Finally! Ring Doorbells get End-to-End Encryption, but There’s a Big Catch

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Amazon’s Ring unit is moving ahead with plans to allow end-to-end encryption (E2EE). U.S. customers can turn it on now, with the feature rolling out to other countries any second now.

But there’s always a catch. You need to remember a huge random passphrase. And a lot of features will stop working—including the ability to resell your device on the used market.

Is it a dark pattern? If it walks and swims and quacks like one, then it probably is. In today’s SB Blogwatch, we’ve got a bad feeling about Ring.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Turning into random objects.

I’m Sorry, Dave; I’m Afraid I Can’t Do That

What’s the craic? Jay Peters reports—“Ring’s end-to-end encryption … available now”:

More secure
Ring’s end-to-end encryption for video streams is leaving technical preview, is now available to US users, and is currently rolling out globally. … The opt-in feature makes it so that your video streams can only be viewed by you on an enrolled iOS or Android device.

Ring first announced video end-to-end encryption in September 2020 and launched the technical preview in January. … If you use two-step authentication to provide extra security to your account, Ring now supports authenticator apps, which [is] more secure than SMS.

And Steven J. Vaughan-Nichols adds—“Amazon is finally delivering it”:

Use E2EE—I will be
Did you know that that handy video your Ring doorbell takes … isn’t private? … Not only are your videos kept in the Amazon Web Services (AWS) cloud, [but they’re] transmitted in the clear.

A sufficiently motivated hacker, or your local police force, can easily watch who’s walking by your door. Until now. … If you decide to install this optional privacy feature, you’ll need to install a new version of the Ring application on your smartphone. Once installed, it uses a Public Key Infrastructure (PKI) security system based on an RSA 2048-bit asymmetric account signing key pair.

You’ll also need to set a passphrase, which you must remember. … If you lose it, you’re out of luck. [But] if you value your privacy, and you still like the convenience…

Source…