week, the Amazon-owned smart doorbell maker said the feature is currently being rolled out to customers in order to elicit feedback, and if it proves to be successful, end-to-end video encryption could eventually be offered to users that want to add an “additional layer of security to their videos” as an opt-in feature. “We will continue to innovate and invest in features that empower our neighbors with the ability to easily view, understand, and manage how their videos and information stay secure with Ring,” the company says. 

Subscribe
Notify of
guest
2 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Eoin Keary
Eoin Keary , CEO and Cofounder
InfoSec Expert
January 15, 2021 12:52 pm

<p>End-to-end encryption should be standard, not something people have to opt in to, in my opinion. Consumers who purchase IoT devices such as Ring may not be savvy enough to consider the implications of no end-to-end encryption. Vendors should provide strong security controls when it comes to the protection of consumers privacy, and these should be enabled by default. Not enabling end-to-end encryption in relation to physical security devices such as Ring may lead to unauthorised monitoring of consumers’ home and turn into a physical security risk.</p>

Last edited 1 year ago by Eoin Keary
Martin Jartelius
Martin Jartelius , CSO
InfoSec Expert
January 15, 2021 1:30 pm

<p>When we researched Ring equipment when they hit the market, they carried all the hallmarks of IoT technology rushed to market, including undocumented possibilities to extract the Wi-Fi passwords from the devices and a range of other risks privately disclosed to Ring at the time. It is good to see that those issues are long gone and that the vendor is pushing forwards to increase the control over information it offers to its users. It should be noted however that adding encryption for the feeds as such relies entirely on the vendor, which is already what is safeguarding the information today – the initiative is good, but the primary risk, the vendor or an entity accessing information via the vendor, still remain. Completely regardless of this, it’s still great to see something that had potential but also substantial challenges rise to take a very serious positioning in regards to security.</p>

Last edited 1 year ago by Martin Jartelius
Information Security Buzz
2
0
Would love your thoughts, please comment.x
()
x