Finally! Ring Doorbells get End-to-End Encryption, but There’s a Big Catch
Amazon’s Ring unit is moving ahead with plans to allow end-to-end encryption (E2EE). U.S. customers can turn it on now, with the feature rolling out to other countries any second now.
But there’s always a catch. You need to remember a huge random passphrase. And a lot of features will stop working—including the ability to resell your device on the used market.
Is it a dark pattern? If it walks and swims and quacks like one, then it probably is. In today’s SB Blogwatch, we’ve got a bad feeling about Ring.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Turning into random objects.
I’m Sorry, Dave; I’m Afraid I Can’t Do That
What’s the craic? Jay Peters reports—“Ring’s end-to-end encryption … available now”:
More secure”
Ring’s end-to-end encryption for video streams is leaving technical preview, is now available to US users, and is currently rolling out globally. … The opt-in feature makes it so that your video streams can only be viewed by you on an enrolled iOS or Android device.
…
Ring first announced video end-to-end encryption in September 2020 and launched the technical preview in January. … If you use two-step authentication to provide extra security to your account, Ring now supports authenticator apps, which [is] more secure than SMS.
And Steven J. Vaughan-Nichols adds—“Amazon is finally delivering it”:
Use E2EE—I will be”
Did you know that that handy video your Ring doorbell takes … isn’t private? … Not only are your videos kept in the Amazon Web Services (AWS) cloud, [but they’re] transmitted in the clear.
…
A sufficiently motivated hacker, or your local police force, can easily watch who’s walking by your door. Until now. … If you decide to install this optional privacy feature, you’ll need to install a new version of the Ring application on your smartphone. Once installed, it uses a Public Key Infrastructure (PKI) security system based on an RSA 2048-bit asymmetric account signing key pair.
…
You’ll also need to set a passphrase, which you must remember. … If you lose it, you’re out of luck. [But] if you value your privacy, and you still like the convenience of Ring, I encourage you to use E2EE. I will be.
Wait. Pause. “Transmitted in the clear,” you say? roc97007 has a TILT moment:
Wow”
Wait, what? … They were sending data in the clear all this time?
Wow, that’s so last century.
But raxxorrax thinks that’s a misunderstanding:
Transport layer”
They probably always had encryption. Amazon enforces it for the transport layer.
Horse’s mouth? Amazon’s anonymous PR gnomes profit in this “Whitepaper”:
Autogenerated passphrase”
E2EE’s enhanced security and privacy feature requires some functionality trade-off as certain capabilities require processing and analysis of decrypted video content. For instance, applying computer vision to video content cannot be performed if the content is encrypted – any Ring cloud service that needs to decrypt videos for processing will not work. (Also, turning on E2EE will not encrypt any videos created before E2EE enrollment – the service only encrypts videos created after enrollment.)
…
Therefore, features such as Motion Verification and People-Only Mode will be disabled. Some of our users prefer the functionality trade-off for enhanced security and privacy.
…
When the user begins the process of enrolling E2EE … the app presents a 10-word autogenerated passphrase … generated locally by the Ring app [which is not] retained on the device. … If the user [later] needs to enroll a new mobile device … the user provides the passphrase … in their new Ring app. [So] it is recommended the user securely store a copy of the passphrase.
…
Planned Ring E2EE improvements will include enhancements to passphrase generation to reduce the possibility of offensive phrases.
Hilarious “possibility” aside, how does Amazon expect regular users to remember a random 10-word phrase? And CricTic points out some other downsides:
You will not be able to …”
A bunch of features get turned off … so I’m glad they are making users opt-in. Here are a few of the features our family uses all the time that wouldn’t work: …
- Shared Users (like a spouse) will not be able to view your videos
- You will not be able to view encrypted videos on Ring.com, the Windows desktop app, the Mac desktop app, or the Rapid Ring app.
- You will not be able to use Live View from multiple mobile devices simultaneously.
- You will not be able to use the Event Timeline.
- You will not be able to see Rich Event Notifications (camera snapshots in the notification)
- You will not be able to watch Ring videos on Amazon Echo Show, FireTV, or FireTablet.
In a similar vein, here’s westlake’s bloody critique:
Mobile devices”
One reason the camera is there is so the video can easily be reviewed in my absence if things go south. If I didn’t think intrusion was a risk I wouldn’t have installed the system.
Binding the feed to a unique cell phone or set of phones and a potentially irretrievable key code doesn’t appeal to me. And I am not that welded to mobile devices.
Now law enforcement can only get footage from you, not Amazon? u/gurenkagurenda waves the IANAL card:
The whole point”
Yes, they can ask you for it. And if they don’t have a warrant, you can tell them to **** off.
…
Because it’s end to end encrypted. That’s the whole point.
Meanwhile, isn’t 2048-bit RSA enough for you? CryptoNred snarks it up:
When do I get a post-quantum doorbell? Modular multiplicative group exponentiation isn’t my jam. When do I get isogeny- or lattice-based encryption for my front door?
And Finally:
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE. 30.
Image sauce: Michael Cornelius (cc:by-sa)
