Article 6K53H Retailers Selling Thousands Of Identical, Easily-Hacked ‘Smart’ Doorbells

Retailers Selling Thousands Of Identical, Easily-Hacked ‘Smart’ Doorbells

by
Karl Bode
from Techdirt on (#6K53H)
Story Image

As we've noted for a very long time, sometimes dumb" tech is often the smarter option. In the rush to connect every conceivable technology and device to the internet (while seeing ever-improving revenues), smart technology" companies routinely cut corners. And the first sacrifice usually made (behind customer service) tends to be consumer privacy and device security.

A new investigation by Consumer Reports found that major retailers like Amazon, Sears, Temu, and Walmart are selling thousands of different types of video doorbells that all have the flimsiest security imaginable. As a result, many of the devices can be hacked - sometimes from thousands of miles away - providing intruders access to your home video feeds.

Simply knowing a device's serial number in some instances provided easy access to user video. Many doorbells failed to even encrypt the public IP addresses and Wi-Fi SSIDssent over the internet. And in some instances, all it took was an attacker walking up to the physical device and putting it into pairing mode to gain access to live and recorded video streams.

The thousands of cheap, usually Chinese-made, video doorbells are sold under different brand names (like Eken and Tuck), but are otherwise virtually identical - down to the painful lack of security:

The two devices stood out not just because of the security problems but also because they appeared to be identical, right down to the plain white box they came in, despite having different brand names. Online searches quickly revealed at least 10 more seemingly identical video doorbells being sold under a range of brand names, all controlled through the same mobile app, called Aiwit, which is owned by Eken."

Consumer Reports contacted the companies involved and received no response whatsoever. Past studies by the organization have shown that even more reputable brands in the smart doorbell space don't have particularly robust security. Brands like Amazon's Ring and Google's Nest have also had plenty of problems, including companies' more-than cordial relationship with law enforcement.

But as Consumer Reports notes, retailers also have some responsibility to not sell absolute garbage that not only doesn't work, but puts potentially vulnerable people (like victims of stalkers) at additional risk. And by selling so many terrible products under so many different brand names even tracking the scope of the problem becomes an uphill climb for researchers.

External Content
Source RSS or Atom Feed
Feed Location https://www.techdirt.com/techdirt_rss.xml
Feed Title Techdirt
Feed Link https://www.techdirt.com/
Reply 0 comments