Amazon has now implemented its controversial ‘Sidewalk’ initiative, an experimental service that will automatically turn every Echo speaker, Ring camera and other Amazon device into a shared wireless network. It works by sharing a small slice of internet bandwidth with nearby neighbours who don’t have a connection (and vice versa) so as to create city-wide ‘mesh networks’ that help keep Amazon devices connected at all times even when home wifi is unavailable. Naturally, this raises a number of stark cybersecurity concerns.
<p>According to Amazon, Sidewalk was designed with various precautions to prevent abuse. The system design includes data protection and privacy measures such as PKI for authentication, multiple levels of encryption, randomised ID’s, and data minimisation to avoid impacting network performance.</p> <p><br /><br />While this theoretically provides a solid foundation for security, anytime data travels across a foreign network, risk is introduced. With Sidewalk, data will be travelling freely across neighbour’s networks. While most individuals won’t inspect this data, it opens the door for abuse.</p> <p><br /><br />Sidewalk claims to utilise PKI to enable device authentication and secure network communication. However, they are using multiple Certificate Authorities (CA’s), and provide little information on how the PKI is implemented. One concerning excerpt from the Sidewalk whitepaper says \"a Sidewalk CA issues the Sidewalk Network Server certificate, while the Application Server can be a self-signed certificate or a certificate signed by Sidewalk CA.</p> <p><br /><br />Amazon does not provide full details on when a self-signed certificate can be used or how that is integrated into the overall architecture of the solution. Usage of self-signed certificates fails to meet PKI best practices and raises concerns about the integrity of the overall system.</p> <p><br /><br />Without a detailed security audit, it is impossible to determine what risks this raises, but it raises concern over the potential for abuse. If a bad actor creates a self-signed certificate for an application server, this could lead to a plethora of security risks.</p>