Ring Reportedly Gave Employees Access to Customer Video Feeds

Megalith

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,000
Privacy-minded consumers who are seeking a security camera may want to avoid Ring: a recent report by The Intercept alleges the company’s employees have unlimited access to all video captured by Ring devices, which include video doorbells and stickup cams. A spokesperson claims otherwise, in that only publicly shared content is viewed for the purpose of improving the service.

The Information described how in 2016, the company granted inexperienced engineers in its Ukraine offices access to a database that contained Ring customers' video histories. Sources also told The Intercept that executives and engineers in the US were allowed access to live feeds of customers' cameras. They also described how Ring engineers would check out their coworkers' cameras and tease them when they saw them bringing dates home or show videos to other employees when they saw something of interest.
 
Damn that is stupid. That is why companies have Alpha\Beta groups (who get the stuff for free) if they want real world data without compromising customer private data.
 
We're giving online strangers constant access to see into our lives by having a cloud security setup because we're concerned about the occasional visit by a IRL stranger/delivery guy.

I was initially excited about these AIO doorbell systems but once I learned they were cloud/sub required I lost all interest. Maybe I'll do one of those Raspberry Pi projects.
 
Mega6 said:
did it. my images still have to to through a mail server under ssl / tls not under my control through to get to my phone / internet.
Click to expand...
Every try setting up an ip camera and then open vpn to get back to your internal network to view the feed?
 
Endgame said:
Every try setting up an ip camera and then open vpn to get back to your internal network to view the feed?
Click to expand...
no vpn, just ssl /tls under postfix, sendmail. motion detect of course. native pi camera. why connecting back in? makes no sense and double the trouble. two connections. vpn and internal.
 
You put a camera or microphone in your home and connect it to the internet, unintended people gunna watch and listen.

That's all anyone needs to know.
 
EODetroit said:
You put a camera or microphone in your home and connect it to the internet, unintended people gunna watch and listen.

That's all anyone needs to know.
Click to expand...

if u can get out - someone can get in. dont assume because your posting on a message board through a web browser - you're any safer.
 
Well this is what you get when you have some cloud based security service that costs what? 5 to 10 a month?
 
Those old DVR based video camera security systems are starting to look like the way to go. Then setup some type of device to device VPN for remote access.
 
I say people ought to know that companies and corporations will NEVER work in your interest unless it makes them money. Likewise, because data is today's gold, any data that can be harvested will be harvested, sold, sliced and diced. I don't think anyone can make a solid argument against that statement. Data IS gold and YOU are DATA, not a customer or a person, you're DATA. Even people who kind of understand privacy issues and the internet don't always make that connection. The fact that really, ANY data you put out there, ANY at all, will be sliced and diced, and it will be sold over and over until it becomes either useless or too low resolution. That's just part of a digital personality, which is what we are working towards, knowingly or not.

That said and sorry for the caps, those 'Ring' devices and others provide a lot of tantalizing services that seem to be so convenient... one might just.. ignore the potential for abuse. Oh look at those commercials, people all over install them. So convenient, so nice, so.. communal and safe. Yeah I said communal, since you can share cams with neighbors. Is that not weird to people?!

The former East German STASI would fucking lick their fingers for this shit, and we are fucking PAYING MONEY FOR THE DEVICES, then we complain but we don't do anything about it. Companies will say Oops Our Bad(TM) and nothing happens. People still buy these devices, fuck, gift them for christmas. Here, have a bug in your house, it's on us!

I'm rambling, I know. But seriously people, don't install bugs in your own home.

Oh and here's a funny anecdote. Some co-worker complaining how Microsoft collects data and all. I asked him if he has an Alexa or Google Assistant thing in his home. "Yeah, it's so great." I.. I don't know what to say without starting an argument you shouldn't have in your workplace.
 
This is incredibly reckless for Ring to do this. As another poster in the thread posted, have a beta group of people that understand what they are getting into. By default, the company should never have access.
Ideally, the video would be encrypted to the servers and stored on the servers encrypted. Proper audit controls should be in place to track access internally.
The company will say its for analytics or to improve the service (image/facial recognition?)
 
Mega6 said:
did it. my images still have to to through a mail server under ssl / tls not under my control through to get to my phone / internet.
Click to expand...

Why??? Even if that is true, you could encrypt/decrypt at the endpoints. I am having a hard time understanding why you would use email as the primary transport..
 
steakman1971 said:
The company will say its for analytics or to improve the service (image/facial recognition?)
Click to expand...
This is the common argument from most companies today, they are all planning on selling your data. They collect it from you, "scrub" the most private info to remain legal and sell you out, because they need the info to "improve customer experience".
 
Megalith said:
They also described how Ring engineers would check out their coworkers' cameras and tease them when they saw them bringing dates home or show videos to other employees when they saw something of interest.
Click to expand...


so they dont even respect themselves for privacy concerns. thats about all you need to know..
 
My boss use to give me access to all kinds of cameras when I had to build this multi cam feed app a few years go.

These people don't mind? "No", he said. Some were pretty fucking wealthy. I think one guy had his own island in Greece. Didn't see his wife, though.
 
Eymar said:
Damn that is stupid. That is why companies have Alpha\Beta groups (who get the stuff for free) if they want real world data without compromising customer private data.
Click to expand...


Wait up a sec?

Are you really considering who walks up to your door bell as privacy data?

I mean maybe this is just me, but I couldn't give a fuck if some smoes at this company can access video of who comes knocking at my front door, if they are picking their nose, or whatever.

But maybe that's just me and I'm being unreasonable.
 
Lol, if you have to ask then I hope you don't work in anything security related. No offense. I'm mean in only takes a few seconds to think why this is an invasion of privacy: Ring camera is in secured/gated premise like an apartment building, if motion/remote activated can monitor any person employee has interest in, taking pictures of visitors without their permission (extreme case that person is in witness protection or something), etc.
 
You must log in or register to reply here.
Back
Top