Ring says the vulnerability was fixed in September, but it did not report the problem until now. Wouldn't you think Ring owners would have wanted to be notified immediately upon discovery so they could at least change passwords on their Wi-Fi routers?
TN has said many times that Big Tech Technocrats barely treat security even as an afterthought. Getting products to market is far more important than consumer security and safety. ? TN Editor
A new report from security researchers alleges that Amazon Ring doorbells have exposed users' home Wi-Fi passwords to hackers.
TechCrunch reports that security researchers at Bitdefender have claimed that Amazon Ring doorbells were sending users Wi-Fi passwords in cleartext as the doorbell joins the home network. This would allow hackers to intercept the Wi-Fi password and gain access to users' local network.
Bitdefender stated: "When first configuring the device, the smartphone app must send the wireless network credentials. This takes place in an unsecure manner, through an unprotected access point. Once this network is up, the app connects to it automatically, queries the device, then sends the credentials to the local network."
All of this happens over an unencrypted connection which exposes the Wi-Fi password being sent over the air. The vulnerability was reportedly fixed by Amazon in September but the vulnerability was only recently disclosed.