Franc Chelle, an American mother, amassed nearly 15 million views on TikTok when she uploaded a video that has been scaring a lot of American parents, particularly the ones who have installed Ring cameras at their homes. Ring is a home security company owned by Amazon that sells cheap, Internet-connected smart doorbells and in-home cameras.
In the viral TikTok video, Chelle’s husband is seen kissing their son goodnight while the infant fearfully points at the Ring camera placed above his crib.
When his parents start enquiring what’s wrong, the baby just replies in his native Spanish, “It’s saying... Want ice cream.”
It turns out that Chelle’s son has been regularly hearing voices from the Ring, apparently that of a boy asking him for ice-cream. The apparent case of hacking was addressed by Ring’s customer service with the parents being instructed to change their Ring passwords and two-factor authentication.
“I’m not trusting their security cameras anymore,” says Chelle in one of her TikTok videos.
Ring’s previous controversies with mass surveillance: Ring’s products are garnering popularity for their low prices as well as controversy for hacking and other security issues in America. With the company partnering with local police organisations, civilians in the country are also complaining about Ring contributing to a mass surveillance network.
For those catching up.— Stephen Punwasi 📉🎄🎅🏼🐈 (@StephenPunwasi) August 5, 2022
July 2022: Amazon admits it gave video recordings made with its Ring security camera hardware to police without consent or a warrant.
Aug 2022: Amazon buys Roomba, which uses cameras instead of less intrusive LIDAR like @NeatoRobotics.
In fact, in November 2020, a state-sponsored initiative in Jackson, Mississippi, even allowed Ring users to allow police to livestream their cameras at any time!
Possibilities of hacking and other security vulnerabilities with Ring devices: What happened with the infant is not the only security breach with a Ring camera as past instances show.
According to a 2019 piece by Motherboard (the tech outfit of Vice) aptly titled “We Tested Ring’s Security. It’s Awful.”, it has become quite easy for hackers to attack customers by turning their own Ring cameras against them. As the Ring’s security footage can be accessed with the required email address and password, hackers have found their way in not just finding the compromised login details but also harassing and taunting the camera owners.
From a hacker hurling racist remarks at a Florida family to live-streaming the abuse on a Discord podcast Nulled-Cast, several such cases have increased after 2019.
Amazon Sidewalk adds to the privacy problems: Amazon devices like the Ring cameras and the Alexa-powered Amazon Echo have an in-built feature called Sidewalk. Basically a long-distance, low-bandwidth network system, Sidewalk is already enabled by default without the user’s consent and in the case of Ring, it has led to massive cyber-security concerns.
Sidewalk basically allows Amazon devices owned by different users to communicate and transmit data without consent of either owner. So, yes, if you own a Ring, there are chances that the stranger jogging in the neighbourhood can connect to your network.
A more practical example would clear the picture. Let’s say there’s a power cut and your Ring has been disabled as it needs the Internet to remain functional. So, what do you do? Well, if your neighbour too has a Sidewalk-enabled Amazon device, you can just tap into their network and ensure your own Ring or Echo is working. This attempt at making a shared network of Amazon devices in a locality is concerning.
Amazon claims that the monthly upper limit for using other’s data through Sidewalk is 500 MB, but it is still concerning as it can lead to privacy breaches. It is, after all, making it easier for American hackers and law enforcement agencies to map the growing Amazon surveillance network, revealing the locations of thousands (or maybe even more) users of Ring cameras.
So, how has Amazon responded to it? Over the years, Amazon has been criticised for not detailing the primary and secondary security concerns that can arise out of their Ring devices or tech like Sidewalk. Instead of preparing any contingency plans, Ring has placed the blame on customers.
Back in 2019 when the security concerns started gaining media attention, Ring put out a blog post. Dated December 12, 2019, the post is titled “Ring’s Services Have Not Been Compromised – Here’s What You Need to Know”.
One of the statement’s highlights says, “As a precaution, we highly encourage all Ring users to follow security best practices to ensure your Ring account stays secure.”
But, as for back-up options like ensuring that someone from an unknown IP address is not logging in a Ring device or the ability to check how many users are currently logged in, they are still not a part of Ring’s measures and contribute further to the public fears.